Digital photocopiers, scanners, and telefax machines are essential to modern medical office. They are also potential HIPAA liability time bombs. An investigative report by CBS News reveals that nearly every printer, copier, scanner and telefax machine built since 2002 contain hard drives which capture images of every document processed.
In order to see how widespread the problem might be, CBS followed John Juntunen, COO and founder of Digital Copier Security, in Sacramento, Calif., as he purchased four copiers based upon price and number of copies printed. In less than two hours, he bought four machines for about $300 each.
Using forensic software available for free on the Internet, he was able to download images captured from all four machines. Shockingly, one was from a New York insurance company and contained copies of medical records, including a diagnosis of cancer, blood test results and drug prescriptions.
The Federal Trade Commission, Bureau of Consumer Protection Business Center offers a publication, “Copier Data Security: A Guide for Businesses.” According to the FTC, when you buy or lease a copier, evaluate your options for securing the data on the device. Most manufacturers offer data security features with their copiers, either as standard equipment or as optional add-on kits. Typically, these features involve encryption and overwriting.
Encryption is the scrambling of data using a secret code that can be read only by particular software. Digital copiers that offer encryption encode the data stored on the hard drive so that it cannot be retrieved even if the hard drive is removed from the machine.
Overwriting — also known as file wiping or shredding — changes the values of the bits on the disk that make up a file by overwriting existing data with random characters. By overwriting the disk space that the file occupied, its traces are removed, and the file can’t be reconstructed as easily.
Depending on the copier, the overwriting feature may allow a user to overwrite after every job run, periodically to clean out the memory, or on a preset schedule. Users may be able to set the number of times data is overwritten. Generally, the more times the data is overwritten, the safer it is from being retrieved. However, for speed and convenience, some printers let you save documents (for example, a personnel leave slip) and print them straight from the printer hard drive without having to retrieve the file from your computer. For copiers that offer this feature, the memory is not overwritten with the rest of the memory. Users should be aware that these documents are still available.
Overwriting is different from deleting or reformatting. Deleting data or reformatting the hard drive doesn’t actually alter or remove the data, but rather alters how the hard drive finds the data and combines it to make files: The data remains and may be recovered through a variety of utility software programs.
Yet another layer of security that can be added involves the ability to lock the hard drives using a passcode; this means that the data is protected, even if the drive is removed from the machine.
While the website for HHS’ Office of Civil Rights, (which is responsible for HIPAA enforcement) does not contain a specific publication on the use of photocopiers in the medical setting, the site does provide a link to the above FTC publication under the reference title: “Safeguarding Electronic Protected Health Information on Digital Copiers.” This indicates the OCR expects medical offices to educate themselves about the potential hazards and risks posed by modern photocopier hard drives.