By now, you have probably heard about Microsoft discontinuing security updates for Windows XP effective April 8, 2014. In fact, the first vulnerability for Internet Explorer has ALREADY been announced for computers running XP! This means you will need to upgrade your computers to a newer operating system (OS). Bottom line, your computers with Windows XP using any software or hardware that accesses your patients’ Protected Health Information (PHI) are now vulnerable to hackers and malicious infection. Let's face it, while we normally talk about infection control in regard to those nasty bugs and germs on your Dental equipment, THIS type of "infection" can be equally deadly to your practice PHI security!
Under the Final Omnibus Rule the feds published in January 2013, PHI is identifying information used in connection with past, present or future medical or mental healthcare. Dental care is a subset of medical care, so this includes information used in connection with past, present and future patient Dental care.
If you have already replaced your computers running XP, congratulations on being at the cutting edge of tech security. However, you need to identify how you will dispose of those computers. Before you donate the computers to your local charity, give them to your employees or your kids, or allow your I.T. service to remove the computers from your office it behooves you to ensure the hard drives are completely wiped or destroyed. There is more to wiping a computer than moving all your files to the trashcan and emptying the trash. Unless you are highly "tech-savvy" it may be better to have your I.T. person remove the hard drive from the computer and leave it with you to physically destroy.
Are you a fitness buff? Great, get out a sledgehammer and whack away on your hard drives. You may enjoy the physical benefits of a good workout, the mental satisfaction of destroying something, that if not properly destroyed, could destroy the financial health of your practice. PLUS, you alleviate the stress you would most likely encounter from a HIPAA breach and the financial and reputational harm accompanying a breach.
Don’t worry about the computers, slap another hard drive in them, replace the operating system and you have a computer that is useful for your kids to play video games on (and that is about all it may be useful for).
Thank you Microsoft for sharing with the world one of the greatest computer operating systems of all times. It has been a great run. Now, please, give us another grand slam #microsoftwindows8sux.
I have a PC desktop and a Mac laptop. I tolerate my PC, but I love my Mac. Ever hear that "once they go Mac they never go back"? My next computers will always be Mac. Consider joining the Mac movement where proud owners merely click a button to download the latest operating system and only have to restart their computers when something goes awry. It’s food for thought, anyway.
Lastly, if you are already using another operating system, let this article serve as a reminder to check your server AND your workstations to ensure they have downloaded all the latest security patches and other downloadable updates. These are essential for maintaining the secure environment for storing your patient records on your computers.
Remember, even though an update or setting may be changed on your server many updates also need to be made on your individual computers (workstations). I.T. folks forget this sometimes. Be sure to ask them ASAP. After all, it's YOUR security, YOUR practice and YOUR responsibility when it comes to maintaining HIPAA compliance!