Healthcare providers are top candidates for cyber-attacks and data breaches.
Why is this? Because protected health information (PHI) of patients is valuable data. Examples of PHI include Social Security numbers, email addresses, account numbers, billing information, test results, appointment notes and medication information.
Internet-connected endpoints like copiers and printers can be sources of data breaches. How can healthcare providers better secure patient data?
Data breaches are a real concern in the healthcare industry. Consider this sampling of recent healthcare-related data breaches:
- PHI for several hundred patients posted on a public website after a data breach in a Georgia medical center
- 15 years' worth of data for 40,000 individuals compromised after a cyber-attack at an eye clinic in Iowa
- Over 4,000 patients’ PHI was stolen after a malware attack at a chiropractic clinic in Oregon
- 3,300 patients’ PHI was exposed after a ransomware attack at a Minnesota fertility clinic
Understand Printer Security Risks: Recent Statistics on Endpoint Security
Copiers and printers are endpoints. An endpoint is any internet-connected piece of technology: printers, copiers, computers and mobile devices. They can be targets for cyber-attacks because when not secured they provide easy access to a network.
A study by the Ponemon Institute surveyed IT professionals who work with endpoint security. Seventy percent recognized increased threats against their endpoints (printers and copiers included). Sixty-four percent had at least one endpoint attack in the preceding 12 months resulting in compromised IT infrastructure or data.
Endpoint security has rightfully been a hot topic inside of the healthcare industry for some time now. We often hear questions about security on not only single-function devices (desktop printers) but multifunctional devices (MFDs, a.k.a. copiers and printers that can print, copy, scan and fax).
What should healthcare organizations do to prevent a data breach caused by their copiers and printers?
Two Healthcare Printing Solutions to Secure Patient Data
1. Security Assessments for Internet-Connected Copier and Printer Security
Healthcare organizations need to secure their printers and copiers from cyber criminals. These endpoint attacks cost an average of 5 million to 7.1 million dollars per year.
To calculate your organization’s risk, the average cost of a data breach determined by the Ponemon Institute survey works out to $440 per endpoint for organizations with more than 1,000 full-time employees. For small and medium-sized organizations (1,000 or fewer full-time employees), the average cost is $763 per endpoint. Costs stem from productivity loss, information theft, system downtime, system damage, reputation damage and legal fees.
To find what protocols are open on your printers, conduct a security assessment. This will identify where printer security risks are specific to your devices. Once you understand your risks, adjustments and tools can be applied to mitigate them.
2. Secure/Follow-Me Print for Security of Printed Documents
When we set up a solution for our customers, their data is secure and encrypted on the device, but what about when the documents are actually printed and sitting in a paper tray?
In healthcare organizations, it is not uncommon to see unsecured printing devices. Unsecured copiers and printers are a dangerous data breach risk from a HIPAA compliance perspective. Especially if you have printers in hallways that are not secured. This can present an opportunity for someone to pick up confidential documentation containing patient PHI left out on a paper tray.
One secure printing solution is authentication at the device, commonly called Secure/Follow-Me-Print. This requires the user to scan a badge or enter a code before using a copier or printer. Secure/Follow-Me-Print is equal in security clearance to having someone sign-in to their computer, just on a device to access print jobs, copying capabilities, secure document scanning and faxing. Secure/Follow-Me-Print prevents unclaimed or forgotten documents containing patient data from piling up on a paper tray.
Loffler takes a strong approach to ensure our clients have the right copier and printer models and technology in place to secure their patient data. If you have any data security questions, experts at Loffler would be happy to answer them.
Learn More: Technology Solutions for Healthcare Organizations
Read Next: Increase Print Security; Quit the Print and Sprint
Jeff James is a Sr, Enterprise Account Manager for Healthcare at Loffler Companies, and has been providing technology solutions for over 26 years. In his free time, Jeff enjoys listening to music and watching sports.
