Copitex understands your HIPAA compliance needs and carries a full line of copiers with features and solutions to help you meet and maintain HIPAA compliance.
Are your printers and copiers HIPAA compliant? HIPAA compliance is as much about establishing proper policies and procedures as it is having the right devices. Here are some things to consider while evaluating your print environment.
Protecting access to printing devices
- Are printers and copiers in an area accessible only by authorized personnel?
- Do you require user authentication to access the device (Username/Password, Security Card, Biometric)?
- Do you need to disable the USB port on the device to prevent unauthorized copying of files?
Are documents at risk of being left unattended at the device?
- Is this a local device or a shared device?
- For shared devices, is there any risk of an unauthorized person retrieving a print job before the user can?
- Do you use a pull printing solution so print jobs are not released until the user authenticates at the device?
- Do you shred and securely dispose of any extra prints or copies?
Protecting electronic data
- Do you require user authentication to scan and send documents?
- Are network and email scans encrypted?
- If you must send the machine off premises, do you securely erase any stored data?
Do you use the device to send or receive faxes?
- Is there a risk of received faxes being left unattended?
- Are faxes printed as they are received or held until an authenticated user releases them?
- Do you route faxes to an email address or network folder rather than printing them?
- Are outgoing fax numbers verified before sending?
- Are faxes sent using a cover sheet that includes a confidentiality notice?
Tracking and managing usage
- Do you keep an audit trail of who has used the device?
- Do you keep archived copies of any email or fax transmissions?
– Restricts access to the device by requiring a user to enter his/her domain user name and password. When authenticating over the network, subsequent scans to email/FTP/folder are encrypted using the Kerberos standard from RSA®.
Personal address book
– Users can be assigned their own password-protected contact list containing private fax numbers, email addresses, and network folders.
– Documents can be scanned and delivered to email addresses, PC folders, and FTP locations in secure PDF format. Secure PDFs feature 40 (low) or 128-bit (high) encryption, and senders can determine whether to allow the recipient to print, edit, and/or copy the document.
– Outbound email transmissions can be encrypted using SSL (Secure Sockets Layer) or TLS (Transport Layer Security) to prevent a third-party from intercepting and viewing the transmission.
– To prevent incoming fax messages from printing out for all to see, messages can be routed to the intended recipient’s email inbox or network folder.
– All inbound and outbound fax and email transmissions can be archived to a network location, creating an audit trail that meets regulatory compliance needs.
Print on demand
– From the machine’s touch screen, users can retrieve frequently produced documents from a secure network folder, eliminating the need or concern over displaying and printing documents from a desktop computer.
– Requires that the user enter his/her user ID and password (at the control panel) in order to release the print job. Output can’t be viewed or picked up by the wrong person; no need to sift through multiple pages, enhancing productivity.
Secure fax reception
– In non-networked environments, for instance, incoming fax messages can be stored in the machine’s internal memory, and printed upon entry of a valid passcode; ensures that only authorized parties access the information.
Device security solutions
Hard drive protection
Image overwrite automatically erases image data created during the copying, printing, network scanning, scanning to email, or scanning to server processes. The MFP performs three overwrite passes of the data using the methods defined in Department of Defense (DoD) 5200.28-M.
Restricting device access
Network filtering enables the IT administrator to restrict multiple IP and MAC addresses from accessing the device. Port filtering enables the IT administrator to enable/disable the following network ports: printing ports, web services, connection ports, and email services.