Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • Windows 10 Anniversary Update wants to go back to the future

    Posted on April 14th, 2017 at 07:19 woody Comment on the AskWoody Lounge

    Interesting question from JH, who is using Windows 10 1607 Anniversary Update:

    For many days the update function has been trying but failing to install KB4015438.

    Then yesterday the update successfully completed installing KB4015217 which resulted in OS build 14393.1066.

    So I figured that this newest build would stop or kill the updates for KB4015438; but updates are still trying and failing to install KB4015438 which would result in OS build 14393.969 !!

    Can you tell me what is going on?

    I haven’t a clue. Any suggestions?

  • HIPAA compliance using Win10 Enterprise

    Posted on April 14th, 2017 at 06:40 woody Comment on the AskWoody Lounge

    Here’s an excellent article about walking the thin line between modern technology and HIPAA (think: keeping private information private in the US — if that isn’t an oxymoron). From HIPAA One, Steven Marco, Arch Bear, and Markus Muller have put together an insightful analysis. From the introduction:

    In today’s computing environment, record-breaking data breaches (e.g. Premera Blue Cross with 11+ Million members breached in 2015) that include healthcare identity theft have increased by over 20% year-over-year between 2012 and 2014

    1. It is no surprise most of us feel we have lost control of our personal data

    2 . This is especially true in the healthcare industry in the form of data breaches and HIPAA Privacy violations.

    Simultaneously, massive populations of users are fully-embracing new mobile applications to store and share data across platforms. As a result, cloud computing has bridged the gap between consumer devices and sensitive data. Is there a price to pay for our love affair with cloud-based apps and mobile devices?

    As a cloud-based technology user, have you ever wondered about the safeguards protecting your personal and health information? Ever contemplated how modern operating systems like Google Android, Apple iOS and Microsoft Windows 10 access your data to provide cloud
    powered features?

    For example, Siri, the Dragon dictation cloud, Google Voice search and Docs all send voice recordings to the cloud and back while other built-in OS features share contacts between apps. How do these cloud-powered features impact these risks?

    If a medical facility utilizes voice-to-text technology (e.g. by saying “Hey Cortana”, “Siri” “OK Google”, or “Alexa”) to dictate notes about a patient, that information is automatically exchanged with the cloud. Without a business associate agreement, that medical facility could
    face a HIPAA violation. How do we combine the past 30 years of email-use, file and print sharing with today’s cloud-enabled apps securely?

    These questions and concerns are currently top-of-mind for IT and legal professionals responsible for managing electronic Protected Health Information (ePHI) while ensuring and maintaining HIPAA compliance. In light of the recent focus on HIPAA enforcement actions, hospitals, clinics, healthcare clearinghouses and business associates are trying to understand how to manage modern operating systems with cloud features to meet HIPAA regulatory mandates. Additionally, many of these healthcare organizations are under pressure to broadly embrace the benefits of cloud computing.

    Microsoft has invested heavily in security and privacy technologies to mitigate today’s threats.

    Lounger zero2dash, who posted the original link to this story, says:

    They configured the heck out of 10 AU Enterprise to not phone home, and it did it anyway. Very interesting to see all the settings they tweaked in GP but still saw all the traffic going to MS.

    Having to deal with PCI Compliance is bad enough for me; I’m glad I don’t have to try to keep our environment HIPAA compliant.

    Well worth reading (PDF).