So far I have been unable to find anything myself. My partner, who has been in IT for 30 years, had a colleague take a look at various sysadmin resources. It appears that locking down Windows 10 to comply with HIPAA will require quite a lot of work. Per recent remarks from Microsoft, it appears that only those running the enterprise edition will be able to completely disable telemetry. Though they do not advise it.

I wonder if Microsoft realizes that there are many professionals and business people who are in regulated industries that require that they not have data going out that they cannot account for, and that they may be running Windows Pro, and not up to the cost and hassle required to run the Enterprise version. Many mental therapists, psychologists, lawyers, accountants, social workers, are solo providers or in small practices and are not in a position to maintain IT staff. (Plus there are people who you don't think are covered by HIPAA - like licensed massage therapists - but who are.)

The one local partner I contacted who did support small healthcare practices is no longer doing so, evidently in part because healthcare practices are being squeezed (but that is another discussion). After talking to two Microsoft partners about this and other areas around using Microsoft products with HIPAA, I have decided that Windows is not cost-effective for me to run anymore. I'm currently in contact with the business unit at my local Apple store and will be retiring my SP3 from the practice as soon as I can put another solution in place.

I'm very disappointed. I invested money and time in Microsoft. In the long run it seems they have little interest in small business.