Feature | July 03, 2014 | Greg Freiherr

XP or Not XP — There Is No Question

Greg Freiherr

Greg Freiherr

April 8 has come and gone. Microsoft XP support is over. Our use of XP-based picture archive and communications system (PACS) should be as well. But it’s not. 

With April 8 a couple months behind us, and everyone in the PACS community well aware that XP support is finished, many XP users are still using this antiquated system. 

To see just how deeply engrained XP remains, scan today’s job postings for PACS administrators and you will see a continuing requirement for knowledge of XP.

Why? Because …

• much of PACS software is only certified for Windows XP;

• this legacy software cannot be exported to Windows 7 or 8;

• many workstations are old and will run slower, if at all, on the 64-bit Windows 7 and 8; and 

• insufficient resources have been budgeted for the upgrade. 

It’s understandable. Upgrading an XP-based enterprise PACS may entail the replacement of hundreds of PCs and their software. And that is just for PACS. XP is a core operating system (OS) for many healthcare IT systems. The cost in time and money to replace them will be huge; the testing and verification process complex.

Given this downside, it is all too easy to procrastinate, to dismiss April 8 as a soft deadline. After all, XP-based PACS worked the same April 9 as they did the day before. Microsoft didn’t pull the plug on XP — just its support.  Strapped for resources, providers can tuck their XP-based systems behind firewalls and just keep chugging along.

Eventually, however, the piper will play. And the music won’t be pretty.   

Over time, daily operations will slow, burdened by technical issues that have no solution because the underlying OS is no longer supported. Many software vendors will no longer support their XP-based products, because they will not be getting XP updates from Microsoft. And, with no more patches to fend off newly hatched viruses, spyware and other malware, security will become a nightmare. 

Microsoft is selling the idea of an upgrade to a modern OS (e.g., Windows 8.1), as providing “dramatically enhanced security, broad device choice for a mobile workforce, higher user productivity and a lower total cost of ownership through improved management capabilities.” After 12 years of supporting XP, I think Microsoft simply wants to move on. The company wants you to do the same. So does Uncle Sam.

The HIPAA Security Rule 

The U.S. Department of Health & Human Services link www.hhs.gov/ocr/privacy/hipaa/faq/securityrule/2014.html states that “any known security vulnerabilities of an operating system should be considered in the covered entity’s risk analysis (e.g., does an operating system include known vulnerabilities for which a security patch is unavailable … because the operating system is no longer supported by its manufacturer)”.

This begs the question: Why are we, as one of the most forward-thinking branches of medicine, still using a 12-year-old operating system? The end of XP should have taken no one by surprise. The transition to Windows 7 could have been accomplished years ago. Yet, here we are, on the verge of a PACS crisis that could happen one institution at a time. 

Functioning without security patches in a world fraught with cyber attacks is a sure formula for enterprise-wide failures, hacked databases, lawsuits and fines.

If you have any doubts about the horrors that can befall such procrastination, look no further than General Motors (GM) and the faulty ignition switch its executives covered up for a decade.

The clock on antiquated PACS is ticking.

Greg Freiherr has reported on developments in radiology since 1983. He runs the consulting service, The Freiherr Group. Read more of his views on his blog at www.itnonline.com.

Related Content

HHS Extends Comment Period for Proposed Electronic Health Information Interoperability Rules
News | Electronic Medical Records (EMR) | April 19, 2019
The U.S. Department of Health and Human Services (HHS) is extending the public comment period by 30 days for two...
In a demonstration on the exhibit floor of the SBI symposium, Koios software identified suspicious lesions in ultrasound images

In a demonstration on the exhibit floor of the SBI symposium, Koios software identified suspicious lesions in ultrasound images. Photo by Greg Freiherr

Feature | Artificial Intelligence | April 19, 2019 | By Greg Freiherr
Commercial efforts to develop...
Atrium Health Debuts Amazon Alexa Skill to Help Patients Access Medical Care
News | Artificial Intelligence | April 18, 2019
Atrium Health patients will now be able to use Amazon’s electronic voice system Alexa to not only locate the nearest...
Oxipit Introduces Multilingual Support for ChestEye AI Imaging Suite
News | Artificial Intelligence | April 16, 2019
The CE-certified ChestEye artificial intelligence (AI) imaging suite by Oxipit is now available in seven European...
iCAD Appoints Stacey Stevens as President
News | Radiology Business | April 16, 2019
iCAD Inc. recently announced that Stacey Stevens has been named president. As president, Stevens will have expanded...
Radiology Publishes Roadmap for AI in Medical Imaging
News | Artificial Intelligence | April 16, 2019
In August 2018, a workshop was held at the National Institutes of Health (NIH) in Bethesda, Md., to explore the future...
Cambridge University Hospitals NHS Foundation Trust Implements Change Healthcare Enterprise Imaging
News | Enterprise Imaging | April 15, 2019
Change Healthcare successfully implemented its Radiology PACS (picture archiving and communication system), Image...
Sponsored Content | Videos | Information Technology | April 15, 2019
Vital Images has developed a strategy that allows its customers to capture revenues that are otherwise missed while b