Posted by Kevin in 21st Century Business, Business, Cybercrime, Risk Management, Technology Issues | Add a comment »
Digital copiers built since 2002 contain hard drives that store images of every document copied or scanned. Many of the stored documents include confidential data, leaving individuals vulnerable to identify theft if no safeguards are in place.
During a recent investigation, an expert downloaded tens of thousands of documents from old copiers available for sale using a free forensic software program. One copier contained files from a police department sex crimes unit; one contained addresses and social security numbers along with $40,000 in copied checks; and yet another contained 300 pages of individual medical records from a health insurance company. Armen Keteyian, “Digital Photocopiers Loaded With Secrets,” www.cbsnews.com (Apr. 19, 2010).
As is the norm with these investigative journalism pieces, the video is very sensationalized. The dangers are real though and should be treated with respect.
This report reveals the risk employers face when getting rid of old copiers. For example, during hiring procedures, employers make copies of employees’ social security numbers, birth certificates, drivers’ licenses and other personal information. With hard drives storing this information, employers run a huge risk of inadvertently divulging personal data for identity theft and violating a person’s confidential information.
Health records present a particularly risky situation if they are divulged. Federal privacy laws including the Americans with Disabilities (ADA) require that employers keep employee health records private.
Some copier manufacturers offer security or encryption packages that automatically erase an image from the hard drive after it is copied. Another company has developed software that can scrub all the data from copier hard drives. Because the hard drives on copiers are actually computers, IT experts should make sure the hard drives are clean and safe before they are resold or thrown away.
Employers should also take steps to make certain that employees do not steal recorded data from copiers as well. Particularly vulnerable are employers that copy social security numbers and medical records.






LinkedIn profile
follow on FB
RSS Feed


I have recently had a very real, very personal experience regarding the value of Electronic Medical Records (EMRs). My mother suffered a stroke over a year ago but is largely recovered and living independently in the Southeast. While visiting a daughter in Texas she had an unexplained “episode” for which she would have visited her primary care physician. Because she was away from home and thus with no medical history that followed her, she chose not to visit the emergency room as the immediate symptoms had passed. Unfortunately, she had a repeat episode that was a bit more severe and was whisked away to the local emergency room outside of Dallas. She was subjected to a whole battery of tests, from simple bloodwork to a full MRI in an attempt to diagnose her symptoms. We are still awaiting the results. Had the doctors at the medical facility in Texas been in possession of her full medical history, they may have much more quickly (and possibly much more inexpensively) diagnosed her condition.
While some companies fail to implement the most rudimentary of security measures, an increasing number of companies are experiencing data breaches despite sophisticated security measures.