Slashdot Mirror
Some Windows XP Users Can't Afford To Upgrade
colinneagle writes "During a recent trip to an eye doctor, I noticed that she was still using Windows XP. After I suggested that she might need to upgrade soon, she said she couldn't because she couldn't afford the $10,000 fee involved with the specialty medical software that has been upgraded for Windows 7. Software written for medical professionals is not like mass market software. They have a limited market and can't make back their money in volume because there isn't the volume for an eye doctor's database product like there is for Office or Quicken. With many expecting Microsoft's upcoming end-of-support for XP to cause a security nightmare of unsupported Windows devices in the wild, it seems a good time to ask how many users may fall into the category of wanting an upgrade, but being priced out by expensive but necessary third-party software. More importantly, can anything be done about it?"
VMWare.
They have a limited market and can't make back their money in volume because there isn't the volume for an eye doctor's database product like there is for Office or Quicken.
Kind of like college textbooks?
*ducks*
That helps with hardware incompatibility but not security.
Who cares if XP is unpatched?
Special dental application to track intervention history, show X-rays associated, etc should not communicate with the internet.
Same goes to timetables / reservations.
If they need machines connected for mobility : make an internal network.
I don't see such a problem here.
I bet a lot of that $10k fee is due to the software requiring FDA certification.
Your hair look like poop, Bob! - Wanker.
Yup. The easiest is to upgrade to windows 7 Pro or Ultimate and install XP Mode
Prevent those few computers that are running the program from touching the Internet in anyway. No networking services, web, email, ... or anything else. Make them strictly one function standalone devices.
The issue is that medical devices require certified tested/verified drivers to ensure accurate results.
Due to the changes between XP and 7, some instruments require updates software with the corresponding "certified" drivers.
I recently ran across this with pulmonary function testing software at our mine.
I work in a very large semiconductor fab that is full of dozens, probably hundreds, of DOS, Windows 2000, Windows 98, Windows ME, and Windows XP machines. They will never be upgraded or patched.
Is this stupid? Yes. Is there anything I can do about it? No.
I just got done negotiating the purchase of a 2-million-dollar piece of equipment that comes with Windows. We actually have a purchasing requirement that all software be provided with patches as necessary, including OS upgrades, and that all source code be held in escrow in case the company goes under. However, when we negotiate the purchase specs, those lines get crossed out, because the vendor refuses to comply and we have no leverage, so we buckle.
Personally I think that anyone who uses something like Windows (a desktop OS with known, SHORT service lifetime, suitable for desktop computing in non-critical applications) in an industrial tool with 10+ year lifetime, should be fired immediately, and this should have been the case from the very beginning, but I was not around back then, and it became acceptable. Nobody ever got fired for buying Microsoft, even when it's an idiotic thing to do.
My old hospital was hit by this already. They couldn't afford an enterprise license from Microsoft that allows them to pick which version of windows to install on their PC's, (hundreds of thousands of dollars), some of our critical EMR software was only XP compatibe and would not work on WIndows7. When Microsoft quit selling XP and wouldn't allow us to downgrade our Windows 7 systems, we were in a bind. We were able to find some XP licenses in the wild but still are between a rock and a hard place. FDA certification for our EMR vendors is a pain and moving to the new version of windows is hard. I have no idea how we will overcome the sunsetting of XP.
Sounds like someone has never had to use medical software. As much as the "zealots" would like to think, not everything is best run on OpenSource. It's not a troll, it's based on 15 years working with medical offices and doctors that don't have time to figure out how to get things to work. And yes, a lot of doctors offices don't have any support on staff or contract other than the EMR or EPM company they are dealing with.
My sig of choice is Marlboro
This is a really bad example to make your case. She has HIPAA data and needs to upgrade as her computer can't be patched anymore next year. No sympathy for someone with HIPAA data trying to get out of patching their system.
Now, if you had picked an example of someone who didn't have HIPAA data I'd point to options that could be done. However to be frank I am all out of sympathy for anyone in this situation. Microsoft announced end of life on this a very long time ago and frankly gave a lot longer on the EOL and support for the OS than Mac or any of the Linux variants.
