A printer running proprietary firmware and connected to the Internet certainly is not your best bet if you want to guarantee secure and private printing. How do you know for sure no vulnerabilities are exploited and your private prints are not subject to prying eyes? You don’t, as long as proprietary firmware rules. Not convinced? Visit https://hacking-printers.net
So what are your options? First of all, don’t connect your printer to the Internet. And, as a network administrator, consider to sandbox all printer devices into a separate VLAN, only accessible by a hardened print server. A standards-based, open source solution based on Linux and CUPS is a safe choice. Moreover, with SavaPage Open Print Portal you can add an extra security layer by sandboxing your printers into a secure Web App.
Second, be alert on printer vendors that use dark-patterns to lure you into printing surveillance. For example, this case study shows that HP printers try to send data back to HP about your devices and what you print.
What counter measures did you take to preserve printer security and privacy? Which dark-patterns did you have to deal with?