Help Me With HIPAA
471 episodes - English - Latest episode: 5 days ago - ★★★★★ - 61 ratingsIn today's environment of data breaches, identity theft, fraud, and increasing connectivity, HIPAA Privacy and Security rules are a responsibility to your patients and your clients. HIPAA isn't about compliance, it's about patient care.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Attackers Enjoy Sweet Fruit of Patience - Ep 454
April 19, 2024 04:30 - 50 minutes - 70.5 MBAristotle once said, “Patience is bitter, but its fruit is sweet.” That's totally spot on when you think about cybersecurity threats and how sneaky cybercriminals can be. These attackers plant their harmful seeds and just hang back, waiting for the right time to take advantage of old weaknesses. Their patience and careful planning mean they can strike effectively, sometimes after years of waiting, showing just how tricky it is to handle digital security. It really highlights why we need to b...
Learning From The MGM Hack - Ep 453
April 12, 2024 04:30 - 57 minutes - 79.7 MBOne Friday night in September last year, a massive hack at the MGM Grand caused quite a stir in Las Vegas. Cybercriminals used tricky tactics to slip through the cracks, infiltrating the network, and disrupting services at the hotel and casino. It's a wake-up call for everyone to step up their security game and stay one step ahead in this fast-changing world of cyber threats. More info at HelpMeWithHIPAA.com/453
Mitigate MSP Risks - Ep 452
April 05, 2024 04:30 - 57 minutes - 80.7 MBMSPs are like the backstage crew for your business's IT show, handling everything from network management to cybersecurity. But here's the kicker: while they're busy protecting you, they've got to make sure they're not accidentally opening the back door for trouble with their own tools and business practices in the process of delivering their services. Security is a shared responsibility. More info at HelpMeWithHIPAA.com/452
Vendors Surprised By Vetting - Ep 451
March 29, 2024 04:30 - 1 hour - 85.8 MBIn an increasingly interconnected and data-driven world, the importance of rigorous vendor vetting cannot be overstressed. Vendors ticking a box saying that they use a framework for data security and compliance isn’t enough anymore. It is a critical due diligence process that helps clients build secure, compliant, and mutually beneficial business relationships, minimizing risks and enhancing overall business performance. And with the recent Change Healthcare attack, vendors can expect to rec...
Change HC Attack, What The... - Ep 450
March 22, 2024 04:30 - 48 minutes - 67.3 MBAs Change Healthcare ransomware attack unfolds, concerns are escalating regarding patient care and safety, pushing the Healthcare Sector Coordinating Council's (HSCC) 5 Year Strategic Plan into the spotlight. Donna and David talk with Gary Salman, CEO of Black Talon Security, on the ongoing situation, what is known and unknown, and its potential long-term effects. With the attack exacerbating issues within the healthcare system and highlighting the urgent need for robust cybersecurity measur...
HIPAA Summit Review 2024 - Ep 449
March 15, 2024 04:30 - 1 hour - 87.8 MBFor more than a decade, Donna has immersed herself in the plethora of sessions from the National HIPAA Summit, extracting a wealth of insights into the present and future landscape of HIPAA. Today, she will impart her top three takeaways from this year’s Summit, essential knowledge for navigating the road ahead. Buckle up folks, because these insights are far from trivial. More info at HelpMeWithHIPAA.com/449
Critical to Stable Condition in 5 Years - Ep 448
March 08, 2024 05:30 - 1 hour - 85.6 MBHealthcare is inherently about trust; trust between patients and providers, trust in the efficacy of treatments, and increasingly, trust in the technology that underpins modern medicine. However, this trust is under siege by an evolving landscape of cyber threats. Today, we tackle the critical status of healthcare cybersecurity and the concerted effort the Health Sector Coordinating Council Cybersecurity Working Group has developed to transition the industry to a stable posture over the next...