This reminds me of the gas station owners put out of business by the new standards for underground tanks. They had years of advanced notice, yet they still refused to modernize something critical to their business that they knew they needed to. Time came that they could no longer be grandfathered in and all of a sudden a bunch of stations went out of business.
Why, because they didn't want to spend money for tanks that were resistant to leaks that could ruin the environment? A doctor that doesn't want to spend money to help prevent leaks (patient data) is no better than the gas station owner. It's a business expense just like any other and a business owner that refuses to give IT it's due as they should. Quit supporting IT neglect by helping people like this out.
If you can do a fresh install, this would be a good opportunity to do so:
1. Install XP from scratch, with all the latest fixes and whatnot. Get it nice and pristine with no crap milling about beyond the barebones stuff. Get the licensing happy. :-)
2. SNAPSHOT
3. Get your custom software installed.
4. SNAPSHOT
5. BACK IT ALL UP.
6. Use gingerly
"Time flies like an arrow; fruit flies like a banana." --Groucho Marx
No need to upgrade to new software, it should run on Win7. There are multiple ways to configure compatibility.
FWIW, Win7 seems to be much more friedly to this than win8.
I've had two 16-bit programs (one used for point-of-sale another a game my mom likes to play) hobbling along since win95. WinXP worked okay (some compatibility flags made it work), Win7 was a bear to make work with the printer and the point-of-sale program, and finally win8 broke both of them. No application error message, just win8 says, you can't run them anymore (the troubleshooter recommends using winxp mode sp3, but that doesn't work, nor do any of the other modes from win95, 98, me, XP-sp2, Vista, or win7, w/ or w/o administrator priviledges, or in reduced color mode). The orginal publisher of both pieces of software are no longer in business, so purchasing upgrades to the new OS is a non-starter.
I've had to downgrade two new computers back to win7 and winxp (didn't have more than one spare win7 licence, so I had to reach back to xp) to support these programs for now, but now the writing is on the wall. I'm sure that my case is not unique and given my predicament, I'm sure that there are some applications that just won't run on win7 either even in compatibility mode.
A lot of "professional" users of computers (doctors, lawyers, bankers, etc) seem to think that they gotta have really special software to handle everything they do, because everything they do is so special. Much of this is due to people who think they're smart being duped by people who are smarter into thinking they need special software. Is the solution here that these professionals need to do a better job of buying their IT support in the first place? Admittedly, there is certainly some software that has to be written for very narrow and specialized needs, but a lot of these needs can be met by pretty much off-the-shelf solutions implemented by people who know what they're doing. I think these professionals start off by trying to do it themselves (because they are smart, you know?), find that it's not as easy as they thought, and then buy into the pitch that they need REALLY smart IT people doing specialized stuff for them. I'd laugh at all this, but it's part of why our health care costs so damn much.
Well I can certainly tell that you're not a physician, as a physician I can tell you that you have no idea how many limitations, restrictions, and compliance requirements exist in medical software. The issue isn't that you need these things, sure you could host your patient information on Google docs, but when someone breaks into that it can cost you 250K per patient that is lost, there isn't an upper limit on that either, I don't see that many doctors with that kind of cash willing to take those risks. I am not saying it is better to be running on unsupported systems, but it isn't like you can go download some mysql database and front-end designed to organize your DVD collection and safely store patient information. Also most doctors don't have the time or knowledge to do it well themselves so they are stuck with what is 1) out there, and 2) compliant.
No need to upgrade to new software, it should run on Win7. There are multiple ways to configure compatibility.
"Should" is most certainly not "will". There's a piece of somewhat exotic medical hardware I have the misfortune of knowing which has drivers which only work on XP - mostly because it uses an extremely cheap and badly designed anti-piracy dongle. And no, it does not run on Windows 7 with compatibility mode, and no, it does not run in Virtual PC either. Because dongle.
(Because when a piece of hardware costs $10,000 and up, and the software which connects to it is utterly useless without that expensive hardware - because it's basically just a dial showing a readout - of course a practical use of programer time is to add an extra pointless $1 anti-piracy hardware component to stop the millions of free copies which will soon flood the intertubes. Sigh.)
Anyway, tldr, yes, this is a huge problem in medical (or any special-purpose, critical-path) software. It's written by a hybrid of Ebenezer Scrooge and Bizarro Iron Man. Exorbitantly expensive, cheaply written, full of edge cases and bugs, hugely dependent on the manufacturer's support whims, will only run or be supported on extremely vanilla OS, and built without any concept of security or ability to work with a patching plan.
