Microsoft ends support of Windows Server 2008
After 12 years on the market, Microsoft ended its extended support of Windows Server 2008/2008 R2 in January 2020. This means Microsoft is no longer issuing security fixes or patches for labs that are still using the once-popular platform.
As a result, affected laboratories are more vulnerable to viruses, malware, and cyberattacks. These labs are also risking HIPAA compliance, and that is reason enough to upgrade to a new operating system as soon as possible.
What is End of Life/End of Support?
Microsoft products don't last forever. Inevitably, the software giant releases new editions of its popular platforms. As time goes by, Microsoft eventually abandons the support of its older programs, and that milestone is called end of support, or end of life.
When Microsoft software reaches end of life, Microsoft ceases to address any remaining or newly discovered vulnerabilities. As noted in this Trend Micro report, end of support means organizations must prepare to deal with compliance issues, missing security updates, malware, and other non-security bugs.
Because Windows Server 2008 reached its end of support date in early 2020, labs still running the outdated system have continued to operate for more than a year with no patches for security issues or notifications of new vulnerabilities.
For example, users would have missed the news late last year that a security researcher discovered a new Windows Server 2008 vulnerability that would give bad actors access to system-level privileges.
With the amplified threat of data breaches and ransomware, any lab still running the old software should be looking to upgrade immediately to a new system that improves security, protects patient information, and meets the hardware requirements of their current laboratory information system.
Security risks, regulatory compliance, and patient safety
The HIPAA Security Rule requires labs to maintain administrative, technical, and physical safeguards for protecting electronic patient health information, or ePHI. According to the U.S. Department of Health & Human Services, labs must:
- Ensure the confidentiality, integrity, and availability of all ePHI they create, receive, maintain, or transmit
- Identify and protect against reasonably anticipated threats to the security or integrity of the information
- Protect against reasonably anticipated, impermissible uses or disclosures
- Ensure compliance by their workforce
Because of the increased likelihood of a data breach or other cyberattack, labs using Windows Server 2008 are putting ePHI at risk.
A security breach would have ramifications for the lab, its providers, and most importantly, its patients. With all of this in mind, any affected laboratories should upgrade their servers as soon as possible to a more modern operating system.
Upgrading your lab security network
Fortunately, laboratories don't have to navigate this challenge alone. CompuGroup Medical offers servers and workstations that are pre-configured to meet the requirements of its lab software, including the CGM LABDAQ Laboratory Information System.
With the end of support for Windows Server 2008, many CGM lab clients are staying up to date by upgrading to CGM servers and workstation computers.
Currently, this CGM lab hardware is equipped with Windows Server 2019 or Windows 10 Pro. Both operating systems help your lab maintain compliance and meet the requirements of software such as CGM LABDAQ.
Are you an existing client, or is your laboratory considering a new LIS?
Contact us today to learn more about our leading lab management software, and make sure your lab is maintaining its compliance with up-to-date servers and workstations running on secure, modern operating systems.