Make sure your copier/printer doesn't expose personal data; new campus document can help

Newer printers and copy machines contain hard drives that store images of whatever they print or scan. If those images contain personal identity information, the machine could pose a privacy problem--so Information and Educational Technology has produced a guide to advise campus units on how to reduce that risk.

"Data Privacy with Multi-function Printers, Printers and Copiers" tells units how to assess the risk, as well as how to minimize or eliminate it. The document includes a table of document protection capabilities, listed by manufacturer.

Older machines without hard drives don't keep images of what they reproduce, so they had no stored data to protect. Over the past five years, more manufacturers have included hard drives to allow their printers and copiers to perform multiple tasks quickly. That's good for efficiency, but not good for privacy if the hard drives store unprotected records that include Social Security numbers, bank account data, medical records, or other personal information that identity thieves can exploit.

In a letter June 4, UC Davis Information Technology Security Coordinator Robert Ono asks campus technologists and administrators to read the new document, learn about the issue, and assess the risks in their units before the next annual cyber-safety reporting period begins in August. The campus expects to include guidance for managing newer printers and copiers in the next policy review of UC Davis cyber-safety security standards.

Read more about campus IT security here.