Multifunction printers and copiers: the forgotten hard drive at end of lease
The copier in the corridor is no longer a copier. It is a network printer with scan function, fax, mail relay, hard drive and as standard a Linux-or-firmware system that holds documents for a while. What began in the early 2000s as an operational optimisation (buffering copies for speed) has grown into a filing cabinet that nobody describes as such. And then the lease ends, and the supplier takes the device back. What happens to that drive?
What is on the HDD of a multifunction printer?
- Scan archive: all documents that passed through the scan function, sometimes stored for months.
- Print buffer: recent print jobs in cache, with their content.
- Fax log and fax content: on devices with a fax function.
- Address book: email addresses, contacts, sometimes a link with Active Directory or Exchange.
- Authentication data: who scanned or printed when, with badge ID or login code.
- Cloud connections: credentials for "scan to OneDrive", "scan to Box", "scan to email".
- Firmware and configuration files with network settings, IP ranges, sometimes WPA keys.
An average multifunction printer in an SME of 50 staff sees an internal volume of documents pass within three months that corresponds to half an archive cabinet of paper.
What do leasing companies do with it?
Lease terms are often vague. Standard practice:
- Supplier takes the device back. No dedicated sanitisation step by default.
- Refurbishment for resale. Onto the second-hand market, often outside the Netherlands.
- The HDD stays inside unless explicitly agreed in advance.
- No destruction certificate unless paid for as an add-on.
The question "what happens to the HDD?" virtually never appears in a standard lease offer. Anyone who fails to ask gets no answer.
What should you ask before end of lease?
- Does the device have an HDD or SSD with persistent storage?
- Is there a "data overwrite" function built in? Many modern multifunction printers have one, but it is sometimes turned off.
- Does the leasing company run that overwrite before hand-back?
- Will I receive a sanitisation statement or certificate?
- May I remove the HDD myself and have it destroyed separately?
The answer to question 5 is usually yes, in exchange for buying off the residual value. For multifunction printers with customer data or medical scans, that is often the wiser route.
Three routes for the HDD
Route 1: Built-in overwrite via device firmware
Many multifunction printers (Canon, Ricoh, Konica Minolta, HP) have a data overwrite kit that overwrites the buffer with every job, and an end-of-life wipe function that resets the entire HDD. Meets NIST 800-88 Clear, sometimes Purge.
- Advantage: no separate step, no cost, the drive stays in the device for resale.
- Disadvantage: requires the leasing company to actually run the wipe and provide evidence.
Route 2: HDD out, on to refurbisher (without the drive)
A device without HDD has less residual value but no data risk. The HDD goes through a separate destruction flow.
- Advantage: certainty, your own destruction track for the HDD.
- Disadvantage: some residual-value loss, and not every leasing company accepts a device without its original HDD.
Route 3: Whole device to the shredder
For cases where the organisation wants no risk at all, or for defective multifunction printers: the whole device shredded. That means no refurbishment residual value, but no data risk whatsoever.
- Advantage: certainty at the highest level.
- Disadvantage: the most expensive option, no residual value.
What do we do?
We do route 2 most often. On the IT-Friday before end of lease the client pulls the HDD out (most multifunction printers have one screw on the service panel; the HDD with SATA cable sits in a caddy). We come by the following week and shred to DIN H-4 or H-5. The multifunction printer goes back to the leasing company without its drive. Read about the mechanics of HDD shredding in how a hard drive is shredded.
Specifically for healthcare
Multifunction printers through which patient files have passed require DIN H-5. In practice that means route 2 (HDD out) or route 3 (whole device shredded). Software overwrite is too thin for WGBO data. Read about the general WGBO retention periods.
What do you put in the lease contract?
For future lease contracts, add a paragraph:
- On request the supplier performs NIST 800-88 Purge before hand-back, with sanitisation statement.
- Alternatively: client removes HDD before hand-back, the leasing company accepts the device-without-HDD with residual value adjustment.
- No take-back without a pre-agreed data route.
Pull the HDD, we do the rest.
Schedule a run before your end of lease. We shred the HDD on the spot at DIN H-4 or H-5, with certificate. The multifunction printer goes back to the leasing company without its drive.
Request a quoteEnd of lease in sight? Email us via desnipperaar.nl at least two weeks ahead so we can align the schedule.