NIST, Moobot, Ransomware AI Impact - Ep 447
March 01, 2024 05:30 - 1 hour - 88.3 MBThe rapid advancement of AI could soon eclipse our understanding, with its capability to predict and even manipulate human behavior. Today, we will dive into how AI is reshaping our understanding and preparedness for the digital threats lurking around the corner. Plus, NIST just released guidance that can be used to help improve the healthcare sector’s cybersecurity posture and assist with achieving compliance with the HIPAA Security Rule. More info at HelpMeWithHIPAA.com/447
Insider Breach Gets Huge OCR Settlement - Ep 446
February 23, 2024 05:30 - 44 minutes - 60.4 MBOCR recently announced a jaw-dropping settlement that should have every healthcare professional on high alert. An insider breach that had staggering repercussions, leading to a monumental $4,750,000 settlement and a two year CAP. HHS has also released new cybersecurity resources and guidance and more is to come. There is no excuse anymore folks. Cybersecurity is everyone’s responsibility and OCR’s enforcement of privacy and security failures is picking up. More info at HelpMeWithHIPAA.com/...
Cyber Insurance Trends with John Miller - Ep 445
February 16, 2024 05:30 - 56 minutes - 78.6 MBImagine your cybersecurity measures as the immune system of your body. Just like our bodies are constantly exposed to germs and viruses, your business is exposed to a barrage of cyber threats. Cyber insurance is like health insurance for your company's digital health. We are joined today by John Miller of Sterling Seacrest Pritchard, exploring the crucial intersections of healthcare, cyber coverage, and the corporate responsibility of protecting sensitive data. More info at HelpMeWithHIPAA...
New HPH Sector Cyber Performance Goals Released - Ep 444
February 09, 2024 05:30 - 1 hour - 88.7 MBHHS has adapted CISA’s Cybersecurity Performance Goals, released in March 2023, for healthcare entities to better protect those in the healthcare sector from cyberattacks. These voluntary goals aim to strengthen cyber preparedness, improve cyber resiliency, and protect patient health information and safety. In this episode, we will review the HPH CPGs as they will be the basis of the proposed HIPAA Security Rule changes slated to be released later this year. More info at HelpMeWithHIPAA.co...
Small Business Cybersecurity 2024 - Ep 443
February 02, 2024 05:30 - 50 minutes - 70.3 MBIt’s no secret that small businesses face challenges in understanding and keeping up with the rapidly changing cyber threat landscape. Today we’ll discuss some of those challenges and review new free resources from NIST and CISA coming out in 2024 that can help SMBs manage and improve their cybersecurity programs. Buckle up, it’s going to be a busy year. More info at HelpMeWithHIPAA.com/443
New NY State AG HIPAA Enforcement - Ep 442
January 26, 2024 05:30 - 57 minutes - 80.1 MBWe all know that OCR is the HHS department that oversees and enforces HIPAA to ensure the protection of individuals' healthcare information. However, more and more states around the country are also making efforts to protect their constituents’ personal information and hold companies accountable for their poor data security practices. Today, we discuss recent HIPAA enforcement actions taken on businesses by the NY State Attorney General’s Office. More info at HelpMeWithHIPAA.com/442
Ban Ransomware Payments? - Ep 441
January 19, 2024 05:30 - 48 minutes - 67.9 MBThe number of ransomware attacks impacting critical services, compromising personal information and attackers requesting higher and higher ransoms continue to rise. Today, we discuss this pressing issue, implications of ransomware attacks, the ethical considerations of paying ransoms, and the urgent need for preventative measures. More info at HelpMeWithHIPAA.com/441
Privacy Week Coming Soon - Ep 440
January 12, 2024 05:30 - 48 minutes - 67.9 MBIn today’s world, it's essential to recognize the importance of safeguarding your personal information. From the moment you wake up and check your smartphone to the minute you stream your favorite show or make an online purchase, your every digital move leaves a trail of data breadcrumbs. But, you have the power to take charge of your data privacy. You can start by taking part in Data Privacy Week, sponsored by the National Cybersecurity Alliance. More info at HelpMeWithHIPAA.com/440
Recap 2023 Predictions 2024 - Ep 439
January 05, 2024 05:30 - 47 minutes - 66 MBIt’s time to recap Donna and David’s 2023 HIPAA and cybersecurity predictions and hear what their crystal ball says about what to look out for in 2024. And, since AI exploded in 2023, we asked ChatGPT for predictions for 2024 too. More info at HelpMeWithHIPAA.com/439
New HHS Cyber Plan Announced - Ep 438
December 29, 2023 05:30 - 57 minutes - 79.8 MBIt’s no secret that healthcare is vulnerable to cybersecurity threats and patient privacy and safety are at risk. Good news! HHS recently announced a plan to enhance cybersecurity in the healthcare and public health sectors. Through various initiatives, including 405(d) and other HHS efforts, plans are starting to come together like pieces of a puzzle to help practices stay ahead in the ever-evolving landscape of cybersecurity. It's time to get informed and take action to protect your practi...
