Windows XP Use May Violate HIPAA Starting April 8, 2014


If you use Windows XP on April 8, you will be easily susceptible to cyber-attacks and violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).

Windows XP support is ending on April 8, 2014, when support and security updates will no longer be available. This means that (according to Microsoft) you will become five times more vulnerable to security risks and viruses.

Further, the HIPAA Security Rule requires Covered Entities to maintain “[p]rocedures for guarding against, detecting and reporting malicious software” where reasonable and appropriate. When Microsoft discontinues its Windows XP support and security updates, Covered Entities using Windows XP will no longer be compliant with the HIPAA Security Rule’s directive.

Many small and medium sized healthcare providers still use Windows XP. Those providers must take these steps prior to April 8 to ensure their continuing compliance with HIPAA:

  • Determine whether you can upgrade your workstations to the new Windows operating system. According to Microsoft’s website, an upgrade will cost you $199.00. Your ability to upgrade is based on the age of your computer.
  • Get a new Windows PC. If you cannot upgrade, you will need to purchase new computers with secure operating systems.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Dickinson Wright | Attorney Advertising

Written by:


Dickinson Wright on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.