Dealing with equipment end-of-life issues

Nov. 19, 2014

As advances in electronic devices enable hospitals to transition manual duties to automated tasks, hospitals are finding more and more of these devices throughout their facilities. However, many hospitals struggle with managing these devices once they reach their end of life.  As with traditional IT equipment such as computers and printers, healthcare facilities now have to manage the recycling of these new electronic medical devices. Many medical devices, such as certified decontaminated infusion pumps and sterilization equipment, may contain data and need to have programs that protect this data. These devices also contain hazardous components and need to be recycled accordingly.

With some electronic medical devices, state and federal law may mandate detailed support documentation on recycled items, such as individual unit serial numbers or certificates of destruction. In addition, there have been several recalls of electronic medical devices over the past few years. For these recalls, the Food and Drug Administration (FDA) may require the certified destruction of certain components or whole units.

With the eclectic mix of devices and legislation that governs their disposal, healthcare device recycling requires expertise to ensure data security, legislative and environmental compliance. 

Ensure data security, even on equipment no longer being used

Patient health records stored digitally will continue to increase as the number of insured individuals grows, online patient health centers gain popularity and more healthcare equipment records patient data. Laboratory information systems, which collect and analyze patient data, are an example of a type of medical equipment that likely falls under the protected health information legislation.

The patient information stored on medical devices is included under the legal protection of the HIPAA Omnibus Rule. Violation of this act can result in substantial monetary fines and consumer backlash that is often more costly than the legislative penalties.

The healthcare industry remains a top target for hackers as private health records are often the most commonly compromised information and hospitals continue to be targeted for attacks daily. Health data breaches have become so common that the FBI recently issued an alert that identifies frequent malicious targets on healthcare-related systems in an effort to obtain protected healthcare information and personally identifiable information like birth dates and social security numbers.1  As in the case of Chinese hackers who stole 4.5 million patient records in a single breach, overseas criminal organizations use this information for medical and/or financial fraud.2 

Most responsible healthcare organizations have responded to threats by increasing the security defenses of devices currently in use on their premises. Understanding the high risk of compromised patient data, the best-in-class healthcare organizations have also devised programs to properly deal with devices when they become obsolete and are no longer in use. In addition, asset disposition vendors are responding to the need for greater security by offering new disposal options such as on-site destruction services. These hard-drive wiping and shredding services take place at the healthcare facility to minimize risk and ensure data is destroyed before it leaves the premises for recycling. This extra precaution to protect patients’ health information provides reassurance that a data breach will not occur during the disposal process.

Depending on the type of electronic medical device, different disposal stipulations may apply. Some asset disposition vendors specialize in the disposal of traditional computer equipment, while others have expertise with niche medical devices such as heart monitors and imaging equipment. Large vendors that have a history of working with the medical field will have the knowledge and expertise to handle both IT assets from the office and electronic medical devices in practice. 

With a wide variety of devices, you may have to deal with multiple vendors

Selecting a responsible disposition vendor is crucial to stay in compliance with all legal regulations as well as your organization’s internal protocols. While many vendors that are capable of recycling electronics exist, not all will have familiarity with the medical devices from your particular healthcare environment. It is important to rely only on trustworthy companies that have experience with the types of medical equipment for which your organization has a recycling need.

To get started, evaluate your own healthcare organization’s needs. Specifically, what types of devices are you looking to recycle? Refer to Table 1 for examples of common medical devices that electronics recyclers process, but note that not all vendors will be able to handle all of these devices. It is imperative to assess the electronics recycling vendor’s capabilities before contracting for one type of recycling service or another.

Table 1

It’s important not just to find a vendor that can process electronics, but to find one that can do so responsibly and in an environmentally safe manner. Consider the vendor’s standards and certifications to ensure they align with your organization’s needs and expectations. Specific to the electronics recycling industry are the e-Stewards certification and the Responsible Recycler (R2) certification, which have strict stipulations and frequent audits on electronics recycling practices that work to ensure electronics do not end up in landfills or are exported to developing nations.

Other certifications to note involve environmental, health and safety standards. 

  • ISO 14001 is the environmental management standard and aims to decrease the amount of pollution and waste that is produced by a business;
  • OHSAS 18001 is a certification designed to put in place sound occupational health and safety practices that protect employees while on the job; 
  • ISO 9001 assures there are defined and effective quality management processes in place that are verified by routine third-party audits; and 
  • ISO 27001 ensures adequate company processes are in place and followed to protect third-party digital assets and minimize information security risks.

Once you have assessed your healthcare organization’s recycling needs and found an appropriate recycling vendor, your organization should begin preparing for the first recycling transaction.

Streamline and standardize your internal asset disposition process

Each healthcare organization will have a different set of internal protocols for equipment disposal. Understand what those are early on to accurately communicate what is expected to ensure the vendor’s compliance. To do so, take an inventory of items ready for disposal, including all IT equipment and all electronic medical devices. As a part of the record, make note of where the items are stored in the facility and at what location. Also note the weight and dimensions of each device and any other identifiable numbers to better track your equipment. Having this information will streamline the asset disposition process and provide an extra level of assurance that assets will be properly recycled in an efficient and timely manner.

Prior to arranging a shipment or pickup, contact the recycler or the manufacturer of the device for assistance with product packaging recommendations and advice on disposal criteria. This extra knowledge will save time and resources throughout this, and future, recycling processes. When dealing with a recall, it is essential to contact the manufacturer for counsel on disposal procedures and to verify if all devices or only parts will be subject to the recall.

Communication and preparation are key factors to the success and efficiency of the process. Early establishment of what your organization and outside parties require will help keep you organized, efficient and on target through each step of the process, which will allow you to be open to advancements in the industry as they occur.

The future is here

The shift from traditional computers and the ubiquity of mobile health electronic devices is well under way, and the medical field, as well as the recycling industry, is beginning to see these devices reach their end of life. The best companies in the recycling industry will continue to meet the demands of these new items with creative solutions that offer efficient and data-secure solutions for all electronic devices used in the medical field.

References

  1. http://www.ihealthbeat.org/articles/2014/8/21/hackers-directly-targeting-health-care-organizations-fbi-warns
  2. http://www.politico.com/story/2014/08/chinese-hackers-steal-45-million-patients-data-110122.html

Sponsored Recommendations

Clinical Evaluation: An AI Assistant for Primary Care

The AAFP's clinical evaluation offers a detailed analysis of how an innovative AI solution can help relieve physicians' administrative burden and aid them in improving health ...

From Chaos to Clarity: How AI Is Making Sense of Clinical Documentation

From Chaos to Clarity dives deep into how AI Is making sense of disorganized patient data and turning it into evidence-based diagnosis suggestions that physicians can trust, leading...

Bridging the Health Plan/Provider Gap: Data-Driven Collaboration for a Value-Based Future

Download the findings report to understand the current perspective of provider and health plan leaders’ shift to value-based care—with a focus on the gaps holding them back and...

Exploring the future of healthcare with Advanced Practice Providers

Discover how Advanced Practice Providers are transforming healthcare: boosting efficiency, cutting wait times and enhancing patient care through strategic integration and digital...