One of the areas we continually monitor here at HITECH Answers is HIPAA. We have added a new resource to our HIPAA page – HIPAA in the News. We will be posting on this page links to the latest news and information on HIPAA breaches, changes, security issues and more.
Our latest link comes from Healthcare IT Digital Community – Is your office copier a hole in your HIPAA security plan?
Here’s an excerpt:
The lowly office copy machine can be a treasure trove of data vulnerable to identity theft and a potentially massive healthcare privacy rule violation. Many healthcare providers are scrambling to shut this security hole following televised reports of patient data found on copiers discarded by medical facilities.
From a privacy and security perspective, office copiers are not benign. Starting in 2002, digital copiers have been designed to retain in their memory an image of everything they copy, scan, and/or e-mail. In a typical healthcare practice, this could mean that driver’s licenses, health insurance ID cards, medical records, and personal checks are routinely copied or scanned, creating a repository of confidential patient information.
As hospitals focus on more conventional threats to the security of patient data, it’s been easy to overlook these omnipresent machines when developing a plan to comply with HIPAA provisions. But not anymore.