Recycling protects healthcare data? Seems unlikely, doesn’t it? Not so fast. Recycling offers more benefits than just environmental protection.
If you regularly visit your local medical center, chances are your top concerns are understanding what your health insurance covers, ensuring that your physician specializes in the area where you need treatment, and making sure all your healthcare needs are met.
One thing you probably never think about is whether the information in your medical records is safe. Who doesn’t assume that our medical records are treated as securely as our financial records would be by our local banking institution or credit card providers.
Hopefully, there are people working at every medical institution in the country whose job is to ensure those medical records – especially as more and more of our data is stored on office computers and other electronic systems – remain safe from cyber-attack or any other illegal breach. Because if the medical centers are not devoting resources to data security, it’s likely a safe bet that someone is doing their best to crack the code and steal that information.
And one thing hospitals, medical care centers and other healthcare facilities need to think about is the same issue all businesses are confronting: e-waste.
This e-waste issue poses the question:
“What do we do with all the used office electronics that are no longer in use and need to be replaced?”
The solution for maintaining data security is to have those electronics taken to a recycling firm that can also become your data security specialists and wipe each device clean of personal, sensitive, proprietary, or classified information. That’s how recycling protects healthcare data. You just have to find the right firm to recycle your electronic devices at and who focus on data security and destruction.
What Are the Security Concerns with Medical E-Waste?
Like virtually all businesses today, the healthcare industry now stores all administrative and patient data electronically. In fact, the internet has completely transformed the healthcare sector. It’s easier than ever now for lengthy medical records to be maintained, for healthcare practitioners to share information, and to offer more personalized treatments thanks to the web.
We’re in the age of Telehealth, or healthcare services utilizing telecommunications technology. Today there are a fast-growing number of user-and budget-friendly digital healthcare tools.
But there have also been plenty of warnings over the years from security industry experts that healthcare may be at risk of serious cybersecurity threats. Security experts note that medical records sell for much more on the black market than credit card data, since it contains more personal data points and can’t simply get reissued after a security breach in the same way a credit card can.
And another major concern is whether healthcare organizations, focused more on delivering medical treatment than data security issues, are behind the curb when it comes to security defenses.
Since keeping patient data on file electronically has allowed healthcare networks to operate far more efficiently, offering advancements in the way patients are treated and providing a more efficient experience for patients, the trend toward electronic record keeping will increase. So each facility needs to ensure the right security is in place for maintaining this kind of personal information without risks, and without leaving the data exposed to external threats.
An unnerving example of this was the WannaCry ransomware attack in May 2017 where a cryptoworm targeted computers running the Microsoft Windows operating system. One of the largest agencies struck by the attack was the National Health Service hospitals in England and Scotland, which left 70,000 computers, MRI scanners, and blood-storage refrigerators impacted, forcing their shutdown for non-critical emergencies. Since then, healthcare institutions have recognized the need for a cyber resilience strategy to defend against similar threats.
Still, cyber attacks are just one aspect of the security challenges that healthcare providers face.
What Security Problems Extend Beyond Cyber Attacks?
To err is human, and people make mistakes. Healthcare facilities are likely focused heavily on ensuring that no errors are made in the treatment provided to patients. But when it comes to patient information, sometimes mistakes can be made by well-meaning employees.
It could be as simple as an email that accidentally gets sent out, containing sensitive information. And since the federal government regulates this through the Protection of Personal Information (POPI) Act, it’s become a top priority for healthcare organizations to prevent brand damage and audits by ensuring they have proper safeguards in place.
And that’s especially true when computers and other electronics within the healthcare organization slow down or even stop working and need to be replaced. Those in charge of removing sensitive data from those electronics may assume they can simply delete the information on the device, and it’s now safe.
Nothing could be further from the truth.
Ensuring that personal information doesn’t leave an organization without proper safeguards is as essential as preventing external cyberattacks. So if there are data breaches, it will almost certainly come from the organization’s own employees. And this is complicated by the fact that so many medical employees – including emergency technicians, admitting staff, doctors, nurses, and back-office personnel involved with billing and accounting – need access to medical records.
Once older electronics are no longer being used, employees may not fully understand how to successfully remove all information contained on these devices, and that includes deleting emails and other messages, and documents. But by doing so, simply deleting this information may not be enough to keep criminals from finding this information if they get their hands on these discarded devices. That puts medical centers at serious risk if they are not fully protecting confidential patient information.
Individuals who have decided to replace their laptop or smartphone and have tried selling it online have sometimes learned a tough lesson: the more data that’s held on those devices, the more there is for criminals to steal.
Similarly, all organizations need to adopt policies mandating the deletion of patient and other information that’s no longer needed – or when the device they’re stored on must be replaced.
What Can Be Done to Safeguard Patient Information?
Hospitals and large health institutions need to diligently address all aspects of patient security and privacy, whether it’s from cybercrimes or simple employee negligence. Every aspect of that data needs to be fully secured.
Today, radiologic images, lab test results, medications, allergies, and other clinical information are being stored and viewed on computers, and while that information can get transferred to a new computer, that doesn’t mean it’s easy to delete on the computers that need to be replaced.
The smartest solution would be to ensure that those computers and other electronics do not get sent out as trash to community landfills. That poses serious environmental risks, since those electronics contain toxins like lead and mercury that can contaminate the soil and water nearby.
But it also poses the risk that those discarded computers will get removed from those landfills, and the critical information still on them will get removed as well.
The best solution is to take office electronics to an experienced recycling firm like Great Lakes Electronics Corporation, which will not only recycle the valuable parts still contained within that e-waste but provide hardware Asset Management service to offset the cost of office electronics that are no longer in use.
Since we know that throwing away old office electronics is harmful to the environment, Great Lakes Electronics Corporation will help organizations identify the value of these items to reclaim some of your initial investment.
Great Lakes Electronics Corporation is also able to remove any fears about disposing of old hard drives and the data they contain, since they are data security experts offering complete data destruction of all drives. There are multiple levels of data sanitization and destruction available, and Great Lakes Electronics Corporation provides the secure destruction of personal, sensitive, proprietary, or classified information.
Recycling protects healthcare data. It simply does.
E-waste presents a serious security threat to individuals and businesses, and the best way to fight back is with data erasure.
The solution is to turn those devices over to an experienced firm like Great Lakes Electronics Corporation, which has years of experience performing environmentally friendly recycling of electronic products.
The team at Great Lakes will disassemble these items into component parts, and the ones that still have value can be sold for reuse. Other parts are used for metals recovery. Everything within your devices gets recycled.
More importantly, by recycling with Great Lakes Electronics, you won’t have to worry about the data you left behind on those hard drives.