HIPAA Compliance: How changes with Window’s XP Operating System can affect your practice’s compliance

HIPAA Compliance: How changes with Window’s XP Operating System can affect your practice’s compliance image

With months left before Windows does away with it’s XP operating system, many health care systems and small practices are facing the prospect of becoming non-compliant in with HIPAA privacy laws. In April 2014, Windows will no longer provide support, updates or security patches for the widely used XP operating system.

What does this mean for your practice? A few things – If you have been using a computer running on Windows XP, security patches will no longer be available. This can mean you will slip into noncompliance in relation to HIPAA due to a lapse in proper security features.

This is not necessarily a crisis, but it is something that must be addressed, now. This first step is to evaluate your current situation to determine if you are using the XP system. If you opted for another, or upgraded recently, you’re in luck! However, if you do find that XP is the operating system on your practice’s computers steps should be taken to being switching over as soon as possible. Fortunately, there are a few options for maintaining compliance.

Option 1: Upgrade to the Window’s 7 or 8 operating systems. This can be done a few different ways. If you currently have maintenance on your systems, simply downloading the next version onto a Windows 7 operating system may solve the problem. In other cases, you may have to pay for expensive upgrades that run on newer versions of Windows than the previous XP.

Option 2: Upgrade your entire to desktop virtualization infrastructure (VDI). This allows a large number of desktops to run off of one hardware server, with the proper operating system and security measures to maintain HIPAA compliance. User desktops are accessed remotely from workstations and all information is backed up on one server making file recovery efforts easier. Additionally, these can provide a more secure network as only one server is involved, greatly reducing the number of access points a hacker can use to get into the server. Centralized storage of all sensitive information allows for enhanced security as well. VDI setup also will cut down on software updates on multiple machines as only one server is being used and thus one download is all that is required. Keep in mind, your software providers may increase costs for additional workstations but it will still be less costly in the long run than the alternative.

As April 8th approaches, it is vitally important that you and your practice evaluate these options, speak with your tech support and software licensors to determine the best way forward. Maintaining HIPAA compliance is vitally important for your practice so taking steps to resolve security problems should be a top priority.

 

Other Articles That May Interest You

Get Reimbursed by Insurance Companies

Contact us today to ensure your office is getting paid for the work that you do.

Get Started