Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the tm-polygon domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/safesystems/public_html/Complianceguru.com/wp-includes/functions.php on line 6121
FDIC issues guidance on copy machine hard drives – Compliance Guru

FDIC issues guidance on copy machine hard drives

September 15, 2010 Tom Hinkel Hot Topics 0 comment  Like

FDIC issues guidance on copy machine hard drives

The FDIC issued FIL-56-2010 today, addressing risk posed by sensitive information stored on certain electronic devices (copy machines, fax machines and printers) that utilize internal storage, and how institutions should mitigate that risk.

This guidance only covers those devices that have internal storage, such as a hard drive or flash memory, but according to some reports, every copy machine manufactured since 2002 contains a digital hard drive.

In short, the FIL references GLBA, and states that:

“Financial institutions should implement written policies and procedures to identify devices that store digital images of business documents and ensure their hard drive or flash memory is erased, encrypted or destroyed prior to being returned to the leasing company, sold to a third party or otherwise disposed of.”

Because the FIL refers to existing guidance regarding the proper disposal of customer information, no new policies should be required.  However you should update your existing policies to make sure these new devices are identified and included.  It might also be a good time to re-evaluate your disposal method to make sure it is “sufficiently robust to render the information on the disk unrecoverable”.

(NOTE:  HP addresses the issue for their devices here.)

Print Friendly, PDF & Email
Tags
Tom Hinkel
Tom Hinkel
As author of the Compliance Guru website, Hinkel shares easy to digest information security tidbits with financial institutions across the country. With almost twenty years’ experience, Hinkel’s areas of expertise spans the entire spectrum of information technology. He is also the VP of Compliance Services at Safe Systems, a community banking tech company, where he ensures that their services incorporate the appropriate financial industry regulations and best practices.
tom.hinkel@safesystems.com

Write a Comment

© 2025 UFS Tech. All rights reserved. Compliance Guru is a registered trademark of UFS Tech. Privacy Policy