The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides guidelines for the handling of protected health information, also known as PHI.

HIPAA and PHI Overview

Secure Email Handout

HIPAA procedure for retiring mobile devices

HIPAA Security Policy mandates mobile devices (phones) that are connected to DOM email must be wiped clean of data before being sold or returned to the vendor.

Most phones have an option to “reset or restore to factory defaults”. You should contact your cellular vendor for specific instructions for your phone.

The department cannot remotely wipe the phone after it’s been deactivated by the cellular vendor. You may contact IMCSS at 362-2165 if you have the device and it’s still active, and we can remove all data remotely.

View policy >>