Déjà vu?  It was only 5 years ago that we saw the Windows XP “End of Life” occur.  Now, it is time for Windows 7. Windows 8’s “End of Life” will occur in January 2023.

On January 14, 2020, Microsoft will end support for Windows 7. This means if you are currently running Windows 7 on any of your computers you will no longer receive security updates from Microsoft.  These security updates and patches address vulnerabilities that if exposed could lead to losses and breaches of data.  All of this will cost your Pharmacy monies and may even lead to regulatory fines.

HIPAA Compliance

What does this mean to HIPAA compliance? This means that any pharmacy, physician’s office or other health organization running Windows 7 is considered no longer compliant with HIPAA as of January 15th. The HIPAA Security Rule requires that all organizations ensure systems maintaining and transmitting EPHI (electronic protected health information) are protected from malicious software. If you are not able to update your operating system to protect against malicious software, then it is obviously no longer secure and you are therefore no longer compliant with this requirement of the Security Rule.

HIPAA Security Rule section 164.308(a)(5)(ii)(B) states that you must implement “procedures for guarding against, detecting, and reporting malicious software.”

What do I do?

Your first step is to contact your computer and software vendors for recommendations and to find out what your options are. You may need to take steps to update your software to be compatible with newer versions of Windows. Ensuring your systems are up to date increases your overall level of security and allows them to run properly and efficiently.

If you need to dispose of any computers containing PHI, you must make sure you appropriately render any PHI on any Hard Drive unreadable and un-retrievable.  You must document the disposal process based on your Policy and Procedure: Device and Media Controls (if you are using the PRS HIPAATrack Program – members can login here).

If for whatever reason, you are still using Windows 7 and are in the process of updating to Windows 10, you need to make sure you maintain very strict controls on what software is loaded, internet usage, email usage, and ensure all antivirus, malware, firewall protections are up to date and are working at their most strict settings.

For more information about HIPAA and other pharmacy compliance solutions for your pharmacy, call PRS at 1-800-338-3688 and speak with one of our Specialists.