A HIPAA message -- spring cleaning

April 29, 2004

picture disc.HIPAA, the "Health Insurance Portability and Accountability Act of 1996," provides federal protection of patient health information. This HIPAA-related message is part of UNMC's continued effort to educate employees. Today's HIPAA message addresses safeguards in cleaning out files.

Question: What safeguards should I implement when I clean out my files?

Answer: Both paper and electronic files should be cleaned out to dispose of information that is no longer needed.

  • Paper should be placed in a locked or desk-side recycling bin.
  • E-mail and computer files that are no longer needed should be deleted. Just as paper file cabinets fill up, computer disk space can fill up.

Follow record retention guidelines when deciding how long information should be kept. For example, records required to demonstrate HIPAA compliance must be maintained for six years. A Record Retention policy will be published soon.

Please refer to "Destruction of Confidential Information" procedure for further information on proper disposal of information in other mediums.

If you're a manager, please ensure all of your employees are informed of the contents of these messages and how it applies to your work area. Some ways of sharing the information include discussions during staff meetings, printing and posting this message or asking your employees if they have any further questions.