2023 Holiday Blooper Show
December 22, 2023 05:30 - 11 minutes - 28 MBIt's time of year again where we take some time off and let Bojan create a Help Me with HIPAA bloopers show of our mishaps and outtakes. Stick around to the end - we have a little surprise for you. Thanks to Bojan for his skill in making us sound so good every week. Thanks to all our listeners who have been with us and share our podcast with others. We are here because of you. As always, remember, HIPAA is not about compliance, it is about patient care.
Decoding CISA's HPH Mitigation Guide - Ep 437
December 15, 2023 05:30 - 56 minutes - 78.8 MBCISA has released a mitigation guide to combat the critical and complex cyber threats affecting the Healthcare and Public Health Sector. It provides best practices, essential strategies and insights for safeguarding our healthcare infrastructure against ever-evolving cyber threats. Join us as we navigate through this important document, breaking down its complexities and highlighting its significance in the ongoing battle against cyber threats in the healthcare sector. More info at HelpMeW...
Multi-state Cyber Attack Diverts ER Ambulances - Ep 436
December 08, 2023 05:30 - 50 minutes - 70.1 MBYou know how we say that hackers love to launch attacks during the holidays because that’s when most folks are distracted and in a hurry to begin their time off? Well guess what? There are already a few cyber attacks in the news just from this past Thanksgiving. Case in point, the recent ransomware attack that diverts ER ambulance services across multiple states. More info at HelpMeWithHIPAA.com/436
Breach Equals Class Action Lawsuits - Ep 435
December 01, 2023 05:30 - 52 minutes - 73.9 MBA data breach can have significant and far-reaching consequences for both patients and businesses in the healthcare industry. Today, we delve into the impacts of a recent breach and discuss the evolving challenges of managing healthcare vendors with access to sensitive patient information. Plus, we weigh in on patient privacy concerns when it comes to the media. More info at HelpMeWithHIPAA.com/435
FBI Private Industry Notification - Ep 434
November 24, 2023 05:30 - 57 minutes - 80.2 MBIt is crucial to apply mitigation strategies to reduce the likelihood and impact of ransomware incidents due to the severe and far-reaching consequences these cyber threats can have on individuals, organizations, and society as a whole. The FBI recently published a notification highlighting emerging ransomware trends involving attacking the same victims multiple times. Listen in to hear what you can do to help reduce the likelihood of becoming a victim. More info at HelpMeWithHIPAA.com/434
CISO Security Maturity Report 2023 - Ep 433
November 17, 2023 05:30 - 53 minutes - 74.2 MBEvaluating the security posture of organizations through the lens of culture, technology, risk, and people is crucial in today's complex digital landscape. Culture sets the tone for an organization's security mindset, influencing employee behavior and awareness. Today, we review ClubCISO’s Information Security Maturity Report 2023 that evaluates the security posture according to CISOs across the globe. More info at HelpMeWithHIPAA.com/433
First OCR Ransomware Settlement - Ep 432
November 10, 2023 05:30 - 49 minutes - 69.9 MBOCR just announced its first ransomware settlement, emphasizing the importance of proactive cybersecurity measures and the implications for business associates. Ransomware threats are increasingly common, evolving rapidly and continue to target the healthcare industry which highlights the importance of healthcare organizations and their business associates to prioritize cybersecurity. More info at HelpMeWithHIPAA.com/432
Top 10 Cybersecurity Misconfigurations - Ep 431
November 03, 2023 04:30 - 46 minutes - 64.9 MBIn our rapidly evolving digital environment, cybersecurity misconfigurations pose significant threats to organizations of all sizes. Misconfigurations can expose systemic weaknesses and make organizations vulnerable to cyber attacks. In this episode, we will review a report from the NSA and CISA highlighting some of the most common misconfigurations that need to be addressed. More info at HelpMeWithHIPAA.com/431
