Do You Copy Me?

You or your IT department have probably taken steps to secure the information on your laptops, PDA’s, and smart phones. But have you identified the risk of a data breach from your office or personal copy machine? WBZ-TV in Boston recently reported how copy machines pose a new potential threat to our personal and confidential information.

WBZ-TV quoted a Boston security expert who said that “Copy machines today are just like computers. They have hard drives and can store data that can be extracted.”

Result: doctors, lawyers, accountants, brokers and others may be making copies of documents containing personal information. Your financial data, medical history, social security number, and other key information may all reside on a variety of different copy machine hard drives. Do these offices have data management procedures to safeguard your private and confidential information?

A variety of laws do require doctors, lawyers, and other professionals to safeguard personal data. But we suspect there are gaps in administration. Worse, as WBZ reported, copiers with sensitive data often find their way out to the used copier market, to be sold to third parties.

What to do? One good idea is to ask the professionals with whom you work whether they have procedures in place to safeguard your private and confidential data. And if your copy machines have hard drives that store customer or client data? Consider creating a policy and procedure to manage that data — and to remove it from the hard drives before selling or otherwise disposing of the machines.