Upgrading your multifunction printers, copiers, and scanners is a good step toward HIPAA compliance, but keep in mind that it's only a first step. Printing, storing, and document scanning security is up to you, and successful compliance has as much to do with your procedures and policies as your devices.
HIPAA compliance encompasses three areas of responsibility toward PHI or protected health information: confidentiality, availability, and integrity. Here are five ways to make sure your printing, copying, and document scanning security measures are up to par for all three requirements:
Protect your hard drive. It's not enough to take a device out of service; there's enough PHI saved on the hard drive to cause a security nightmare. Get scrubbing or overwrite guarantees from the leaseholder or vendor, or ask for the hard drive to remain in your possession.
Restrict user access. Don't locate printers in hallways or common areas where documents containing private patient information can be viewed by anyone. Also, enable authentications like passwords and ID cards to keep unauthorized users from accessing your devices.
Disable USB ports. Unauthorized users can download PHI from your printers. From there, it can be used to gain access to sensitive information—a clear violation of HIPAA regulations.
Enable pull or push printing. Reduce the number of unclaimed documents left lying in print trays with pull or push printing capabilities. Users must be present at the device and enter a passcode or other authentication before documents can be released.
Encrypt hard drives. Any device that includes a hard disk drive should include options to encrypt saved data. Make certain yours is enabled and up to date.
To learn more about printing and document scanning security for your healthcare organization, contact us at Ashley's Business Solutions today.