Windows 10 and HIPAA Compliance

Has anyone seen anything from Microsoft regarding the intrusive practices they outline in the privacy statement versus HIPAA-compliant businesses using their software?  I haven't been able to find an answer anywhere.  I have a healthcare business, and a violation of HIPAA and HITECH rules could bankrupt me.  If I violate them knowing that I was committing a violation -- as in installing software that openly and plainly states that it will snoop through my private files and emails -- then I face not only fines but jail time.  I have not been able to find anything on the net that says I will be able to turn off ALL of the intrusive snooping ability that has been built into Win 10, and what I'm seeing is warning that if things are turned off, I will lose a lot of the functionality of the new system.  I'm stuck in a catch-22, though: by law I have to maintain my computer systems with the most up-to-date versions of my software, but I'm not about to install something that could send me to jail.  Can anyone get anything from Microsoft about this?

So, the Mods have moved this from the Question forum to the Discussion forum.  I don't want to "discuss" this, I want an answer from a Microsoft official as to whether or not Windows 10 can be made HIPAA compliant.

I'd also like to have an answer to this, because I work in software development projects that frequently require me to sign non-disclosure agreements. So I'm concerned that if I were to install the OS and click "I agree" in the agreement that outlines Microsoft's intentions to invade my privacy, I'd be breaking the terms of all of my NDAs and potentially get me in some serious legal trouble with clients.

I play a lot of games on PC. I hope that game developers realize that such horrendous violations of their privacy and the potential of Microsoft's new OS legally stealing all their intellectual properties is just unacceptable and the entire industry will end up boycotting all the "exclusive" features of the OS.

P.S Remember to use secondary accounts on proxies to see if threads like this get "shadow banned" -ie. Microsoft ends up hiding threads they don't like from everyone except the people starting them.

Here is a very simple front-end solution, which will require Microsoft to work on a not-so-easy back-end service update, which can minimize the probable pending monetary class action lawsuit that is brewing…

Let’s use an analogy.

Open up Windows Explorer.

Right click (non-primary click) on the Drive C (or the OS drive or a drive where there are files).  Left click Properties.  There at the bottom of the Local Disk Properties window there is a check mark for ‘Allow files on this drive to have contents indexed in addition to file properties.’  Modify that check mark and it will ask if to apply the new setting to all directories and subdirectories.

This would be an ideal spot to put an option to sandbox the files from Cortana where Cortana would not have the permissions to read or write specially marked drives.  Also, this could be implemented on a file-by-file basis via the dropdown dialog options.

Let’s see what Microsoft chooses.  Lawsuit then make changes, encourage politicians to create an exemption in regulations, or be proactive, like Bing.

So far I have been unable to find anything myself. My partner, who has been in IT for 30 years, had a colleague take a look at various sysadmin resources. It appears that locking down Windows 10 to comply with HIPAA will require quite a lot of work. Per recent remarks from Microsoft, it appears that only those running the enterprise edition will be able to completely disable telemetry. Though they do not advise it. 

I wonder if Microsoft realizes that  there are many professionals and business people who are in regulated industries that require that they not have data going out that they cannot account for, and that they may be running Windows Pro, and not up to the cost and hassle required to run the Enterprise version. Many mental therapists, psychologists, lawyers, accountants, social workers, are solo providers or in small practices and are not in a position to maintain IT staff. (Plus there are people who you don't think are covered by HIPAA - like licensed massage therapists - but who are.)

The one local partner I contacted who did support small healthcare practices is no longer doing so, evidently in part because healthcare practices are being squeezed (but that is another discussion). After talking to two Microsoft partners about this and other areas around using Microsoft products with HIPAA, I have decided that Windows is not cost-effective for me to run anymore. I'm currently in contact with the business unit at my local Apple store and will be retiring my SP3 from the practice as soon as I can put another solution in place. 

I'm very disappointed. I invested money and time in Microsoft. In the long run it seems they have little interest in small business. 

As far as I can tell, Windows 10 out of the box will violate HIPAA.  The reason: unless you bind your installation to a domain that has the business Microsoft account available to you, Windows 10 (with Cortana) will literally share any search results you conduct with Bing.  So if you do a records search containing private medical information on a non-bounded Windows 10 installation, your search is going to hit BING and get recorded.

So I advise you, and anyone else bound by HIPAA, to stay far, far, far away from Windows 10.  There is no escape from it: you do a search, it's on Bing.  Pray that you don't search for private for information on your local storage and have it indexed by Bing for all to see.

You are warned.

i will not be running windows 10 it steals your info and a lot more it does come with a virus and a keylogger that microsoft said it was only in the beta but avg and viper and more virus program have find it in the new update that takes you to full windows 10 they get all you do in windows 10 and that in Violation of Laws of the usa

now i think if microsoft was to atke out the spyware and the cloud and put the start menu like it is in windows 7

then yes they will have a great windows 10 but if not it is going to be the biggest flop you have seen great then windows 8 but they do not hear up people they want your info so they can give it to anybody you see i think windows 7 is great i want and paid for windows 8 boy that was **** and yes i did download windows 10 pro from microsft got a virus and a keylogger in it and my new 2015 printer does not work at all in windows 10 and that good one for last i paid for gta 5 from game stop and windows 10 said it was hacked and it did that on a lot of my pc games that i paid for or it said not 32 bit and i am running windows 64 bit windows to me is ****

do not upgrade to it not before they fix the private mess they made

Why are you posting this drivel in a thread about HIPAA compliance?  This has nothing to do with PC gaming.

Discussion Info

Last updated May 29, 2020 Views 12,700 Applies to: