A risk assessment should discover out-of-date software which is a security risk. The HIPAA Security Rule requires covered bodies to carry out a risk assessment to identify potential security weaknesses that could place the confidentiality and integrity of ePHi at risk.
From Wednesday January 12, 2016., any employee of a HIPAA-covered body that continues to use Internet Explorer 10 or below, will be in violation of HIPAA Rules. It would not be advisable to delay upgrading the browser for much longer.
They are not likely to suffer a drive-by malware attack if they do not upgrade their browser this week however, over time, the security risk will heighten. Users of IE 8,9, and 10 should upgrade promptly. Microsoft recently issued a warning saying continued use of IE 10, 9 and 8 would leave users “at risk of viruses and other malicious software that exploit security flaws and bugs in the browsers.”įigures from and Duo Security put the level of Internet Explorer users with IE10, or lower, installed at between 20% and 36%. Vulnerabilities are identified that are not patched, and hackers are likely to be able to take advantage of this weakness. Whenever software is discontinued, and support and security patches are stopped, that software carries security risks. Any user who has not yet upgraded now has just two days remaining before their browser officially becomes obsolete.
In mid-2014, Microsoft revealed that its internet browser updates for IE8, IE9, and IE10 would be coming to an end.
All users of Internet Explorer must switch to Internet Explorer 11, or make the switch over to Microsoft Edge, in order to continue receiving support, security updates, and patches. Microsoft will be stopping support and security updates for Internet Explorer 8, 9 and 10 as of Wednesday January 12, 2016.