Windows XP Use May Violate HIPAA Starting April 8, 2014


If you use Windows XP on April 8, you will be easily susceptible to cyber-attacks and violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).

Windows XP support is ending on April 8, 2014, when support and security updates will no longer be available. This means that (according to Microsoft) you will become five times more vulnerable to security risks and viruses.

Further, the HIPAA Security Rule requires Covered Entities to maintain “[p]rocedures for guarding against, detecting and reporting malicious software” where reasonable and appropriate. When Microsoft discontinues its Windows XP support and security updates, Covered Entities using Windows XP will no longer be compliant with the HIPAA Security Rule’s directive.

Many small and medium sized healthcare providers still use Windows XP. Those providers must take these steps prior to April 8 to ensure their continuing compliance with HIPAA:

  • Determine whether you can upgrade your workstations to the new Windows operating system. According to Microsoft’s website, an upgrade will cost you $199.00. Your ability to upgrade is based on the age of your computer.
  • Get a new Windows PC. If you cannot upgrade, you will need to purchase new computers with secure operating systems.

Written by:

Published In:

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Dickinson Wright | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.