Updates to our Microsoft Windows 10 Whitepaper

In February, we released a whitepaper co-authored with Microsoft which reviewed how Windows 10 can be used as a compliant operating system for healthcare organizations. If your workplace uses and/or plans to upgrade to Windows 10 Enterprise and accesses electronic Protected Health Information (ePHI), this whitepaper was written for you.

A few months after our whitepaper release, Microsoft rolled out a new update for Windows titled, Creators Update 1703 for Windows 10 in April 2017. This update furthered Microsoft’s commitment to decreasing the exposure of ePHI and sensitive information. As a result, we amended our whitepaper to provide the most up-to-date information available to our readers.


As stated above, the Creators Update 1703 for Windows 10 was designed to let users better protect devices and data in their organizations. Specifically, the update provided granular details on amended basic level Windows diagnostic events and fields along with changes to telemetry settings. Microsoft continues to be forthcoming on the user data they collect and are taking additional steps to minimize the possibility for exposure of that data. The recent update showcases their pledge to exclude the 18 Identifiers of PHI (or ePHI data) which may exist on any computer operated by a covered entity.

Why Healthcare Should Care

We live in a digital world and striking the balance between security (which may slow down processes, limit access and increase expense) and compliance can be a tricky one. Prior to Microsoft releasing the Creators Update, it was probable that ePHI data could be exposed when using telemetry settings (i.e. setting of 1 or more). Being that an operating system is the foundation of transmitting ePHI, it is important healthcare organizations have confidence in the security of their systems.

Additionally, this update was created to help basic level Microsoft Windows users and organizations of all shapes and sizes (regardless of what Microsoft software package you are using). Now, smaller organizations no longer need to be susceptible to threats. If your workplace is small in size and operating on a shoe string budget we have a few additional security recommendations that can be implemented with little/no cost required:

  • Verify your anti-virus software is up to date
  • Implement proper Policies and Procedures
  • Encrypt all mobile devices
  • Install a good firewall
  • Priority workforce training for your employees
  • Stop using XP
How to Get the Windows 10 Creators Update

If currently using Microsoft Windows 10, you will be notified you when the update is available for your device. Per the Microsoft support webpage: “When ready, users will be asked to review your privacy settings before downloading the update.” After the update is installed, your device will be running Windows 10, version 1703. If you want to install the update now, go to the Microsoft software download website, and select Update now.”

Download our Whitepaper

To receive your copy of the whitepaper and view the newly drafted Appendix B section on the Creators Update 1703, click here.

Speak Your Mind