And then there's actual "security" software, that runs cameras and such, and if anything that's worse.
You are not a brain: http://books.google.com/books?id=2oV61CeDx-YC
You made your bed, now lie in it.
An enigma, wrapped in a riddle, shrouded in bacon and cheese
The problem is customers. I work at a major hospital and a local consortium is looking to purchase some new medical records software, worth about $10 million.
We've been drafting the new contract for tender, and line 1 of the tender instructions is "The software will run on Windows Server 2008 R2 or Windows Server 2012 64-bit on the servers, and on Windows XP, 7 and 8 32-bit and 64-bit on the client side". I protested at this, but was told by the technical chair, that this term was not negotiable as it was a critical part of the spec; they simply did not have the in-house experience to manage a *nix system.
Later on, there was another line in the tender instructions. "The distribution of the source code of the product must be strictly controlled with appropriate audit trails for persons who have seen it, includes the source code of any 3rd party components used within the product". Again, I protested about this, but the chair of information governance and security said, that this term was non-negotiable due to the large volume and the critical nature of the data stored in this system!!
That's an awesome way to run a business.
If your business is sticking forks in your eyes.
XP mode has the same vulnerabilities as XP. Its support will stop when the XP support stops.
They announced their end of life date on the day of release. MS sets EOL 10 years from day of release on their OSes. Now, in the case of XP, it was extended. They do that sometimes. However 10 years is the norm, it is what you can count on, so it is what you plan for. Like with Windows 8 we already know the end of support date: 10/1/2023. It is always possible that will get extended, but it very well may not. So if you put an 8 system in place now, you know when you need to start thinking upgrade (at the latest).
MS is real, real, good with the support lifecycle thing. They have a standard policy, and current information is always available on their site. So planning for when upgrades need to happen is not hard.
The XP drop dead date has been a long time in coming, and is still over a year out. There has been, and still is, plenty of time to deal with it.
TFA was fine, until the writer threw this in:
And you have to remember that medical professionals are already reeling from a huge medical equipment tax courtesy of ObamaCare. One physical therapist told me of 14 medical centers that shut down because they couldn't handle the tax. And that's in Orange County. This area isn't exactly poor.
I call BS. That huge tax is 2.3%. The "14 medical centers" is an offhand rumor that doesn't pass the sniff test. In related news, a number of medical device manufacturers are blaming the device tax for their decisions to move existing and/or new plants overseas.... a tax that falls on all devices, regardless of where they're made. If Mr. Patrizio (or his Network World editor) don't like the PPACA, they can go to town. But, some research would have been nice.
Luke, help me take this mask off
It's kind of the opposite problem, but I encountered governmental agencies- for a large American city to remain nameless- who, today, continue to produce Web applications that require Internet Explorer 6 on Windows XP or earlier. When we encountered problems accessing them on 64 bit Windows 7 w/IE 9 (Compatibility Mode turned out to be the workaround), I called the head of the department in question to tell her that, well, most new machines today would be running 64 bit Windows 7 + IE 9 (or better), so it might help them to write code that didn't require IE 6.
She asked me to call her (apparently so that she could tell me something off the record) and told me that, for her department, a "new computer" was anything about 5 years old. Apparently, 5 years back, they got a bunch of Windows XP computers w/MS development tools, and that's where they still are today. Budget issues won't allow them to upgrade, so they're stuck writing code that would have been mediocre 5 years back, and is utterly horrid now. Wouldn't surprise me at all to see many governmental entities in the same boat.
-Z
The sibling post made the point about finding replacement parts for when things die. That was always my motivation for a complete system upgrade - something dieing and needing to be replaced without me digging deep enough to find something that would work with the old system.
Buy new machine running Win7/8, install free vmware/virtualbox, run specialist software in VM fullscreen. Done
Windows had its time and place and it has now passed. Now the medical community ought to embrace GNU opensource and use this Windows experience as a lesson. Proprietary systems are not there for public benefit.
"SO we bide our time, waiting for a purer kick to bloom and the future is still bleak, uncertain and beautiful" -GSYBE