About

TechNation is the primary monthly magazine and ultimate resource guide for over 12,000 medical equipment service professionals. Its diverse editorial and information helps biomedical, HTM, imaging and I.T. professionals keep their finger on the pulse of the healthcare technology community, helping advance their careers and further their profession.

Register Now: Modernizing HTM Economics | April 22
TechNation.TV | HTM Jobs | Right to Repair | Advertise
Subscribe

Networking Notes: The End of Windows 10

6 Mins Read

By Garrett Seeley and Richard Thai

As we write this, the Microsoft Windows 10 Home Operating System (OS) is officially transitioning to end of life (EOL). It will be out of support as of October 14, 2025. Security updates, virus patches, fixes, or additions from Microsoft for the Windows 10 Home user will no longer be available. As of now, the Windows 10 Enterprise (for businesses) and the Windows 10 IoT (Internet of Things) versions are considered Long-Term Service Channel (LTSC). LTSC is scheduled for end of service on January 12, 2027, with options to extend to 2032. Fortunately, Enterprise and IoT are common operating systems for medical devices, but the end of support for the Home OS may still affect some devices. As a result, some medical devices will require updating to the newer Windows 11 OS. This will depend on what the original equipment manufacturer (OEM) has verified will work for each medical device.

UPDATES VS. UPGRADES
An update is a minor incremental change to software or hardware for security patches and bug fixes. We use updates to make small adjustments to an existing OS, allowing it to function better or adapt to newer hardware. Updates support device stability and security. The problem with updates is the labor cost. Older software is expensive to continually update, and hardware changes eventually force full OS rewrites.

An upgrade, by contrast, is a major operating system replacement. It would include more features and improvements as well as changes to the look and feel of the system. It is a full replacement of software. This is a great option to reinvigorate the operations of an older device. There is only so much that can be done to adapt a new OS to an older medical device. Eventually, all operating systems go out of support and require replacement.

OS LIFE CYCLE
It’s a familiar scene: The hospital gets a unit that runs faithfully for eight years only to have its end of life occur. This progress is driven by several factors: advancements in hardware, new techniques for old medical processes, or loss of parts support. The field often pushes for new equipment.

An OS used in medical devices follows the same pattern. It must be repaired and maintained as a component of the overall medical device. This is done with updates. The medical device lifespan is around 10 years. A standard OS life cycle is five years. It is anticipated that the OS would be upgraded once during the medical device life cycle.

Remember that with LTSC, this is not always true. We can sometimes extend the lifespan of certain devices beyond the 10-year range. This will depend on device upgradability and network security. Additionally, we also must do update maintenance for medical-purpose workstations. As a rule, life expectancy for workstations is five years with no upgrade to the OS. This is due to the expected workstation life cycle of a typical five-year replacement. Older medical devices with out-of-support operating systems can continue to run; however, doing so is labor intensive. Monthly security scans are recommended on an outdated OS. This motivates us to replace units that cannot be upgraded. OEMs will check the compatibility of OS upgrades with their equipment and certify any upgrades. A lack of upgrades authorized by the OEM can determine when equipment needs to be replaced. If there are no alternatives to updating or upgrading OS, the equipment itself may be deemed end of life.

UPGRADE PROCESS
When there is an upgrade for legacy biomedical equipment that does not require system replacement, the upgrade may have to be purchased. Once procured, a kickoff meeting will be held with the vendor and the service provider to find the best time to schedule downtime and the upgrade. The manufacturer upgrade must have been tested to be compatible with their systems. FDA requirements stipulate that the upgrade must not make a substantive change to the device.

VHA facilities have internal checks to perform when upgrading an OS. We must check if there is an Environmental Risk Assessment (ERA) approved of the new OS and, if not, we must submit an ERA update request. This is reviewed to ensure it complies with the network security policy. If physical media like a USB drive is used, it needs to go through media scanning before it can be used on any upgrade. Any backups must be made and saved before performing upgrades, and once the upgrade is complete, tests need to be done to ensure the device is in operational order as well as communicating correctly with the network. This all takes labor and must be documented as devices work in the greater hospital system. It may seem exhaustive, but these are best practices to make sure that the OS upgrade doesn’t affect the hospital overall.

REPLACEMENT PROCESS
It is important to note that this whole process would only breathe new life into a legacy system rather than replace it. This is the last point I’d like to focus on, mainly because there is a new phenomenon: retiring devices due to their embedded operating systems. Some operating systems are built into devices and are not upgradable due to the design of the device. This is especially true for Internet of Medical Things (IoMT) devices, such as home-use patient monitors.

Consider a device that is only seven years old; however, when purchased, it was with the Windows 7 operating system. Let’s assume the device is functional; in fact, it’s the physician’s preferred device. The only issue is that the operating system is out of support and the OEM has no upgrade options. In these cases, the only course of action is to fall back on routine security scans. Additionally, previous articles covered how to isolate the unit through VLAN and ISE settings if applicable.

The bottom line is that an out-of-support OS is a death knell to a medical device. The unit needs to be replaced as soon as fiscally possible. If networked, the device is vulnerable to attacks and poses a security risk.

CONCLUSION
The bottom line is that Windows 10 is going away and that will cause us to update or replace existing devices. The process involves significant planning and compliance checks to ensure continued device operation and network security. There will be some devices that we can easily upgrade. Some devices, especially those with an embedded or non-upgradable OS, may have to be retired, particularly if they pose security risks. Proper network maintenance and security scans will help to extend the usage, but only temporarily. Ultimately, coordinating with OEMs is an essential step for managing the life cycle of these devices efficiently.

Garrett Seeley, MS, CBET, is a biomedical equipment support specialist-imaging with VISN 17: VA North Texas Health Care System, Dallas Veterans Affairs Medical Center.
Richard Thai is a Biomedical Engineer with VISN 17: VA North Texas Health Care System, U.S. Department of Veterans Affairs.
Share.

Related Posts

Add A Comment

Leave A Reply

X