§ 10. PROCEDURE FOR DISPOSAL OF PHI.
   (A)   General. The village and the department have a duty to protect the confidentiality and integrity of confidential medical information as required by law, professional ethics, and accreditation requirements. PHI may only be disposed of by means that assure that it will not be accidentally released to an outside party. Management must assure that appropriate means of disposal are reasonably available and operational.
   (B)   Procedure.
      (1)   Standards. All personnel must strictly observe the following standards relating to disposal of hardcopy and electronic copies of PHI:
         (a)   PHI must not be discarded in trash bins, unsecured recycle bags or other publicly accessible locations. Instead this information must be personally shredded or placed in a secured recycling bag.
         (b)   Printed material and electronic data containing PHI shall be disposed of in a manner that ensures confidentiality.
         (c)   It is the individual's responsibility to ensure that the document has been secured or destroyed. It is the Privacy Officer's responsibility to ensure that all employees are adhering to the policy.
      (2)   Destruction of convenience copies and original documents (day-to-day destruction).
         (a)   The Privacy Officer shall provide users with access to shredders or secured recycling bags for proper disposal of confidential printouts containing PHI.
         (b)   Users may elect to use either shredding or secure recycle bags for the destruction of convenience copies, as long as the destruction is in accordance with this policy.
      (3)   Electronic copies. Secure methods will be used to dispose of electronic data and output. The Privacy Officer is responsible for the destruction of electronic copies containing PHI. However, employees may dispose of the electronic data themselves using the following methods:
         (a)   Deleting on-line data using the appropriate utilities;
         (b)   "Degaussing" computer tapes to prevent recovery of data;
         (c)   Removing PHI from mainframe disk drives being sold or replaced, using the appropriate initialization utilities;
         (d)   Erasing diskettes to be re-used using a special utility to prevent recovery of data; or
         (e)   Destroying discarded diskettes.
      (4)   Hardcopy (bulk destruction). Secure methods will be used to dispose of hardcopy data and output.
         (a)   PHI printed material shall be shredded and recycled by a firm specializing in the disposal of confidential records or be shredded by an employee of the department or the village authorized to handle and personally shred the PHI.
         (b)   Microfilm or microfiche must be cut into pieces or chemically destroyed. After documents have reached their retention period, all PHI must be securely destroyed. If hardcopy PHI (paper, microfilm, microfiche, etc.) cannot be shredded, it must be incinerated.
      (5)   Documentation of destruction.
         (a)   To ensure that it is in fact performed, department or village personnel or a bonded destruction service must carry out the destruction of PHI.
         (b)   If a bonded shredding company undertakes the destruction, the bonded shredding company must provide the department or the village with the document of destruction that contains the following information:
            1.   Date of destruction;
            2.   Method of destruction;
            3.   Description of the disposed records;
            4.   Inclusive dates covered;
            5.   A statement that the records have been destroyed in the normal course of business,
            6.   The signatures of the individuals supervising and witnessing the destruction.
         (c)   The bonded shredding company must provide the Privacy Officer with a Certificate of Destruction.
         (d)   The department's Privacy Officer is responsible for enforcing this policy, and shall be entitled to the assistance of the Village Manager in doing so, if such assistance should be needed. Individuals who violate this policy will be subject to the appropriate and applicable disciplinary process under this policy and the applicable ordinances of the village, up to and including termination or dismissal.
(Ord. 0030-03, passed 4-2-03)