After a very heavy court fine, a US pharmacy organisation was asked to carry out the following corrective Actions. The settlement required the company’s pharmacies to:

• Establish policies and procedures for disposing of protected health information and sanctioning workers who do not follow them;
• Create a training program for disposing of patient information;
• Conduct internal monitoring;
• Obtain an independent assessment of its compliance for three years.

The FTC settlement requires the company to:

Establish a comprehensive information security program designed to protect the security, confidentiality and integrity of the personal information it collects from consumers and employees;
Obtain, every two years for the next 20 years, an audit from a qualified independent third-party professional to ensure that its security program meets the standards of the settlement.

The fine was over $2.9M, why wait for the problem to arise contact the experts at Secure Data Recycling and make sure your staff are properly trained and your data is managed and disposed of in a secure and confidential manner