Change in Microsoft Support Could Lead to HIPAA Security Violation

February 21, 2014

Microsoft Corporation has announced that after April 8, 2014, it will no longer provide technical support and Microsoft Security Essentials downloads for the Windows XP Operating System (OS). In this announcement, Microsoft warns, “If you continue to use Windows XP after support ends, your computer will still work but it might become more vulnerable to security risks and viruses.” While Windows XP users will continue to receive anti-malware signature updates for a limited time, Microsoft will no longer provide security updates to this OS. Therefore, a PC using the XP OS will not be secure.

What does this mean for you?

HIPAA Security Rule requires all covered entities and their business associates have procedures for guarding against, detecting, and reporting malicious software. Providers and their business associates running Windows XP after April 8 will be at risk for a HIPAA violation, under the Administrative Safeguards section, 164.308 (a) (5) (ii) (B), of the HIPAA Security Rule.

How TMLT can help.

TMLT has developed a Toolkit to assist covered entities to review, revise, and comply with Texas and federal Medical Privacy and Security rules. TMLT can also perform a Privacy & Security Risk Assessment to determine your organizations risks, threats and vulnerabilities; for more information contact us at consultingwebmail@tmlt.org or call Stephanie Downing at 800-580-8658 extension 4884.

In addition, you should also check your servers while checking your OS.  Microsoft has also announced that it will no longer provide technical support to Window Server 2003 after July 15, 2015. Even though this date is more than a year away, server upgrades and replacements may take additional planning.

Previous Article
Community Health Systems (CHS) Breach Brings New Focus on Network Security

Practical tips for practices and their IT or network administrators and overview of HIPAA security matrices.

Next Article
How Secure is Your Patient Portal?

Recently the National Cybersecurity and Communications Integration Center issues an alert concerning SSL 3....

NEED MORE CYBER LIABILITY COVERAGE? Higher limits available for purchase.

Request A Quote