As of April 8, 2014 Microsoft will end support for the
Windows XP operating system, initially released in August 2001. Microsoft and
security experts are cautioning that Windows XP users will face increased
security risks as a result of this change, largely due to the lack of new
security updates. Windows XP will be significantly more susceptible to attacks
as criminals will have free reign to exploit vulnerabilities in the operating
system without response from Microsoft in the form of security updates or
technical content updates.
As in the past, users who handle electronic personal
health information (ePHI) face a greater risk than others. Over 18 million
patient records were breached between 2009 and 2011, and a single personal
health record is now worth more on the black market than a credit card number,
social security number, and date-of-birth combined.
With strict enforcement of the HIPAA and HITECH Acts, and
increased computer hacker interest in ePHI, it is increasingly necessary for covered
entities to be confident in their ability to secure the data from threats.
Microsoft’s decision to end support for Windows XP users will make XP users
handling ePHI an even greater target for criminals attempting to exploit the
operating system’s potential new, unprecedented vulnerabilities.
LaSalle
Consulting Partners, Inc. recommends that Fund administrators upgrade or
replace any existing Windows XP computers that have access to ePHI prior to
April of next year in order to avoid exposure to potential security threats
inherent to Windows XP.
Sources:
http://www.secureworks.com/assets/pdf-store/other/infographic.healthcare.pdfhttp://blogs.technet.com/b/security/archive/2013/08/15/the-risk-of-running-windows-xp-after-support-ends.aspx
