Originally published September 2015
How you can protect your personal and patients’ privacy and the security of information when upgrading to Windows 10
With Microsoft’s recent release of the Windows 10 operating system as a free upgrade for existing users of Windows 7 and 8, the CMPA has received inquiries from member physicians expressing privacy concerns. Some media outlets have also reported on privacy-related issues associated with the default installation settings of Windows 10. In anticipation of early uptake of the Windows upgrade within the healthcare community, the CMPA has explored these concerns which we believe can be addressed by adjusting the system’s privacy settings to provide the enhanced protection normally expected in healthcare. These adjustments are easy to do and will not compromise your computer’s performance or your ability to take advantage of the upgrade.
The default settings are designed to share personal and stored information and achieve cross-device functionality. Windows 10 adapts to individual users by monitoring their online activities and learning their preferences. Part of this learning process involves gathering location information, tracking who the user’s frequent contacts are, which applications are used most frequently, and which websites a user visits, among other things. This personalization provides each Windows 10 user with a unique and personalized experience, and at the same time generates revenue streams for Microsoft and their partners through targeted advertising. Indeed, similar data is collected by such companies as Apple and Google, as well as many social media sites which provide users with free software and services.
The CMPA recommends that Windows 10 users in the healthcare environment override some of the system’s default settings and thereby gain greater control of the privacy of your data and usage information. By following these recommendations, you can feel confident that your new Windows 10 system will respect your privacy and data in the same way as previous versions of Windows. Here’s how.
Use a local Windows account
Use a local Windows account when you log into Windows 10 for the first time. Windows 10 will encourage you to use a Microsoft online account, but Windows works just as well with a local-only account.
There are two ways to use a local account on your Windows PC. The first is to choose Local account when setting up your computer for the first time. If you chose this option when you first installed Windows, then no other action is needed and you can proceed to adjust the privacy options described in the next section. However, if you ever signed in to your Microsoft account in the past, you can disconnect it:
- On the Start menu, open Settings and then choose Account.
- Click Sign in with a local account instead.
- Create a new username and password.
- Log out and re-log in using your new credentials.
Once you are logged in to your local account, open the same section in Settings. If your Microsoft account is still listed under “Other accounts you use,” you can remove it here.
Please note that you will lose some features (notably Cortana, the Microsoft digital assistant) if you do not have an associated Microsoft account, however this is one of the safest ways to ensure your data does not get synced or shared without your knowledge.
Set your privacy options
Once your local account is set up, the next step is to review Windows 10 privacy settings. To do this, open the Start menu, click Settings and then select Privacy. On the Privacy Options page, 13 sections containing various settings are displayed. The top five settings you will want to adjust are as follows.
Speech, inking and typing
This setting is activated on the first use of the Search bar where Windows will ask if you want to start using Cortana. When enabling this setting, digital ink on tablets, voice recognition, contacts, events, and typing history can all be potentially uploaded to Microsoft and Bing to “enhance the user experience” and improve your device’s ability to correctly recognize your input, such as your pronunciation and handwriting.
According to Microsoft’s Windows 10 speech, inking, typing, and privacy FAQ page, turning off this setting, also known as “Getting to know you,” also turns off voice dictation. Given that Microsoft does not provide details about its use of the data it collects, we believe forgoing voice dictation is an acceptable compromise to obtain greater privacy.
This category of settings is enabled by default. It lets you decide whether and which applications can read or send text messages (email, SMS and MMS) from your PC. When given permission to do so, the content of the messages are uploaded to Microsoft and its Bing search engine to be further processed. Turn off this setting to enable manual control over who has access to the content of your emails and text messages.
This category is enabled by default. It lets you decide whether and which applications can access the list of contacts stored on your PC. When given permission to do so, information regarding your contacts is uploaded to Microsoft and Bing to be further processed. Turn off this setting to enable manual control over who has access to your contacts.
This category is enabled by default. It lets you decide whether and which applications can access your calendar and meeting information on your PC. When given permission to do so, information regarding meetings is uploaded to Microsoft and Bing to be further processed. Turn off this setting to enable manual control over who has access to your Windows calendar.
Feedback and diagnostics
This category controls whether Windows 10 is allowed to ask you for feedback regarding your Windows 10 experience. As in previous versions of Windows, version 10 will send diagnostic information to Microsoft for product improvement. While this functionality has been present in Windows since at least Windows XP, the big difference with Windows 10 is the new Enhanced and Full categories which send out more information to Microsoft. The default selection is Enhanced, which according to Microsoft’s Windows 10 feedback, diagnostics, and privacy FAQ page, does not collect any file content data, but does track which applications you are using. Setting this to Basic will report back only details of the Windows operating system itself.
The remainder of the settings on the Privacy tab might also collect personal information but represent a lower risk of leaking personally identifiable information. All the settings are enabled by default, but you can change the default settings as described here.
This category of settings allows you to configure whether and which Windows applications can use a unique advertising ID to identify you and learn what applications you are using. This section also controls whether Microsoft applications such as Internet Explorer, the Windows Store and the new Edge browser can send accessed URLs to Microsoft servers to check for malware on those sites, and controls whether websites can retrieve geolocation from Microsoft web browsers.
This category controls whether Location Services are available to Windows and location enabled applications. You can clear your Location History, turn Geofencing on and off, and control which applications can access Location Services if those services are turned on. Disabling these settings stops Windows and individual applications from keeping track of your physical location.
This category lets you decide whether and which applications can access and control cameras connected to your PC. By turning off this setting, you have to explicitly turn the camera on when you want to use it.
This category lets you decide whether and which applications can access and control microphones connected to your PC. By turning off this setting, you have to explicitly activate the microphone when you want to use it.
This category controls whether applications can make use of your name, profile picture and other account information such as email addresses, friends or contacts lists. If this setting is turned on, all installed applications can access and make use of this information. You can also choose which individual application can and cannot access this information.
This category lets you decide whether applications can turn on and off different types of radios (Bluetooth, NFC, LTE, etc.) on demand without your intervention. If this setting is turned on, all installed applications can control the various radios installed on your PC. You then have the option to explicitly limit which application can control the system’s radios. By turning off this setting, you have to explicitly activate the radios you wish to use.
This category controls sharing and synchronization of preferences and data with other Windows devices such as Surface tablets, Xbox, smartphones, TVs and other Windows 10 PCs associated with your Microsoft account. By turning off this setting, you have to explicitly authorize connectivity to your other devices.
Note: The Background apps section is related only to power consumption, primarily for mobile devices, so you can safely ignore this section for the purposes of privacy.
This information is provided to CMPA members for their convenience and consideration. Please note that we are not able to provide personalized technical support for members. If you need technical support for Windows or have questions about these recommendations, please consult your existing technical support resources.
You may also want to read Microsoft’s Privacy Statement for more information about the personal data collected by Microsoft.