One of the big takeaways from RSNA this year was confirmation that Windows XP users will no longer be HIPAA compliant in about 4 months. On April 8, 2014, Microsoft will no longer support Windows XP.
According to one HIPAA consultant:
HIPAA Security Rule section 164.308(a)(5)(ii)(B) states that you must implement “procedures for guarding against, detecting, and reporting malicious software.” Obviously if you cannot update your software to protect your systems against malicious software, it is impossible for you to comply with this HIPAA Security Rule specification. Related Article
XRV will be taking coordinated action with our Vendors to provide an upgrade path for our existing XP users in the 1st Quarter of 2014. Since Windows 7 runs on 4GB RAM and the older XP devices were generally 1-2 GB RAM, in the majority of these cases the entire PC hardware will need to be upgraded. Fujifilm is providing an upgrade to the new HP computer with FDX Console Software. Konica is working on their upgrade since they still are utilizing XP as the platform for their software. Carestream believes their users will have a 2 year reprieve since their software is “embedded” however at this point XRV has not received final notification.
Stay tuned – more information will be forth coming once the Vendors have released their upgrade path.
Another Windows/HIPAA issue on the horizon? In early 2015, Microsoft Server 2003, which also currently runs on millions of servers, will also stop getting any patches or updates. Fun, fun, fun!