Resources for Health Insurance Portability and Accountability Act (HIPAA)

Data Compliance: Guilty Until Proven Tamperproof

www.informationweek.com

How certain are you that the electronic data your team retrieves in response to discovery requests is complete and unaltered? Recent rulings have framed electronic records as on par with audio recordings and digital photos in terms of reliability, as judges recognize that a clever cheat could modify an e-mail to remove a critical "not" before submitting it into evidence. IT groups that have yet to implement systems that store data in nonmodifiable form are behind the curve.

Long-term data-retention mandates are a minefield as well. Organizations covered by OSHA regs must keep physical exam records for 30 years after an employee's termination, while HIPAA requires that medical facilities retain records for 20 years or more. Just keeping copies of end-of-month or end-of-year backup tapes doesn't cut it. Even if the tape hasn't degraded, it's unlikely you'll have a drive that can read it.

View the Resource

Share or bookmarklet this web page at: