Help Me With HIPAA
482 episodes - English - Latest episode: 14 days ago - ★★★★★ - 61 ratingsIn today's environment of data breaches, identity theft, fraud, and increasing connectivity, HIPAA Privacy and Security rules are a responsibility to your patients and your clients. HIPAA isn't about compliance, it's about patient care.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Is it time for more regulation with Josh Corman - Ep 416
July 21, 2023 04:30 - 1 hour - 139 MBIn the epic battle between cyber threats and the healthcare industry, it's the patients who suffer the most. There is an urgent need for new regulations in the healthcare industry to address the challenges posed by outdated technology and cybersecurity threats. Today, we talk with Josh Corman about the need for new ideas and meaningful changes to protect hospitals and ensure the safety of critical healthcare functions. More info at HelpMeWithHIPAA.com/416
BA HHS Enforcement Does Happen - Ep 415
July 14, 2023 04:30 - 50 minutes - 69.1 MBBAs play a vital role in healthcare organizations as they often provide services to covered entities that require them to access PHI. But, they often don’t fully understand their own HIPAA compliance obligations. OCR recently released a resolution agreement against a BA that proves BAs will be held accountable for their obligations under HIPAA. More info at HelpMeWithHIPAA.com/415
What the heck is a CPG? Ep 414
July 07, 2023 04:30 - 42 minutes - 59.8 MBChecklists are important for many people who deal with cybersecurity. David and Donna explain that this new checklist is not just for healthcare, but for all businesses to deal with cybersecurity. They discuss these CPGs, which are Cybersecurity Performance Goals recently published by CISA, and how they can help strengthen your cybersecurity regardless of the size and complexity of your organization. More info at HelpMeWithHIPAA.com/414
Where do we go from here? - Ep 413
June 30, 2023 04:30 - 1 hour - 88 MBHealthcare cybersecurity is no walk in the park! Today, we explore the release of the "Health Industry Cybersecurity Recommendations for Government Policy and Programs" by HSCC. It provides suggestions and ideas on how government policy and programs can support the health sector in beefing up their cybersecurity defenses to help keep our health systems safe from cyber threats. More info at HelpMeWithHIPAA.com/413
Vacay and Holiday Security Tips - Ep 412
June 23, 2023 04:30 - 41 minutes - 58.7 MBVacation is a time to relax and get away from everyday worries, but it's important to take steps to ensure that your cybersecurity and privacy are not at risk. Today, we will review vacation and travel security tips from the National Cybersecurity Alliance to help you stay safe during your travels. More info at HelpMeWithHIPAA.com/412
6 Pitfalls NIST Noticed - Ep 411
June 16, 2023 04:30 - 56 minutes - 77.4 MBWhen it comes to cybersecurity, It is important to understand who your audience is and how to communicate effectively with them. Today, we discuss an article on the cybersecurity pitfalls written by Julie Haney, Usable Cybersecurity Program Lead at NIST, and the importance of involving everyone in a team approach to protecting patients' information. More info at HelpMeWithHIPAA.com/411
SMB Cyber Resources - Ep 410
June 09, 2023 04:30 - 58 minutes - 82 MBCybersecurity is a big challenge for all businesses these days. Regardless of the size of the business or industry it’s in, hackers are continuously trying to exploit weaknesses to gain access to networks and data. NIST and CISA have some new resources and guides that can help small and medium size businesses face the growing cyber threat. More info at HelpMeWithHIPAA.com/410
6 News Stories - Ep 409
June 02, 2023 04:30 - 44 minutes - 63 MBYou know how people say “it’ll never happen to me”? Well, today we are covering six news stories that chances are will affect you either directly or indirectly in some way. We’ve got yet another story of a practice that doesn’t have a response plan, stories about hardware and software that are vulnerable or were hacked and even a story on how you can make a quick $10m. More info at HelpMeWithHIPAA.com/409
More Free Training and New OCR Action - Ep 408
May 26, 2023 04:30 - 36 minutes - 51.8 MBIn the fast-paced world of healthcare, where even your stethoscope can connect to the internet, cybersecurity training for everyone is an absolute must. But fear not, brave healthcare professional! There is free cybersecurity training online! Listen in and we will tell you all about two great cybersecurity training options for workforce members and clinicians. More info at HelpMeWithHIPAA.com/408
Cyber resiliency landscape - Ep 407
May 19, 2023 04:30 - 47 minutes - 66 MBWe talk a lot about understanding the current cyber threats and risks involved in not remaining vigilant in protecting against them. Today, we review the Hospital Cyber Resiliency Initiative Landscape Analysis, recently released by 405d. It provides stats and case studies from the real world. It also gives us areas we need to work on and where we need to put our investment of time and money to protect against these threats. More info at HelpMeWithHIPAA.com/407
HICP Technical Guide Changes 2023 - Ep 406
May 12, 2023 04:30 - 49 minutes - 69.5 MBHealthcare organizations are dealing with increasingly complex cybersecurity threats. With the use of technology and the presence of sensitive patient information, hackers see healthcare systems as valuable targets. Protecting healthcare systems is a major challenge. The 405(d) Task Group has updated their HICP guidance for small, medium and large organizations to help them better secure their networks and applications and manage risks to keep patient information safe. More info at HelpMeW...
405d Erik Decker Joins Us for Ep 405
May 05, 2023 04:30 - 59 minutes - 82.5 MBIt’s fitting that for episode 405 we talk with Erik Decker, lead on the HHS 405d Task Group, about the recently released Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP) 2023 edition. Since David and I are also on the 405d task group, we are excited to talk about the new updates and added resources FREELY available to help everyone prepare and fight against cybersecurity threats. More info at HelpMeWithHIPAA.com/405
False Sense of Security - Ep 404
April 28, 2023 04:30 - 1 hour - 85.4 MBGary Salman from Black Talon Security joins David as guest host while Donna celebrates her birthday in the Keys. David and Gary will explain why not being constantly vigilant when protecting network security can lead to a false sense of security. They will discuss the threats Black Talon is seeing in the cyber environment these days and via tabletop exercises they conduct with organizations as well as ways to help protect your organization from and prepare for cyber events and other crisis ...
HIPAA Summit Review Part 2 - Ep 403
April 21, 2023 04:30 - 49 minutes - 69.6 MBToday, we cover part two of our review of the HIPAA Summit. We will cover notes from a privacy officer roundtable, security tips from IT’s point of view, key points from crisis vendors and a very interesting discussion around mergers and acquisitions. Listen in to pick up where we left off from part 1 of our 2023 HIPAA Summit Review. More info at HelpMeWithHIPAA.com/403
2023 HIPAA Summit Review - Ep 402
April 14, 2023 04:30 - 55 minutes - 78.2 MBAs always the HIPAA Summit is very interesting and informative. This is the annual summit where we learn what’s going on in the “HIPAAsphere” and what things are coming down the pike. There is a lot of information to cover, so we will break this into two Help Me With HIPAA episodes. Here’s part 1 of our HIPAA Summit review. More info at HelpMeWithHIPAA.com/402
Mobile Device Security Checklist - Ep 401
April 07, 2023 04:30 - 44 minutes - 62.1 MBThe importance of mobile device security cannot be overstated. With our lives becoming increasingly digital, it is essential that we take the necessary steps to secure our devices. By doing so, we can protect our data and our privacy, while also preventing malicious actors from gaining access to our accounts. More info at HelpMeWithHIPAA.com/401
8 Things We Learned - Ep 400
March 31, 2023 04:30 - 54 minutes - 76.7 MBWe made it to 400 episodes! We have done, heard and learned a lot. Today, we will discuss 8 of the most important things we have learned so far. And we still have more to learn and to share, so stay tuned! More info at HelpMeWithHIPAA.com/400
Quick Recap - Ep 399
March 24, 2023 04:30 - 35 minutes - 49.6 MBToday’s episode we are going to do a quick recap from the PriSec Boot Camp and we will discuss the recent FTC case involving GoodRx. The PriSec Boot Camp was a lot of fun and Donna’s Bourbon and Breaches was a hit with everyone! More info at HelpMeWithHIPAA.com/399
National Cybersecurity Strategy - Ep 398
March 17, 2023 04:30 - 44 minutes - 62 MBEarlier this month, The White House released a new National Cybersecurity Strategy aimed at building a more resilient digital environment that is easier to defend than to attack and that is secure and safe for all Americans. The focus is to shift the burden of defending the country's cyberspace towards software vendors and service providers and to stress how essential collaboration between the public and private sectors, as well as with international allies and partners, is for securing the ...
Does HIPAA guarantee access? - Ep 397
March 10, 2023 05:30 - 42 minutes - 59.1 MBLet's face it, family dynamics can be complicated and not everyone gets along. HIPAA is designed to ensure that everyone's health information is kept confidential and that only the appropriate individuals are given access. Believe it or not, HIPAA does not guarantee all relatives access to another relative's protected health information. More info at HelpMeWithHIPAA.com/397
How busy is OCR? - Ep 396
March 03, 2023 05:30 - 41 minutes - 58.6 MBToday you're going to get a twofer. We're going to discuss the two recent reports that OCR submitted to Congress on the state of compliance with Privacy and Security and the other on Report Breaches and Notifications. Let’s start by saying that OCR is really busy… I mean really busy. More info at HelpMeWithHIPAA.com/396
Data breach costs can be huge - Ep 395
February 24, 2023 05:30 - 49 minutes - 69.4 MBData breaches can be costly - so costly, in fact, that they can turn a business's bottom line into a roller coaster of emotion, ranging from shock and dismay to tears of dollars! But with a robust privacy and security program in place, businesses can reduce the likelihood of a data breach and the financial impact that comes with it. More info at HelpMeWithHIPAA.com/395
OLD Attack NEW Settlement - Ep 394
February 17, 2023 05:30 - 46 minutes - 63.5 MBToday, we are talking about a new OCR settlement that was released from a 2016 hacking attack on Banner Health’s network, causing a data breach of over 2.81 million individuals. We’ll review the OCR CAP. But suffice it to say… until we have more engagement from every person connecting to the internet, we will never make real progress in the battle against cyber criminals. More info at HelpMeWithHIPAA.com/394
Inside Hive - Ep 393
February 10, 2023 05:30 - 38 minutes - 54.2 MBIt's a story straight out of a blockbuster movie - an elite team of FBI agents infiltrating an underground network to thwart an international crime syndicate, saving over $130 million in ransom demands. Using their expert skills, the FBI agents were able to infiltrate the Hive network without detection and shut them down… at least for now. More info at HelpMeWithHIPAA.com/393
ChatGPT Explains Itself - Ep 392
February 03, 2023 05:30 - 55 minutes - 128 MBAI is the latest nerd language spreading wildly across… well, everywhere. ChatGPT, an automated AI-powered chatbot, is designed to provide automated conversational responses to users in a friendly and natural way. Today, we discuss and show you how ChatGPT explains itself and how it could be used in healthcare. More info at HelpMeWithHIPAA.com/392
Vendors In Your Breaches - Ep 391
January 27, 2023 05:30 - 58 minutes - 81.3 MBKnowing what vendors your BAs may use to provide services to your organization is crucial. Those downstream vendors could be the cause of a breach of your data. Signing a BAA does not prove a BA is properly securing your data. Vetting your vendors is as important as making sure your vendors are vetting their vendors. More info at HelpMeWithHIPAA.com/391
Spitballing Website Tracking - Ep 390
January 20, 2023 05:30 - 39 minutes - 56 MBUsing website tracking technology on healthcare sites can be a double-edged sword. On the one hand, it can help healthcare organizations better understand user behavior, preferences, and interests. However, if not properly secured, this technology can also put users at risk of their sensitive data being accessed and used inappropriately. More info at HelpMeWithHIPAA.com/390
Last Pass for LastPass? - Ep 389
January 13, 2023 05:30 - 56 minutes - 79.5 MBThe recent breach at the popular password manager, LastPass, has caused a lot of concern amongst its users. We ourselves have discussed whether this is the last pass we are going to give to LastPass. So, in today’s episode, we discuss what happened, what it means for LastPass users and what are some things you should do or consider doing. More info at HelpMeWithHIPAA.com/389
2 More OCR Settlements - Ep 388
January 06, 2023 05:30 - 41 minutes - 58.3 MBFor our first show of 2023 we review 2 more OCR settlements! These are the last ones released in 2022. Listen in to hear what happened so that you can learn how to avoid making the same mistakes in the new year. More info at HelpMeWithHIPAA.com/388
2022 Recap and 2023 Predictions - Ep 387
December 30, 2022 05:30 - 58 minutes - 82.3 MBThis is one of our favorite episodes of the year. We will recap our 2022 privacy and security predictions and then make new predictions for 2023. Aside from the obvious predictions like “ransomware will increase”, our predictions will give you what we think you are going to be hearing about that you should worry about in 2023. More info at HelpMeWithHIPAA.com/387
2022 Blooper Show
December 23, 2022 05:30 - 17 minutes - 25.1 MBAs is our custom, we take one week off each year from creating new content just to give us a break. It also gives our sound engineer, Bojan Sabioncello, a chance to shine while he goes through all the outtakes he deals with all year. He gets in front of the mic to share how awful we treat him yet, he is still around after all these years. Thanks to Bojan for his skill in making us sound so good every week. Thanks to all our listeners who have been with us and share our podcast with oth...
Check Your Power Outage Plans - Ep 386
December 16, 2022 05:30 - 46 minutes - 65.7 MBWhen you think of a power outage happening to you or your business, you probably think of an outage lasting a few hours. Not the case with the recent massive power outage experienced in Moore County NC recently. So, that begs the question, do you have a response plan for experiencing a power outage lasting a week or more? You should. More info at HelpMeWithHIPAA.com/386
3 New Ways Attackers Trick You - Ep 385
December 09, 2022 05:30 - 48 minutes - 67.8 MBThe holidays are upon us and everyone is getting excited about buying presents for friends and loved ones. Cyber criminals are excited too because it means even more opportunities to attack us. Today, we are discussing an article from ZDnet about three new ways attackers are trying to trick you. More info at HelpMeWithHIPAA.com/385
OCR Recognized Security Practices Guidance - Ep 384
December 01, 2022 20:00 - 49 minutes - 69.6 MBOCR recently released a video on their Recognized Security Practices initiative. The intent is to teach HIPAA regulated entities on what Recognized Security Practices is and what is required to prove its implementation in your organizations. We will review the video today and give you some key takeaways from it. More info at HelpMeWithHIPAA.com/384
3 Reasons To Be Thankful - Ep 383
November 25, 2022 05:30 - 32 minutes - 46 MBAs we celebrate Thanksgiving, we thought it would be a good idea to cover three reasons why you should be thankful. Or better yet, three situations you should be thankful that you’re not caught up in…. unless, unfortunately, you are. More info at HelpMeWithHIPAA.com/383
Cybersecurity Is Patient Safety - Ep 382
November 18, 2022 05:30 - 45 minutes - 64.3 MBThe healthcare industry is not immune to cyberattacks. In fact, it's one of the most vulnerable industries. To protect patient safety and data security, hospitals and healthcare providers need to implement better cybersecurity measures. Today, we review a paper from the office of Senator Mark Warner (VA) that discusses policy options for the healthcare sector. More info at HelpMeWithHIPAA.com/382
9 Incident Response Procedures - Ep 381
November 11, 2022 05:30 - 47 minutes - 66.3 MBWhat is your Incident Response Plan? If you said “Oh, we’ll just call IT,” then you need to listen to this podcast. We will review the October 2022 OCR Newsletter that discusses nine procedures that entities should consider including in the incident procedures. More info at HelpMeWithHIPAA.com/381
One Click That's All - Ep 380
November 04, 2022 04:30 - 48 minutes - 67.2 MBKeeping up on ways to protect your business from a cyber attack can feel intimidating, especially because of the continuously changing methods criminals use to social engineer us. The bottom line is it only takes one click at any time by anyone to open the door to the attackers. More info at HelpMeWithHIPAA.com/380
Decisions Coming Back to Haunt You - Ep 379
October 28, 2022 04:30 - 51 minutes - 72.7 MBAs you know, each year we record a Halloween episode. This year we are covering very scary decisions that have come back to haunt several organizations, including an organization’s decision not to report a cyber attack, an entity that thought they’d just stroke a check for fines assessed and everything would be OK, and a provider who posted PHI on social media. Listen in and learn what NOT to do. More info at HelpMeWithHIPAA.com/379
3 Vetting Tips Before You Download That App - Ep 378
October 21, 2022 04:30 - 42 minutes - 60 MBDo you remember the saying “there’s an app for that”? Apps certainly are cool and convenient, but can you tell whether they are malicious or not? Today, we discuss and give you some vetting tips you can use before you download apps. More info at HelpMeWithHIPAA.com/378
Are Connected Devices Secure? - Ep 377
October 14, 2022 04:30 - 49 minutes - 67.7 MBMore and more the healthcare industry is using connected medical devices that do cool things, like creating efficiencies in the delivery of patient care and automating tasks for healthcare providers and their staff. But, what about the security of these connected devices? Has anyone thought about that? Well, Ponemon and Cynerio did a study on just that topic and the results are very concerning. More info at HelpMeWithHIPAA.com/377
3 Dental Offices Learn About OCR - Ep 376
October 07, 2022 04:30 - 47 minutes - 67 MBOCR’s right of access initiative keeps on churning with three more cases, making a total of 41 violations of patient right of access so far. Dentists are a known problem when it comes to doing anything for HIPAA privacy and security, including right of access requirements. But, they are quickly learning all about OCR enforcements of HIPAA violations. More info at HelpMeWithHIPAA.com/376
Cost of a Data Breach 2022 - Ep 375
September 30, 2022 04:30 - 51 minutes - 71.7 MBEvery year we review the Ponemon Institute’s Cost of a Data Breach report. It's always interesting because we learn that it's not just about the money. We learn what really makes a difference in our privacy and security program, what we can do that can make the biggest positive impact in the overall cost or a data breach and, more importantly, what things make the biggest negative impact. More info at HelpMeWithHIPAA.com/375
5 Signs Your Org Is At Risk - Ep 374
September 23, 2022 04:30 - 47 minutes - 66.3 MBWe follow a lot of the Ponemon studies. They help us see changes and trends and make better recommendations to our clients. We are going to cover their annual cost of an insider breach study. This global study covers insider incidents and provides five signs your organization is at risk. More info at HelpMeWithHIPAA.com/374
New Goal: Cyber Resilience - Ep 373
September 16, 2022 04:30 - 55 minutes - 78.1 MBThe ongoing, rapidly changing cyber war has created a need for us to change our viewpoint on cybersecurity. Yes, we need to worry about cyber hygiene and continue working on ways to secure our systems, networks and data. However, there is also a need to take the “plan for the worst but hope for the best” approach and start focusing on cyber resilience. More info at HelpMeWithHIPAA.com/373
Trashy Privacy Violations - Ep 372
September 09, 2022 04:30 - 41 minutes - 57.6 MBDavid admits that as a kid he would dumpster dive for “treasures” people threw away. We’ve heard more than once of clients who have gone dumpster diving to retrieve documents containing PHI that were mistakenly thrown away in the regular trash. But, a recent OCR announcement highlights one dermatology group that had quite the trashy privacy violation. More info at HelpMeWithHIPAA.com/372
Should You Be Trusted? - Ep 371
September 02, 2022 04:30 - 54 minutes - 76.1 MBShould we be questioning other people and vendors we work with about the trust we should have in them? The answer is yes. Are they protecting and securing the patient data we entrust them with? Trust, but verify is something we talk about a lot. So, I ask you… should you be trusted? And can you prove it? More info at HelpMeWithHIPAA.com/371
Privacy Assessments - Ep 370
August 26, 2022 04:30 - 45 minutes - 63.9 MBPrivacy laws are being passed in more and more states every year. Even non-healthcare businesses are finding they must follow privacy laws in the states they do business in. Conducting a privacy assessment is a great way to understand what data you have that needs protecting, what things can go wrong and then, of those things that can go wrong, which ones we can try to prevent. More info at HelpMeWithHIPAA.com/370
Amazon, Facebook, and PHI oh my! - Ep 369
August 19, 2022 04:30 - 31 minutes - 44.8 MBIn order to protect PHI, you have to know where it is stored and how it comes in, goes out and moves around your organization. This includes marketing analytic tools used on websites and patient portals. They could be transmitting PHI to social media platforms. Very unnerving, right? More info at HelpMeWithHIPAA.com/369
Free Training Tools 2022 - Ep 368
August 12, 2022 04:30 - 43 minutes - 39.4 MBIt’s that time again folks! October is Cybersecurity Awareness Month. This year’s theme is “It’s easy to stay safe online” with a weekly focus on key behaviors to help protect your important data. Using these free training tools and practicing basic cybersecurity behaviors, you are much more likely to stay safe online. More info at HelpMeWithHIPAA.com/368