In fact, during our 10 years of helping leading hospitals increase the return on investment on their medical equipment lifecycle, Miga has learned that the most common at-risk Personal Health Information (PHI) is in an area you’d least expect…your medical equipment. How carefully does your hospital inspect and scrub unused, traded-in or otherwise disposed-of equipment of PHI information?
Here are a few best practice checklist items you may wish to discuss with your staff when implementing a PHI risk mitigation strategy around medical equipment:
1. Inspect Your Equipment Before It Leaves the Building – How strong are your internal procedures to ensure that PHI is removed? Your hospital is required to make sure that no equipment for trade or sale leaves your facility with PHI on it. Create a simple check box on an asset form or other document that ensures a department staff member or clinical engineer checks equipment for PHI before it leaves the facility.
2. Have Your OEM’s Perform a Final PM and Data Scrub – The best way to ensure PHI is removed is to make sure it is completed according to manufacturer specifications. If your equipment is still under a service contract, OEM’s will be able to do a final PM or service call that includes PHI removal.