HIPAA Horror Stories

The Million-Dollar Copy Machine

one-minute read

They were just simple photocopiers. Nothing special. Just put the paper on the glass, press the button and move on.

But for Affinity Health Plan, these simple copy machines compromised the protected health information of 344,579 patients, leading to a $1.2 million HIPAA violation fine.

A 2010 CBS investigative report identified a New Jersey warehouse storing 6,000 used copy machines awaiting purchase and delivery to their next owners, all around the world.

The reporters selected several machines at random, one of which had been leased to Affinity Health. A screwdriver, a laptop and about a minute of time is all it took for the reporters to download thousands of patient names, addresses, social security numbers and diagnoses.

To you, a copy machine looks like a fancy printer. To a hacker, it looks like a no-lock, no-password trove of valuable data to be sold, exploited and shared with other criminals. Whether it’s identity theft or blackmail, the consequences of unprotected health data can be personally devastating to patients and financially ruinous for the professionals who care for them.

In fact, an off-lease copy machine purchased for as little as $600 is an incredibly affordable way to collect valuable private medical, financial and identity details about thousands of people. The largest hard drive that can be installed in a copy machine is 15 terabytes. That’s the storage (and breach) potential of more than eight billion health documents!

Since 2002, just about every new photocopier sold in the United States has featured a hard drive. Understanding your technology and incorporating that knowledge into your workflow is essential to maintaining a HIPAA-compliant office.

The HIPAA E-Tool® includes all the information you need to protect your business from a violation such as that experienced by Affinity Health. Let us show you how fast and easy HIPAA compliance can be.



The HIPAA E-Tool® makes compliance fast and easy. Get your free HIPAA Quick Start kit, complete with a webcam privacy guard, HIPAA Hot Zone labels and a HIPAA checklist delivered directly to your office.

Don’t become a HIPAA Horror Story! HIPAA compliance is easy, when you know the rules.

Request A Demo

Copyright © 2020 ET&C Group LLC.

The HIPAA E-Tool® and Protecting Patient Privacy is Our Job®
are registered trademarks of ET&C Group LLC

3534 Washington Avenue, Saint Louis, MO 63103
Terms of Service | Privacy Policy

Powered by JEMSU

You may have questions about COVID-19 and HIPAA. We have answers. 

We are open and answering questions about all the new modifications and waivers, coming from HHS, OCR, CMS, and the new CARES act.

If you need help with HIPAA during the COVID-19 pandemic, fill in the form, and we’ll get back to you.

Free hipaa kit!

hipaa compliance Quick start kit
Delivered free