Are Nightmares Contagious? - Ep 430
October 27, 2023 04:30 - 45 minutes - 63.3 MBWhen vendors have incidents that disrupt their operations, it’s like having ghosts haunt a business's continuity plan, just waiting to make an eerie appearance. That's why it is crucial for businesses to include vendor-related security incidents or downtime in their business continuity plans. One company’s nightmare can be contagious to its customers. More info at HelpMeWithHIPAA.com/430
Alerts Coming From Everywhere - Ep 429
October 20, 2023 04:30 - 48 minutes - 68.3 MBIn today's interconnected digital world, keeping up with cybersecurity alerts is like having a trusty, cyber-savvy sidekick by your side. As our reliance on technology continues to grow, staying ahead of the game is essential. Cybersecurity alerts are like the Bat-Signal of the digital realm, lighting up to warn you of impending threats. Proactive vigilance in the face of these alerts is not merely a best practice; it's an imperative in safeguarding sensitive data, privacy, and the integrity...
HIPAA Online Tracking News - Ep 428
October 13, 2023 04:30 - 46 minutes - 65.7 MBWeb tracking tools that collect or share personally identifiable health information can pose significant implications when it comes to HIPAA privacy and security. Unauthorized tracking can compromise patient confidentiality and privacy, potentially exposing sensitive health data. Today, we are doing a follow up from our previous podcast on web tracking tools and discuss a few recent articles and guidance released by HHS, FTC and OCR. More info at HelpMeWithHIPAA.com/428
What is a CHMSP? - Ep 427
October 06, 2023 04:30 - 47 minutes - 67.2 MBFor MSPs, grasping HIPAA compliance isn't just a good idea; it's a necessity. Neglecting it can lead to legal issues and lost opportunities in the healthcare IT sector. Picture unintentionally mishandling patient data and facing legal consequences – that's a risk you can't ignore. A solid understanding of HIPAA can boost your reputation and credibility within the healthcare industry. To acquire this essential knowledge, consider enrolling in the Certified in HIPAA for MSP (CHMSP) course offe...
4 Actions 4 Cyber Safety - Ep 426
September 29, 2023 04:30 - 40 minutes - 56.5 MBCybersecurity Awareness Month is just around the corner. It's that time of year when we all take a moment to up our game in the digital world. Whether it's creating stronger passwords, being mindful of phishing emails, or updating our software regularly, it's a reminder that our online safety matters. So, listen to this week’s podcast to find ways to keep cybersecurity top of mind and make sure our digital lives are as secure as possible! More info at HelpMeWithHIPAA.com/426
OCR Sends Enforcement Message - Ep 425
September 22, 2023 04:30 - 44 minutes - 62.8 MBAssuming large organizations with lots of healthcare clients have a proper HIPAA privacy and security program in place could be disastrous. OCR recently settled investigations with LA Care, a large health plan in California, for $1.3 million and a 3 year corrective action plan. Join us as we discuss this settlement and learn from others' mistakes. More info at HelpMeWithHIPAA.com/425
Securing Older Technologies Still In Use - Ep 424
September 15, 2023 04:30 - 46 minutes - 65 MBSecuring older, legacy technologies from cyber threats is extremely important in today's interconnected digital world. Older devices often lack the robust security features of modern counterparts, making them vulnerable targets for hackers seeking to exploit weaknesses. Today, we review HSCC’s Health Industry Cybersecurity – Managing Legacy Technology Security (HIC-MaLTS) guide that provides recommendations to address the legacy technology challenges facing healthcare. More info at HelpMeW...
