How upcoming server changes can threaten your practice's HIPAA compliance
In order to keep up with modern technologies, software companies will sometimes choose to institute End of Support, also known as End of Life, for user platforms. End of Support means that software updates and patches will no longer be available to versions of the software. Without continual updates and patches, the software and systems that rely on them will no longer be secure from hackers and breaches.
Recently, Microsoft has announced Microsoft SQL Server 2008 will experience End of Support, July, 9, 2019, and Windows Server 2008 R2 will experience End of Support, January, 14, 2020. We are urging our clients to carefully examine their current Microsoft SQL Server and Windows Server and, if necessary, discuss options with your IT support.
How and when will my practice be affected?
Every healthcare practice has to comply with HIPAA regulations, including securing electronic protected health information from unauthorized access. As electronic systems that companies use rely on or are connected to SQL Server and Windows Server, having a version that is deemed outdated and no longer capable of being updated leaves the organization open to vulnerabilities. For eye care practices that depend on SQL Server 2008, you will need to upgrade to SQL Server 2012 or higher by July, 9, 2019 in order to stay HIPAA Compliant and avoid any fees, or worse, security breaches. A practice that is using Windows Server R2 2008 will need to mitigate to Windows Server 2012 or higher by January, 14, 2020 to keep systems up to date with compliance requirements.
Contact your local IT support or IT service vendor to identify which server you are currently using and, if necessary, schedule your upgrade.