Data security violations have become a commonly accepted risk of doing business in the modern world, by consumers as much as businesses. Every so often we hear of a major breach of a once-untouchable national or multinational corporation’s online data. The breaches mean privacy violations that often result in massive fines for the company. We wince, then move on, confident that it will never happen to our smaller enterprises.
It is easy to suppose that such violations impact only the enormous companies and that they mostly involve online databases in the retail and healthcare sectors. Printers tend to suppose that they do not have any information worth stealing, and so they do not worry about compliance standards and the costs of failing to meet them.
But printers—big and small—are at risk, too.
There are compliance regulations at the state/provincial, national, and global levels that you could be failing to meet, and it could put you out of business. At the very least, they could shrink your business’ bottom line and mark you with a scarlet letter among your peers and clients.
Regulations? What Regulations?
Privacy and data security are important to people and companies across the globe, so it should be no surprise that regulations exist wherever your customers are. With business becoming increasingly global, you could be liable to security standards in a locale far from your geographic location.
Global & Multinational Regulations: PCI and GDPR
The Payment Card Industry (PCI) has its own Security Standards Council (SSC) with the authority to impose fines worldwide. The major payment card companies—VISA, MasterCard, and Discover, among others—established the SSC to hold accountable all businesses that handle customer card data.
If you print anything containing a credit card number or account information, you are accountable to these standards. On top of that, any payment information you handle electronically is also subject to these standards. In other words, you are expected to keep this information secure.Although not as far-reaching as PCI, the General Data Protection Regulation, passed by the European Union in 2018, is the most stringent in the world. Regardless of where it is located, any organization that collects or targets data related to people in the EU must abide by its standards. Each violation can cost companies up to €20 million (about $20.3 million in USD).
The information under protection by this law goes far beyond PINs and medical data. Any information of a personal nature must be protected.
In 2020, the GDPR enabled a city law enforcement agency in Hamburg, Germany, to fine a clothing retailer €35 million for processing information related to employees’ family issues and religious beliefs. While this may not seem immediately applicable to your small print business in North America or Australia, the moral of the story is that if you ever handle a print job pertaining to European citizens, you better make sure it doesn’t end up in the wrong mailbox.
National Regulations: HIPAA
Perhaps the most well-known privacy law in North America, the US federal government’s Health Insurance Portability and Accountability Act ensures that personal medical information doesn’t get shared with anyone without the individual’s consent.
Horror stories abound for printers.
In 2015, a print error resulted in two billing statements, each for different recipients, being placed in the same envelope. Nearly 3,000 people received statements intended for someone other than themselves.
In similar cases, patients have been confused when the front page of their statements was correct, but the reverse page was intended for someone else.
The HIPAA Journal reports that in 2020, more than $13.5 million was paid to HIPAA’s enforcement agency alone to cover damages to individuals. This does not include the additional lawsuits filed by individuals and companies.
In one such case, a major insurance provider was fined only $1.5 million by the federal government, but rulings from other states, the District of Columbia, and a class action lawsuit brought the total liability to more than $20 million. Of the three violations involved, two were due to printer errors: sensitive personal information was viewable through the envelope window.
Even regulations at the state/provincial level can be costly to printers that don’t comply. The California Consumer Privacy Act beefs up privacy rights for state residents. It can enforce a fine of $7,500 per violation, in addition to HIPAA violation fines. For a smaller enterprise running a larger job, these can add up quickly.
Don’t Become a Cautionary Tale
Whether it’s due to manual error or online data security, Ricoh can help you take steps to ensure you are compliant. Adopting a Print MIS is crucial here. Products like Ricoh ProcessDirector and Avanti Slingshot are renowned for their ability to automate your workflow, and automation could be the key to preventing costly noncompliance errors.
Eliminate Manual Mistakes
When printers are found liable, it is usually due to careless mistakes caused by manual interference. One of the greatest benefits of implementing a Print MIS is that it takes away the manual touchpoints, where most of the errors are likely to occur.
Mail sorts are especially crucial when it comes to non-compliance risks, as so many security breaches tend to be the result of the information getting mailed to the wrong person. You need a dependable, automated mail solution to make sure the personal information you’re handling goes only to its intended recipient.
Ricoh ProcessDirector integrates your disparate systems together so that your employees don’t have to transfer information manually between systems. Additionally, this Print MIS lets your customers submit the job directly, and then takes it all the way to complete without any interference at all on the part of your team. You simply collect the finished product and deliver it to your client.
You can also manage communication with clients and team members across each stage of your jobs and perform quality assurance checks as often as you want.Let's Talk
Perhaps you’re realizing you need help getting ahead of potential costly mistakes, or you’ve already had a foretaste. Ricoh experts are on hand to show you how your own jobs and workflows can benefit from our compliance solutions. Contact us.
Meet the Author
Linnea is Ricoh’s Director of Global Marketing, Alliances & Operations. She is responsible for growing the worldwide awareness of and demand for the production workflow software and solutions portfolio. Linnea is a brand specialist with more than 25 years of experience, having previously held key leadership positions at Hunter Douglas, Qwest, and PepsiCo. Linnea holds an MBA from Hoffstra University and Bachelor’s degrees in Business Administration and International Affairs from the University of New Hampshire. Linnea manages global strategic partnerships and marketing operations for Ricoh, giving her a comprehensive view of the business, customers, and markets. An accredited global marketing leader, Linnea is passionate about small businesses, even volunteering her marketing communications, social media, and digital marketing expertise to small businesses and associations. Her goal is always to help other businesses thrive. She authors many Ricoh blog posts to this end.
Join Ricoh experts online and discover new ways to create efficiencies, reduce costs and improve profitability through our software and solutions—visit our entire webinar series to help grow your business.