Comment by abustamam
3 days ago
When I used to work as a technician at a medical school circa 2008, updating OS versions was a huge deal that required months of preparations and lots of employee training to ensure things like this didn't happen.
Not trying to say that you could have prevented this; I would not be surprised if Windows 10 enterprise decided to "helpfully" turn on auto updates and updated itself with its fun new "features" on next computer restart.
Why even use windows at that point? You can train your employees to use other operating systems that won't have dark patterns to leak sensitive data.
Can't speak for the medical school but my guess is familiarity. Can't remember what the Mac landscape was like at that point but it probably wasn't vetted enough for HIPAA. And windows 7 wasn't that shitty at the time.
And even so, let's say they didn't use Windows — I'd still expect the same rigor for any operating system update.