Unattended Print Output Puts Documents at Risk

When left in output trays, documents can be viewed, mishandled, or stolen.

istock 601912720 6

Everybody is connected these days, whether they’re roaming the halls of a hospital or working on their home Wi-Fi. IT departments are working intently to ensure only authorized personnel gain access to the corporate network. But often overlooked are documents left unattended in printer trays by remote workers.

Just like electronic data, paper documents are subject to HIPAA Privacy and Security Rules. However, “some healthcare organizations are surprised to learn that the risk of non-compliance can greatly increase with the misuse of office devices such as printers, scanners, and fax machines,” observes HealthItSecurity.com.

On-the-go workers can print out documents remotely, whether inside the firewall or working outside of it. As a result, documents can be left unattended in output trays where they can be viewed, mishandled, or stolen. According to the Department of Health & Human Service’s Office of Civil Rights, paper documents accounted for 23% of large breaches of Protected Health Information (PHI).

Health organizations are particularly at risk as they typically experience high foot traffic from individuals with limited restrictions on access. It only takes a second for an unauthorized person to snatch documents from an unattended device. According to a SpiceWorks survey, just 41% of organizations deploy printer-specific user authentication techniques.

Organizations can prevent incidences of unattended documents by implementing access control and authentication procedures and technologies that ensure documents are printed out only when authorized users are present.

“User authentication, also known as pull printing, ensures documents are only released to the authorised recipient,” says research firm Quocirca. “Authentication through smartcards or biometrics is required before access permission to the printer is given and can be enabled across an enterprise-wide device fleet, a specified printer, or an external authentication server such as Microsoft’s Active Directory.”

HP, for exaple, provides a number of tools and services to control printer output, including:

  • Secure Authentication, using proximity card readers, PIN codes, and smartcards to prevent unauthorized use.
  • Job Accounting that can track imaging and printing activities by device, user, or department, with the ability to capture personalized data as well as collect data and monitor activity directly at the device.
  • Secure Pull Printing, which gives users the ability to retrieve jobs when and where they need to by simply accessing a solution-enabled networked device
  • Intelligent Management solutions that provide a smarter way to apply rules concerning who can print and how they can print, plus who can use a device and how they can use it.

“The far-reaching financial, legal, and reputational implications of a data loss mean that information security is a business imperative,” Quocirca advises. “Safeguarding the ever-increasing volumes of valuable corporate data against unauthorized access has become integral to maintaining business operations and adhering to increasingly vigorous data privacy compliance requirements.”

In today’s highly regulated environment, compliance is a crucial issue that applies to paper documents just as much as electronic records. For advice and insights into securing your printer environment, go to HP Printer Security.


Copyright © 2017 IDG Communications, Inc.