Why you should Replace Windows 7 Before January 14th 2020. Now is the time to upgrade to Windows 10.
On January 14, 2020, Microsoft is ending security updates and patches for Windows 7
Because it will be defenseless, just having a Windows 7 computer on your network will be a HIPAA
violation— which also makes you non-compliant with Meaningful Use. Windows 7 will be a time bomb
that could easily cause a reportable and expensive breach of electronic Protected Health Information
(ePHI.) HIPAA fines and loss of Meaningful Use money can far outweigh the expense of replacing your
old computers.
The HIPAA Security Rule requires that you protect patient information. Without system patches and updates, which will not exist for Windows 7 after January 14, this will be impossible with Windows 7. NIST guidance goes into more detail.
Some 7 defenders have used this FAQ answer from the Office for Civil Rights that the HIPAA Security Rule does not mandate specific operating systems to claim that continued use of Windows 7 is allowable.
- The Security Rule does not specify minimum requirements for personal computer operating systems, but it does mandate requirements for information systems that contain electronic protected health information (e-PHI).. the security capabilities of the operating system may be used to comply with technical safeguards standards and implementation specifications …Additionally, any known security vulnerabilities of an operating system should be considered in the covered entity’s risk analysis (e.g., does an operating system include known vulnerabilities for which a security patch is unavailable, e.g., because the operating system is no longer supported by its manufacturer).
What Experts Say
"These guys have takn care of us so well! Before we brought them on boad our "IT" guy had told us we were backed up but t hadn't ben running for thre years!!! We nearly lost everything but OTS saved us!"
Robin McEachin
"Do I recommend OTS? Absolutely! Quick response time with on-point solutions that won't break the bank."
Violet Solas
"Top-notch customer service for all your technology needs! Outsourced's competence and responsiveness make them #1 in my book! Check them out. You won't be disappointed."
Christine White
"Running 7 after the end of support date may expose the company to potential security and compliance risks. Worth consideration is also fact that aside of vulnerable systems it is expected for several third party software vendors to stop support of their applications on 7 Platform after January 2020 as well – this adds additional danger of vulnerable applications and multiplies the possible infection vectors. "
Symantec Corporation
The HIPAA Security Rule is all about
implementing effective risk management
to adequately and effectively protect EPHI.National Institute of Standards and Technology (NIST)
To comply with HIPAA, you must continue
to review, correct or modify, and update
security protections.
Meaningful Use Office of the National Coordinator for Health Information Technology
- review all electronic devices that store, capture, or modify electronic protected health information comply with HIPAA
- continue to review, correct or modify, and update security protections
- correct any deficiencies (identified during the risk analysis) during the reporting period
- review and update the prior analysis for changes in risks