Skip to content
General Compliance Policies

Disposal of Equipment that May Contain PHI or Other Sensitive Information

HIPAA Security Laws and University policy require we implement policies and procedures to address the final disposition of electronic protected health information (ePHI), and/or the hardware or electronic media on which it is stored. When covered entities dispose of any electronic media that contains ePHI, they must ensure it is unusable or inaccessible.

If you are disposing of any hardware that may contain such data, please use the Help Desk Ticket system to notify the IT department Below is a list of items that do or can contain data:

  • Computer
  • Laptop
  • Multi-function Copier Printer Scanner
  • External Hard Drive
  • Hard Drive
  • Flash Drive/Thumb Drive
  • CD/DVD
  • Other media