5 Critical HIPAA Healthcare Audit Blunders

Media Reuse And Destruction

Healthcare organizations should have a formal policy in place to ensure sensitive data is permanently removed from media before disposal or reuse. The plan should cover media sanitization and how systems and devices will be properly recycled, reused and disposed. Many systems store data and pose a significant risk if an attacker attempts to recover the stored data with freely available tools. Deleted files and hard drive formatting does not necessarily mean data cannot be recovered by a determined person, according to experts. The National Institute of Standards and Technology has outlined recommendations for media sanitization.

Get a roundup of CRN's security coverage right to your inbox with the Security Advisor newsletter.