Nothing can ruin a manager’s day more than finding out their company has a HIPAA violation. Many companies do not realize that printers and copiers are considered workstations by the Department of Health and Human Services and as such, must be protected under HIPAA regulations. How do you secure the machines so that they are compliant? Here are a few best practices that companies and employees can follow.
Secure Physical Access to the Device
Because anything can be copied and left lying near the copier, one of the first steps a company can do to secure a copier is to put it in a location that only authorized people can access. That way if something is left out, there is little chance it is going to get far and compromise the data.
Paperwork with personally identifiable information (PII) being left out is one of the most common ways customer data that should have been protected is compromised and exposed to hackers and identity thieves.
Encrypt Communication to the Copier
Many printers and copiers are now online and can be communicated with by other computers. Because many of these devices have their hard drives, one right way to secure it is encrypting the traffic to and from the printer using a Secure Socket Layer (SSL). That way there is no chance of the data being intercepted.
Technology has come a long way, so there are many ways to protect the data including encrypting and securing the hard drives. With these two steps, no one will be able to intercept the transmission nor extract the data from the hard drives.
Schedule Audit Inspections Frequently
Having a HIPAA strategy and implementing all the safeguards is only half the battle, the other half is making sure employees are following them. No defense is going to work if people are not taking the time to follow the steps put in place.
Inspections and Audits of HIPAA protected systems is a way to see the actual status of the rules but also catch any issues where employees are not following the steps put in place. Frequently, inspections will also remind everyone of the importance of supporting the guidelines laid out so that customers and their PII are safe from those who would use it against them.
Are you interested in knowing how we can help secure your company to meet all HIPAA requirements? Contact us!