Healthcare providers need to know that protected health information could be stored in their copiers – and accessible to hacking.
Digital copiers are essential components of modern doctors' offices. They enable you to improve your communication, increase your productivity and save money. Despite these benefits, copiers are a potential source of Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy and security risks.
Protected Health Information May Be Stored on Your Digital Copiers
Most digital copiers have internal hard drives and network connections that can be exploited by hackers to gain access to protected health information (PHI). Failure to implement safeguards to protect the PHI in your care from unauthorized disclosure can lead to substantial criminal and civil penalties for HIPAA non-compliance. Penalties for non-compliance range from $100 to $50,000 per violation, up to a maximum of $1.5 million per year for identical violations in a calendar year.
5 Steps to Keeping Your Digital Copiers Secure
Identifying and eliminating security vulnerabilities in your digital copiers is key to ensuring HIPAA compliance. Follow these steps to help keep your they’re secure.
- Set Strong Passwords: Secure your digital copiers with a password that's easy for authorized persons to remember but difficult for hackers to guess. Passwords should be at least eight characters long and contain lowercase and uppercase letters, numbers and symbols.
- Encrypt Your Data: Use encryption to protect the integrity and confidentiality of the PHI stored in your hard drives and networks. Encryption scrambles data so that it can only be read by authorized individuals.
- Keep Your Digital Copiers Up to Date: Be sure to keep your digital copiers' firmware and drivers up to date. Often, updates provide new or improved security features and patch known security holes.
- Wipe Your Hard Drives Clean: Periodically overwrite the data on your hard drives to minimize the potential for unauthorized access. Overwriting helps prevent unauthorized data recovery by replacing existing data with new. You should also scrub your hard drives clean before selling or disposing of your copiers.
- Use a Digital Copier Service Provider: Consider hiring a digital copier service provider to replace, remove or dispose of your hard drives. Here at Datamax, we can help you to understand your document security requirements and develop an effective plan for ensuring HIPAA compliance.
Could your office use additional assistance with information security and HIPAA compliance? Contact us today to learn more about our digital copiers and how we can help you make your documents more secure.