Win10 violates HIPAA?

Guests and Members can post here, but only members can edit their posts. Debate Windows 10 here. For it, against it, you know the arguments. Hint: the more you reason out your posts, the more you pay attention to grammar and syntax and spelling, the more your thoughts will get heard. If you need help with problems, go instead to bleepingcomputer.com . They are really great folk.
Forum rules
Guests and members can post here. Only members can EDIT their posts.

Extra Smileys: http://forums.mydigitallife.info/misc.p ... _Editor_QR

Not moderated, so you are on your own. Spambots, stalkers and anti-semites will be banned without notice. Else, POLICE YOURSELF.
User avatar
brainout
Site Admin
Posts: 1831
Joined: 10 Aug 2015, 16:03

Win10 violates HIPAA?

Post: #1003 brainout
07 Nov 2015, 16:13

HIPAA is the Health Insurance Portability and Accountability Act, designed to make health insurance more stable, inter alia. Clearly a cornerstone of it, is confidentiality of data.

Win10 violates that confidentiality, and that is one of my side responsibilities to my clients, to warn them when such threats occur. That is a primary reason why I started frankforum, as this fact is a) not yet adjudicated, but b) when adjudicated, it will be too late for people who've already deployed anything (including Win10) covered under hitlerian aka.ms/msa .

BY CONTRACT, there's a violation. I don't need to see actual use, for the RIGHT of MSFT to slurp all your private data, immediately puts the Sword of Damocles over any healthcare provider and even any transcriber.

What I didn't know and you can click here to see, is whether TESTS have been done for the potential violation of HIPAA. Apparently the tests have begun.

Collateral laws of course exist for other types of confidential data. No attorney, accountant, broker, can afford to use Win10 or any of the 'services' covered under aka.ms/msa (Windows 10 incorporates aka.ms/msa wholly by reference in its paragraph 14).

So ANY THIRD PARTY CAN SUE YOU. More on this and related problems are in the main thread, click here. This thread is started to fork from it, since it focuses on HIPAA and testing Win10 and the 'services' for violation.

User avatar
brainout
Site Admin
Posts: 1831
Joined: 10 Aug 2015, 16:03

Re: UPDATES on Win10 violates HIPAA?

Post: #1294 brainout
19 Nov 2015, 08:19

JohnC_21 provided updated links on the topic, here. The links are:

http://www.averyjenkins.com/?p=1767

https://www.linkedin.com/pulse/does-win ... hoffenberg

http://blog.capterra.com/hipaa-complian ... d-to-know/


In the last link, I wrote the following, but it's not posting yet:

brainout wrote:I have to advise all my physician/medical-related clients that Windows 10 Pro is not HIPAA-compliant, no matter what the settings are (which you cannot really defeat, the updates reset your settings), because BY CONTRACT, MSFT arrogates to itself the right to slurp all your private offline data in order to police a uniquely-imposed CODE OF CONDUCT.

This CODE applies not only to Win10, but pretty much any other 'service' (like Bing, Cortana, mail, Office 365, One Drive, Skype) MSFT now panders.

Issues are explained at length, along with the links to MSFT's own original materials, here: viewtopic.php?f=7&t=59

Additionally, I've been trying to publicly disclose the danger, replete with pastes of the offending provisions (principally, Paragraph 3 of aka.ms/msa which you'll have to paste into your browser to read wholly), in ZDnet, latest admittedly-vitriolic posts here: http://www.zdnet.com/article/microsoft- ... m-critics/

The vitriol comes from having done this warning, to no avail, for four months. Instead, that last link shows a quite pathetic whitewashing of the whole issue. Since the writer is a paid spokesperson for MSFT, the issue is clearly being stubbornly ignored by them. They are trying to paint complaints as 'conspiracy nutters', 'tinfoil hatters' and bullying us as if we cannot read. So there, extensive pastings of the offending EULA provisions are provided. And, not refuted.

So you know where to reach me, if you want details. Anonymity protects my clients, but you can reach me, as provided above.


Will update this thread if anyone comments back and I find out about it.

User avatar
guest
Posts: 144
Joined: 12 Nov 2015, 23:39

Re: Win10 violates HIPAA?

Post: #1300 guest
19 Nov 2015, 13:05

Wow. I hadn't even considered HIPAA. This MS 10 really is bad business.
Last edited by guest on 19 Nov 2015, 13:07, edited 1 time in total.
"Do not worry then, saying, 'What will we eat?' or 'What will we drink?' or 'What will we wear for clothing?'---Jesus Christ


"You seem to think because you have chicken to go you're in luck."---G. Lightfoot

User avatar
brainout
Site Admin
Posts: 1831
Joined: 10 Aug 2015, 16:03

Re: Win10 violates HIPAA?

Post: #1451 brainout
28 Nov 2015, 21:30

Updated post and summary, [url=http://www.bleepingcomputer.com/forums/t/596799/windows-10-holds-your-medical-and-health-records/?p=3874537click here[/url].

Outdated betanews article on operational basics for compliance (not guaranteed, think of it as a kind of guide), [url=http://betanews.com/2013/09/02/5-big-myths-surrounding-computer-security-and-hipaa-compliance/]click here[/url].

User avatar
brainout
Site Admin
Posts: 1831
Joined: 10 Aug 2015, 16:03

Re: Win10 violates HIPAA?

Post: #1452 brainout
28 Nov 2015, 21:37

Well, I tried, using this link, to help NEMT with the issues, but I don't know if my comment went through. Their link is here.

brainout wrote:Links where I'm trying to assess the same question for my physician clients include the 'website' (master listing of the EULA provisions), and http://www.bleepingcomputer.com/forums/ ... ?p=3874537

which is my latest 'position' on the issues, and

viewtopic.php?f=7&t=393

where the topic is ongoing.

Basically, due to the EULA ('website' link), it won't matter WHAT the telemetry is, as the contract breaks HIPAA, authorizing data slurping at any time MSFT wants for whatever reasons it wants.. apart from patient pre-consent.

So I'm advising my clients to avoid Windows 10 AND all the 'services' listed in aka.ms/msa . For I don't want them to be sued, nor me for giving bad advice.

Notice: doesn't matter how good/bad Windows 10 might otherwise be; doesn't matter what telemetry is; the RIGHTS to slurp all your private offline data without exception, are part of the contract.

Hope this helps.