Have you ever thought about whose hands the information you copy can land? Think of all the different types of documents that are copied – tax returns, medical records, financial information and more — and the personal information within these documents.
The reason is that these new age copiers contain hand drives, similar to computers, which are capable of storing a large volume of digital information.
Nearly all copiers made since 2002 for business use, and some for home use, contain a hard drive that can store every copy made, item printed or fax scanned. While the information might be encrypted, it’s not usually a challenge for hackers to access details, including Social Security and telephone numbers, bank accounts and credit-card numbers, according to digital experts.
Administrative service departments hold auctions for IT equipment where the equipment is sold to end users. What could the motivation of these end users be beyond just acquiring the older equipment?
To remove the confidential information from the hard drive of the copier is the sole responsibility of the company that initially acquired the equipment. To have other agencies or companies assume responsibility to sanitize the copier hard drive is a costly endeavor and not realistic.
Security companies across the company have called copiers, faxes and printers a gold mine for identify thieves. Thieves sometimes rummage through garbage lots for discarded equipment to simply attain the hard drives for malicious use.
While security experts have been raising the alarm about copiers and similar devices, not many people are paying attention. The idea has not echoed. It’s important to be proactive in this time of concern about identify theft.
It is highly recommended to destroy hard drives in old copiers and other machines or taking them to recycling companies. Attaining a certificate of destruction is critical for proof that the necessary measures were taken to clear the owner from liability prior to returning or discarding the copier equipment.
Some state agencies have taken the necessary precautions to block thieves, but some companies have paid the price. A New York medical organization had to pay the federal government a $1.2 million fine for leaving health information for 344,000 customers on the hard drives of leased copy machines.
States hold auctions for surplus electronics and other items to the public after they reach the end of their life for commercial use. Other organizations, higher educational institutions and municipalities have first bid at the items before they are auctioned. The selling organizations have used this vehicle as a revenue generator but have avoided conversation about the downside to their sales.
Warnings from the Federal Trade Commission about security issues with copiers and similar devices started taking place a few years ago.
“The hard drive in a digital copier stores data about the documents it copies, prints, scans, faxes or emails. If you don’t take steps to protect that data, it can be stolen from the hard drive, either by remote access or by extracting the data once the drive has been removed,” stated in a federal bulletin at www.ftc.gov/tips-advice/business-center/copier-data-security-guide-businesses.
Some manufacturers include security options at additional cost to wipe out the information on copier hard drives. Other suggestions are to take measures to include either encryption or overwriting, which covers existing data with random characters, making files difficult, if not impossible, to reconstruct.
Companies that lease or purchase copier equipment are the ones that are responsible for taking action at the end of the equipment life. They cannot rely on sales reps in the copier industry as the industry has notoriously been known for massive turnover due to difficulty and individuals not being able to meet monthly quotas.
Rich Simons is Co-Founder and Managing Partner for EDGE Business Systems. He helps improve efficiencies for medical practices providing analysis, customization and recommendations to create an efficient work environment for all document processes. Feel free to connect at firstname.lastname@example.org.