HIPAA Security: Don’t Decrypt Data Before You Destroy It?.

HIPAA experts know that there are only two ways to obtain safe harbor for PHI: encrypt it or destroy it.  Seeing how it’s hard to work with destroyed data, most opt to use PHI encryption software to protect their patients’ sensitive information from unauthorized access.

However, the rules also clearly state that any data that is being thrown out must be destroyed.  This makes sense for paper-based documents and other physical manifestation of information, like x-rays.  It also makes sense for digital information, but the reasoning behind it is not so apparent for encrypted data.  After all, lost or missing data is protected by safe harbor rules if encryption software is used to protect it, indicating that the encrypted information is perfectly safe.  Why must it also be destroyed?

One in a Million: So You’re Telling me There’s a Chance

The movie Dumb and Dumber has a number of notable quotes and scenes, many of them terrible, but one’s always held a special place in my heart: when Jim Carrey’s character asks his crush what his chances are, she tells him it’s like “one in a million,” and Carrey replies, a small smile forming at his lips, “So you’re telling me there’s a chance.”

And that, in a nutshell, is why you’re supposed to destroy any data you’re going to throw away.  This includes encrypted PHI data because there is always the chance that (a) someone will somehow figure out the password to the encrypted data or (b) someone will run across the encryption key.  The chances of it are remote, of course.  But not impossible.

Destroy Your Data the Right Way

Making it so computerized data becomes inaccessible is both surprisingly hard and easy.  Anyone who’s had to deal with dead hard drives knows that computer storage is sensitive to bumps, humidity, electric shocks, magnetic fields, etc.  On the other hand, just because you’re unable to use your device doesn’t mean that the information is inaccessible.  There are plenty of business built around recovering information, and they’re successful (and profitable) for a reason.

Methods for destroying digital data are myriad.  One of the more popular methods is physically destroying it.  For example, you can punch a hole through a hard drive’s magnetic platters, or even better, three or more holes through them.  There’s the “sledgehammer” approach to it, which doesn’t require an explanation, I think.  You can also melt it – the internet is surprisingly full of raconteurs who’ve used thermite to do so.

There are also non-physical methods, like degaussing the data (i.e., running storage media through a gigantic magnet) or copying junk data to it.

Here’s a tip: no matter what approach you take, destroy you storage device while it’s encrypted.  Why?  Well, for starters, you can think of it as insurance.  In the event that something goes awry, you’ll have the encryption to as a security backup (which is win-win if you are a HIPAA covered entity).

For example, what if you outsource your data destruction and the company does a poor job?  Or what if one of their employees decides he’ll pass the data for a price, like in this story?

Related Articles and Sites:


Comments (0)

Let us know what you think