![Msert windows xp](https://cdn1.cdnme.se/5447227/9-3/screenshot_8_64e62948e087c31b4a9aa5ed.jpg)
![msert windows xp msert windows xp](https://3.bp.blogspot.com/-hhP0KwPHqJA/VIBPvOPba3I/AAAAAAAAB0k/bChJDUX5kVc/s1600/Windows-XP.jpg)
I am not a security auditor but if you can show that one machine connects to NOTHING but the other machine and only on the required ports/protocols then you should be ok. I would also try to limit USB or other removable drive access to both machines to keep your PHI from leaking. With XP, that would be through a virus or other exploited vulnerability that gets installed on that machine somehow. Ultimately you are really trying to keep PHI from leaking unintentionally.
![msert windows xp msert windows xp](https://c8.alamy.com/comp/AKBAE9/windows-xp-desktop-AKBAE9.jpg)
Certainly no Ports 135, 139 or 445 (SMB traffic). IN other words that XP machine doesn't get ANY other comms access. If it were me and I couldn’t' replace it I would put it on a VLAN with the server and firewall the interfaces on both sides, allowing just the required traffic though. I am just curious what the small business plans to do when something that connects to that machine (or that machine itself) decides to die? Pay now, pay later (when its dead and you are critically down).Īnyways. Don't know if that will work with the EMR productīlock the XP MAC address from anything other than the EMR product VLAN the offending machine from the others on the network. What I'm thinking of ( in no particular order)Īctual endpoint protection instead of the generic Comcast setup they have now(this would be a good idea regardless( I've been googling, and have seen the "Windows XP is a automatic HIPAA violation and the "Meh, its not good but do what ya gotta do" camps. The replacement hardware is over 10K< so I'm trying to come up with options.Ĭurrently the PC is not networked with the other machines, but that needs to change due to a new EMR product they're wanting to use. According to the vendor every last piece of equipment that connects to it will have to be replaced as well as the tower, no upgrades of existing machines is allowed. I'm talking with a small medical office that has one PC left running Windows XP that cannot be upgraded/replaced cost effectively.
![Msert windows xp](https://cdn1.cdnme.se/5447227/9-3/screenshot_8_64e62948e087c31b4a9aa5ed.jpg)