Destruction of patient health information by an organization or provider must be carried out in accordance with federal and state law pursuant to a proper written retention schedule and destruction policy approved by appropriate organizational parties. Records involved in any open investigation, audit, or litigation must not be destroyed until the litigation case has been closed.
As with record retention, there is no single standard destruction requirement. Before the destruction of patients’ medical records the law demands that the patients must be notified before destroying patient information, or specify the method of destruction used to render the information unreadable. Organizations should reassess the method of destruction annually based on current technology, accepted practices, and availability of timely and cost-effective destruction services.
Methods for the destruction of paper patients’ medical records
- Paper record methods of destruction include burning, shredding, pulping, and pulverizing.
- Microfilm or microfiche methods of destruction include recycling and pulverizing.
Methods for the destruction of electronic patients’ medical records
- Laser discs used in write once-read many document-imaging applications are destroyed by pulverizing.
- Computerized data are destroyed by magnetic degaussing.
- DVDs are destroyed by shredding or cutting.
- Magnetic tapes are destroyed by demagnetizing.
Before destruction organizations must maintain documentation of the destruction of health records permanently and include the following:
- Date of destruction
- Method of destruction
- Description of the disposed records
- Inclusive dates
- A statement that the records were destroyed in the normal course of business
- The signatures of the individuals supervising and witnessing the destruction
References
AHIMA (2008). Enterprise Content and Record Management for Healthcare.” Journal of AHIMA, 79, 91–98.
May, M. L. & Christina, M. M. (2008). HIM Professional’s Role in Enterprise Content Management: Stepping Out of the Department and Into the Organization.” 2008 AHIMA Convention Proceedings, October 2008.
Nunn, S. (2008). Enterprise Content Management from the Ground Up.” Journal of AHIMA, 79, 46–47.
Russo, R. (1998). Seven Steps to HIM Compliance. Marblehead, MA: Opus Communications.
Strong, K. (2008). Enterprise Content and Records Management.” Journal of AHIMA, 80, 38–42.