The first week of 2018 brought us knowledge of two major security flaws that were found hiding within the internal architecture of processor chips. Spectre (yes, also the villain organization from the James Bond films) has been found to affect Intel, AMD and ARM chips, this basically covers every computer system in the world. The Meltdown bug has only been found to affect Intel processors, which as used in all Apple products. The bugs allow hackers to access information such as passwords and access to programs that the processors are queuing to open. As servers for “the cloud” contain these processors, cloud computing is affected as well. Google, Amazon, Apple and Microsoft have all stated vulnerability to these bugs.
So, what as HIPAA compliant dental professionals can we do to protect our patients Protected Health Information? At the writing of this article Apple and Microsoft have release patches to their software. However, as of January 9, 2018 Microsoft has retracted their patch for AMD processors, as the patch causes AMD Athlon and Sempron equipped computers to not boot. Both companies have acknowledged that this is not a comprehensive fix to the vulnerability. The only true fix known at this time is for Intel, AMD, and ARM to fix the hardware design of their chips. What that means for dental offices is that as soon as you receive the patches from Microsoft or Apple make sure to update your system immediately and continue to follow security protocols required by HIPAA with regards to internet usage on any computers that have access to PHI. Only go to trusted, secure websites, and only those related to the business of the practice. These sites will have a “lock” icon in the URL box. Though there is a possibly that the patches can cause computers to run slower, most users will not notice a change in performance. I have since used practice management software running on patched computers and noticed no slow down of any processes. Experts have agreed that though almost all computers and handheld devices are affected by one, or both of these bugs, the risk of a breach remains low for the average user. However, to be safe update your software and remain vigilant with regards to your electronic security protocols.