Printing in confidence

Within most office environments, printing a document is an act that occurs so frequently that it usually happens without a moment’s thought. But within the context of a healthcare environment, where it is a legal requirement that information provided by a patient in confidence will not be disclosed in a form that might identify an individual without his or her consent, this simple act can have repercussions.  

Even though healthcare workers understand and appreciate the need to protect confidential information, the act of printing is not widely considered a potential security risk in the first place.

In fact a Samsung survey of workers in European healthcare centres found that one third (34%) see patients’ personal information, typically health records and laboratory results, left on a printer. As a result, it is all too easy for confidential documents to be printed, forgotten and free for others to view. 

In addition, many people don’t realise that today’s printers typically store documents on a hard disk drive. That’s why it’s important to put in place a secure data removal solution to ensure the information on the printer hard disk is irretrievable should it be stolen, leave the premises for repair, or be disposed of at the end of a printer’s life. 

What’s more, if people are determined, and so inclined, unencrypted printing data can be intercepted between the personal computer (PC) and printer, where sensitive data can be easily read.

 This is because the communication protocol from PC to printer is often not as secure as it could be. And, because some printer and multifunction devices are Windows-based, they can be susceptible to the same security issues as PCs and can unwittingly host viruses and malware which can cause havoc across connected systems.

At Samsung, we believe the response to these issues should be two-fold. On the one hand, awareness needs to be raised of the potential for printing to compromise security. But more than that, there is a need to adopt technological solutions specifically designed to make the possibility of security breaches a thing of the past.

It is possible, for example, to configure software solutions that prevent people from printing off a document – and then simply forgetting about it. In such solutions, the software ensures that a PIN code or swipe-card system is used which releases a print job only when the person who printed it is physically there to authenticate and collect the document.

Confidential printing technology also needs special software to be included as part of the solution, particularly if you want to protect your printer and network from malicious activity. These specialised security packages can effectively prevent unauthorised access to the applications that run on the printer and will stop outsiders from intercepting patient information when it is in transit from the PC. They can filter IP addresses to block outsiders gaining access to a printer and they can even prevent wireless and Bluetooth printers being accessed by unauthorised people.

From a hardware perspective, one of the most significant security threats comes from the local storage capability of modern printers. In certain industries, such as financial services and defence, it is a requirement to use printer disks that, once they have fulfilled their immediate task of printing a document, automatically erase all of the data from the hardware. 

Arguably, the same should be true throughout medical institutions. 

This doesn’t mean that the file should simply be deleted. If a file is merely ‘deleted’, all manner of software is available that can locate the data on a drive – and quickly restore it. However, technologies such as Samsung’s industry-leading disk overwriting solution capability can permanently destroy all potentially sensitive data on a printer’s disk so that restoration is completely impossible. 

An additional hardware feature is an encrypted protocol for printing transmission, which means that it’s not possible to decipher any data intercepted between the PC and printer.

Today, with the healthcare industry becoming ever more technologically sophisticated, securing confidential information is a fundamental priority on the agenda for most healthcare IT professionals and hospital managers. 

Most rightly regard the main area of concern to be the rise that has been seen in the use of Electronic Health Record (EHR) systems. However, security issues do exist elsewhere and the simple act of printing is something that should be considered.

Fortunately, sophisticated hardware and software solutions exist to address the challenge. Once the problem has been identified, the solution is readily available.

1. Evaluating the security loopholes of a medical centre’s printing network
2. Adapting the printing network to reflect its unique security needs with a custom-made solution
3. Controlling and securing networked printers with software and processes to stop confidential information leaks
4. Collaborating with leading third-party solution providers to deliver a tailor-made security management solution.