Check Your Cyber Pulse - Ep 423
September 08, 2023 04:30 - 43 minutes - 61.4 MBIn the digital age, cybersecurity has become a critical concern for businesses and individuals alike. Today, we review the latest release from 405(d), Check Your Cyber Pulse. This cybersecurity cosmo quiz helps small organizations evaluate their cyber pulse regarding the 10 cybersecurity practices of HICP and decide where they should focus efforts to improve their cybersecurity behaviors. More info at HelpMeWithHIPAA.com/423
How One MSP Handled a Ransomware Attack - Ep 422
September 01, 2023 04:30 - 1 hour - 96 MBRansomware attacks have become a prevailing threat to businesses of all sizes, causing significant financial losses, reputational damage, and operational disruptions. In this episode, we talk with Robert Cioffi, COO and Co-Founder of Progressive Computing, who shares how they navigated through the Kaseya ransomware attack. He shares invaluable insights into their journey of resilience, recovery, and the crucial lessons learned along the way. More info at HelpMeWithHIPAA.com/422
Successful Data Breach Communication - Ep 421
August 25, 2023 04:30 - 46 minutes - 65 MBIn a crisis situation, organizations must be prepared to communicate effectively in these challenging situations. Karen Phillips, of Phillips & Marek, joins us to discuss strategies and best practices for managing data breaches and how to communicate with stakeholders, including internal staff, patients and the media. More info at HelpMeWithHIPAA.com/421
The Value in Evaluation - Ep 420
August 18, 2023 04:30 - 52 minutes - 74 MBAre you worried about the safety of your data and the potential security risks to your organization? In this episode, we talk with Jen Stone of SecurityMetrics to explore the importance of performing technical and nontechnical evaluations of your security program. Jen helps to explain the benefits of thorough evaluations and how they can safeguard your organization against potential vulnerabilities. More info at HelpMeWithHIPAA.com/420
2023 Cost of a Data Breach Study - Ep 419
August 11, 2023 04:30 - 54 minutes - 75.9 MBAs in years past, we dive into IBM’s 2023 Cost of a Data Breach Report. This annual study sheds light on the ever-evolving landscape of data breaches and provides valuable insights for organizations looking for ways to focus their efforts and money to help prevent and reduce the costs associated with a data breach. More info at HelpMeWithHIPAA.com/419
Does HIPAA require MFA? - Ep 418
August 04, 2023 04:30 - 42 minutes - 59.6 MBWe all know how important it is to keep our personal information and important data secure. MFA can add an extra layer of protection to our digital lives. But does HIPAA require MFA? The short answer: no, but yes. Listen in to hear how best to lock your cyber door against cyber attacks. More info at HelpMeWithHIPAA.com/418
Our takeaways from the 2023 VDBIR- Ep 417
July 28, 2023 04:30 - 50 minutes - 70.8 MBVerizon has released their 2023 Data Breach Investigations Report (DBIR). This year they focused more on an analysis of actual data breaches - the types of incidents causing the breaches, the motivations of bad actors, how they tend to carry out their attacks and what data they are grabbing. We always look forward to reading this report because it not only has a lot of great information, but also because it contains a good bit of humor. You know we like that. More info at HelpMeWithHIPAA.c...
