When print security fails, quality of care fails too

For cyber attackers, printers are another potential entry point, writes Harry Page, office print category team lead, HP Inc

Imagine the scenario. It’s 08:28 during morning surgery at your local GP practice. Reception has six patients queuing at the desk and the GP’s first appointment is already waiting.

Overnight, an alert has flagged unusual activity on the network, and IT’s first instruction is blunt but necessary – isolate anything that doesn’t need to be on the network while they assess what’s going on.

The duty doctor finishes a consultation and tries to print a prescription – but the printer has been taken offline.

Reception stops issuing appointment letters and blood test forms, the GP starts capturing key details to send later, and the appointment list begins to slip.

To attackers, printers are just another potential entry point – and the threat posed by state-backed or private cybercriminals is increasing

Now picture a nurse-led clinic where a flu jab is being given every 90 seconds.

Mid-session, the label printer is isolated as part of the same containment, so the team switches to handwriting and double-checking – slowing the line and increasing the chance of transcription errors.

It’s easy to overlook printers, but they sit on the network like any other endpoint – and when a security incident forces devices offline, care slows down fast.

The risk doesn’t change based on how you buy them – a single, unvetted replacement can undermine the security baseline just as easily as an ageing fleet.

To attackers, printers are just another potential entry point – and the threat posed by state-backed or private cybercriminals is increasing.

In its recent update on the 2024 Synnovis cyber incident, NHS England said that the ransomware attack contributed to delays to more than 11,000 outpatient and elective procedure appointments, with the biggest impact across Synnovis’ partner trusts and boroughs in south east London.

Securing print

The challenge in primary care is that printer fleets are often accumulated gradually. Devices are replaced one at a time, often under pressure, through local or transactional purchasing.

Over time you end up with a mixed fleet with inconsistent firmware and settings, as well as different consumables and support arrangements – which makes both reliability and security harder to standardise.

Printer issues and security breaches also go beyond slowing down frontline teams; they increase the workload for already stretched IT managers. And many NHS organisations don’t have dedicated IT departments to call on when issues occur, so resolving them can take even longer.

In response, NHS organisations are increasingly taking one of two routes – refreshing devices transactionally as needs arise, but choosing printers that are secure by default, or standardising through a managed model to reduce variation and centralise control.

Devices should offer end-to-end protection across their firmware, network and software layers as standard

Either way, the priority is the same: start with secure, prescription-and-patient-record-compliant devices, designed to support NHS primary care providers’ specific requirements, then decide how much central management and support is required.

Whether transactional or managed, primary care providers need ultra-reliable printers that integrate seamlessly with clinical systems and are small enough to fit comfortably in primary care settings.

Devices should also offer end-to-end protection across their firmware, network and software layers as standard.

This treats printers as endpoints and frees primary care staff and IT teams from reactive security management, so they can focus on patients and proactive improvement.

Key benefits and baseline protections

Whether you’re buying one replacement printer this quarter or securing hundreds across an integrated care board (ICB), there are a handful of baseline protections we consider essential.

1. Secure by default (HP Secure Defaults): Printers should arrive with secure, locked-down settings already switched on, without extra setup or configuration needed to make devices safe. A branch surgery should be able to plug in a replacement printer and know it’s compliant, out of the box.
2. Defence at the firmware level (HP Sure Start): This means that every time the printer starts, it checks its own ‘boot DNA’ (BIOS). If anything looks tampered with, it rolls back to a safe, factory copy by itself. If a consulting room printer gets a corrupted update on Friday, it auto-heals by Monday morning, so prescriptions print and the first clinic isn’t delayed.
3. Centralised fleet protection (HP Security Manager): Primary care organisations should be able to set their security policy once and push it to every printer at the same time. Every GP practice can then become compliant with its ICB’s cybersecurity standards – and prove it with a simple, automatically generated report.
4. Autonomous network threat detection (HP Connection Inspector): This means devices can keep an eye on their own network traffic and spot odd behaviour. If they see something suspicious, they automatically isolate and self-heal. If a consulting room printer starts reaching out to unfamiliar domains, it quarantines itself and reboots back to a safe state.
5. Future-proof firmware (HP FutureSmart): New security features and fixes should arrive over time automatically, without the need to swap hardware or manually install updates on individual printers’ room by room. When a software update is ready for release, IT can schedule a remote upgrade across the whole fleet in one go.

With the right protections built into the device, a suspected compromise doesn’t have to mean pulling printers offline across a site.

Features like intelligent monitoring of outbound connections can spot suspicious ‘call home’ behaviour and trigger an automated restart that restores the printer to a trusted safe state – while IT gets the alert centrally to investigate.

The major practical difference here is that, in the scenarios described earlier, prescriptions, appointment letters and labels are only delayed by seconds to a couple of minutes while the printer self-heals, rather than being totally derailed for the entire morning – or worse.

Evolving together

At HP, these protections are built in, rather than treated as add-ons. HP Wolf Security integrates all these benefits and runs across the fleet, increasing reliability and helping support quality of care.

As guidance and threats change, policies and firmware can be updated once and pushed everywhere

Crucially, modern print security can evolve more rapidly in line with the NHS’s changing needs.

As guidance and threats change, policies and firmware can be updated once and pushed everywhere – maintaining long-term security and interoperability without swapping hardware.

In short, modernising and securing print is an enabler of better, safer care, fewer manual workarounds, fewer printer errors, and more time with patients – helping build a stronger, more resilient NHS.