HIPAA Privacy and Security Reminders – Transporting Medical Records

HIPAA Privacy and Security Reminders – Transporting Medical Records

Occasionally, medical and other sensitive records must be transported from one location to another, such as when moving to a new office, closing a location, etc.  Appropriate steps must be taken to safeguard these records whether electronic or paper.  Learn more about what you and your company should  be doing…


HIPAA Security Reminder - Transporting Medical Records

  1. Any electronic media containing Protected Health Information (PHI) must be backed up before it is moved.
  2. Medical records should not be left in an unlocked room or insecure area. Only authorized personnel should have access.
  3. All boxes containing medical records should be numbered and appropriately labeled so as not to misplace them.
  4. Records should never be left unattended, even temporarily, including on pavements or in front of buildings.
  5. An administrator should supervise all aspects of the move to ensure that the movers are aware of exactly what needs to be transported and proper, secure handling of sensitive records at all times during transit.
  6. Once you reach your destination, immediately make sure all items are accounted for, and again, store medical records securely.


Medical records should never be taken from secure medical records areas without proper authorization!

Records moving between facilities must be properly secured and never left alone in vehicles! To ensure adequate security and to protect records against weather, light, pollution and other dangers, vehicles must be:

  • covered
  • locked
  • attended at all times; and,
  • not used for transporting other materials, such as chemicals, that may cause risks to records.

Your company’s and your patients’ PHI must be protected!  Should you ever experience a loss of medical records or other sensitive documents, immediately report it to your supervisor.

The complete HIPAA Privacy, Security and Breach regulations are here.

If you’d like keep up to date on HIPAA Security and Privacy reminders or HIPAA-HITECH in general, please also consider (all optional!):

Series NavigationHIPAA Privacy and Security Reminders – HIPAA-HITECH Compliance Success Formula >>
Posted in
Clearwater helps healthcare organizations ensure patient safety and improve the quality of care by safeguarding the confidentiality, integrity and availability of protected health information (PHI). We have assisted more than 400 customers to operationalize and mature their information privacy, security, compliance and information risk management programs. And in the process, we are raising the bar for safeguarding PHI, protecting millions of Americans and driving real value for the organizations we support and the healthcare industry at large.
Subscribe to our newsletter

Our monthly eNewsletter which includes industry articles and white papers that we’ve gathered for you. We’re confident you’ll find a nugget or two among them!

OCR-Quality Risk Analysis®

Clearwater-provided risk analyses have a 100% acceptance rate when submitted to the Office for Civil Rights.

About Clearwater

Clearwater provides the most complete and trusted, enterprise-class cyber risk management solution available. Designed for healthcare providers and their partners, Clearwater’s IRM|Pro® platform and experienced professional services team provide insights and actions to address compliance, cyber and patient safety risks. Clearwater is a 2017 Inc. 5000 fastest-growing company, the 2018 Best in KLAS winner in Cybersecurity Advisory Services, the 2017, 2018, and 2019 Black Book Marketing Research winner in Compliance and Risk Management Solutions, and exclusively endorsed by numerous state hospital associations. Clearwater solutions have been deployed within hundreds of hospitals and health systems, Fortune 100 organizations, and federal government institutions. 

Show Buttons
Hide Buttons