Is it time for more regulation with Josh Corman - Ep 416
July 21, 2023 04:30 - 1 hour - 139 MBIn the epic battle between cyber threats and the healthcare industry, it's the patients who suffer the most. There is an urgent need for new regulations in the healthcare industry to address the challenges posed by outdated technology and cybersecurity threats. Today, we talk with Josh Corman about the need for new ideas and meaningful changes to protect hospitals and ensure the safety of critical healthcare functions. More info at HelpMeWithHIPAA.com/416
BA HHS Enforcement Does Happen - Ep 415
July 14, 2023 04:30 - 50 minutes - 69.1 MBBAs play a vital role in healthcare organizations as they often provide services to covered entities that require them to access PHI. But, they often don’t fully understand their own HIPAA compliance obligations. OCR recently released a resolution agreement against a BA that proves BAs will be held accountable for their obligations under HIPAA. More info at HelpMeWithHIPAA.com/415
What the heck is a CPG? Ep 414
July 07, 2023 04:30 - 42 minutes - 59.8 MBChecklists are important for many people who deal with cybersecurity. David and Donna explain that this new checklist is not just for healthcare, but for all businesses to deal with cybersecurity. They discuss these CPGs, which are Cybersecurity Performance Goals recently published by CISA, and how they can help strengthen your cybersecurity regardless of the size and complexity of your organization. More info at HelpMeWithHIPAA.com/414
Where do we go from here? - Ep 413
June 30, 2023 04:30 - 1 hour - 88 MBHealthcare cybersecurity is no walk in the park! Today, we explore the release of the "Health Industry Cybersecurity Recommendations for Government Policy and Programs" by HSCC. It provides suggestions and ideas on how government policy and programs can support the health sector in beefing up their cybersecurity defenses to help keep our health systems safe from cyber threats. More info at HelpMeWithHIPAA.com/413
Vacay and Holiday Security Tips - Ep 412
June 23, 2023 04:30 - 41 minutes - 58.7 MBVacation is a time to relax and get away from everyday worries, but it's important to take steps to ensure that your cybersecurity and privacy are not at risk. Today, we will review vacation and travel security tips from the National Cybersecurity Alliance to help you stay safe during your travels. More info at HelpMeWithHIPAA.com/412
6 Pitfalls NIST Noticed - Ep 411
June 16, 2023 04:30 - 56 minutes - 77.4 MBWhen it comes to cybersecurity, It is important to understand who your audience is and how to communicate effectively with them. Today, we discuss an article on the cybersecurity pitfalls written by Julie Haney, Usable Cybersecurity Program Lead at NIST, and the importance of involving everyone in a team approach to protecting patients' information. More info at HelpMeWithHIPAA.com/411
SMB Cyber Resources - Ep 410
June 09, 2023 04:30 - 58 minutes - 82 MBCybersecurity is a big challenge for all businesses these days. Regardless of the size of the business or industry it’s in, hackers are continuously trying to exploit weaknesses to gain access to networks and data. NIST and CISA have some new resources and guides that can help small and medium size businesses face the growing cyber threat. More info at HelpMeWithHIPAA.com/410
6 News Stories - Ep 409
June 02, 2023 04:30 - 44 minutes - 63 MBYou know how people say “it’ll never happen to me”? Well, today we are covering six news stories that chances are will affect you either directly or indirectly in some way. We’ve got yet another story of a practice that doesn’t have a response plan, stories about hardware and software that are vulnerable or were hacked and even a story on how you can make a quick $10m. More info at HelpMeWithHIPAA.com/409
More Free Training and New OCR Action - Ep 408
May 26, 2023 04:30 - 36 minutes - 51.8 MBIn the fast-paced world of healthcare, where even your stethoscope can connect to the internet, cybersecurity training for everyone is an absolute must. But fear not, brave healthcare professional! There is free cybersecurity training online! Listen in and we will tell you all about two great cybersecurity training options for workforce members and clinicians. More info at HelpMeWithHIPAA.com/408
Cyber resiliency landscape - Ep 407
May 19, 2023 04:30 - 47 minutes - 66 MBWe talk a lot about understanding the current cyber threats and risks involved in not remaining vigilant in protecting against them. Today, we review the Hospital Cyber Resiliency Initiative Landscape Analysis, recently released by 405d. It provides stats and case studies from the real world. It also gives us areas we need to work on and where we need to put our investment of time and money to protect against these threats. More info at HelpMeWithHIPAA.com/407
HICP Technical Guide Changes 2023 - Ep 406
May 12, 2023 04:30 - 49 minutes - 69.5 MBHealthcare organizations are dealing with increasingly complex cybersecurity threats. With the use of technology and the presence of sensitive patient information, hackers see healthcare systems as valuable targets. Protecting healthcare systems is a major challenge. The 405(d) Task Group has updated their HICP guidance for small, medium and large organizations to help them better secure their networks and applications and manage risks to keep patient information safe. More info at HelpMeW...