Office devices pose security risks for providers

Printers and copiers not always closely monitored and may give access to networks.

Some of the weakest links for network security lie strewn around almost every hospital or physician’s office.

Healthcare organizations often overlook the vulnerability of devices such as printers, all-in-one devices, fax machines, scanners, copiers or other devices.

The devices can be linked to the network, contain ports for connections to the device and are often unmonitored or unrecognized for the security threats they pose.

Device manufacturers are taking steps to alert organizations about the potential vulnerabilities and also working to make devices more secure. For example, Brother International, a global firm that markets printers, copier machines, fax machines and scanners, no longer installs hard drives in its products, nor do its devices have latent memory of documents put through the machines. Once an image is copied, it is cleared.

It’s a security precaution healthcare organizations should consider as they implement document management systems, says Dan Waldinger, director of services and solutions marketing.

However, a breach threat still exists if access to paper documents that were printed, copied, faxed or scanned is not monitored, whether the documents remain in a facility or are transmitted elsewhere, he adds. Hospitals, for instance, fax a lot of documents to affiliated providers and law offices.

To protect against insider threats, organizations can purchase machines that require a password or swipe card to operate, leaving an audit trail of users who have accessed the devices.

Many reproduction products are networkable, so a strong firewall is necessary, but some healthcare clients are asking vendors to close network ports for security purposes, Waldinger says. While hospitals often will link a printer to the electronic health records system, hackers cannot get into the EHR via the printer.

More for you

Loading data for hdm_tax_topic #clinician-experience...