Help Me With HIPAA
482 episodes - English - Latest episode: 14 days ago - ★★★★★ - 61 ratingsIn today's environment of data breaches, identity theft, fraud, and increasing connectivity, HIPAA Privacy and Security rules are a responsibility to your patients and your clients. HIPAA isn't about compliance, it's about patient care.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
New Security Rule Guide Coming - Ep 367
August 05, 2022 04:30 - 42 minutes - 59.7 MBAn updated version of the security rule guide that we’ve all been waiting for! NIST has developed a cybersecurity resource guide on implementing the HIPAA Security Rule. It provides key activities, descriptions and sample questions to help covered entities and business associates comply with the HIPAA Security Rule. This guide has tons of good information in it. So, listen in as we discuss some of the cool stuff we picked out. More info at HelpMeWithHIPAA.com/367
OCR Mic Drops With 12 Cases - Ep 366
July 29, 2022 04:30 - 1 hour - 84.1 MBOCR recently announced the resolution of 12 investigations. Eleven were for patient right of access violations and one was a big dollar settlement of a security incident at Oklahoma State University Center for Health Services. Lots to cover and learn in this episode. So, pay attention, folks. More info at HelpMeWithHIPAA.com/366
660 Providers Hit At Once - Ep 365
July 22, 2022 04:30 - 50 minutes - 70.8 MBToday’s podcast episode is all about why we worry about supply chain issues, why we keep talking about the HiC SCRiM guidance, and why the first day of the PriSec Boot Camp is supply chain risk management. We’ll review several supply chain breaches, one where there were 660 providers hit at once. As you probably have guessed, these breaches involved ransomware attacks. More info at HelpMeWithHIPAA.com/365
6 Vendor Transition Tips - Ep 364
July 15, 2022 04:30 - 45 minutes - 64 MBIt can be a stressful time when you are adding a new vendor or switching vendors for your critical services. This is the time to create a plan and do a risk analysis to make sure everything gets transitioned and set up properly. Things can go wrong if there’s no plan in place. Today, we review some tips to help you prepare for a vendor transition. More info at HelpMeWithHIPAA.com/364
Cyber Insurance Applications Are Intense - Ep 363
July 08, 2022 04:30 - 54 minutes - 74.5 MBWhen you're shopping for cybersecurity insurance, the applications can be intense. You'll need to provide a lot of details about your current security protections, and you may be asked to complete a security audit. This is because insurance companies want to be sure that they're not insuring businesses that aren't doing everything they can to protect themselves from cyber attacks. This episode we discuss what questions you may encounter on your cyber insurance applications.
4 Ransomware Stats For Planning - Ep 362
July 01, 2022 04:30 - 38 minutes - 54.2 MBRansomware tactics are constantly changing. Understanding the protections we use today will not be enough down the road is key. We must constantly adjust and adapt our security protections to protect against these attacks. Today, we are going to discuss ransomware stats and key points from two recent reports that can help you create a response plan for ransomware attacks. More info at HelpMeWithHIPAA.com/362
No More Passwords FIDO - Ep 361
June 24, 2022 04:30 - 49 minutes - 69.5 MBWe use passwords for everything. Creating a unique, secure password for every website and application is hard to remember, right? So, why hasn’t someone figured out how to get rid of passwords? Well, today we are going to talk about the FIDO password killer solution. More info at HelpMeWithHIPAA.com/361
What Would You Do? - Ep 360
June 17, 2022 04:30 - 47 minutes - 66.6 MBHow many of us know what we don’t know, or at least, willing to admit we don't know what we don't know? Today, we are going to find out as we cover a few potential data breach scenarios and ask “what would you do - report it or not?” More info at HelpMeWithHIPAA.com/360
6 Takeaways 2022 Verizon DBIR - Ep 359
June 10, 2022 04:30 - 53 minutes - 74.3 MBToday, we are going to give you our six takeaways from the 15th annual Verizon Data Breach Investigation Report. We like these reports because they give us an indication of what's going on in the cyber world, what we need to be looking for and looking out for. More info at HelpMeWithHIPAA.com/359
How Do They Get In? - Ep 358
June 03, 2022 04:30 - 49 minutes - 68.6 MBWe get this question all of the time: How do they get in? How do the bad guys get in and attack my network? Seems like a simple question, right? Well there’s not always a clear cut answer. The first thing you need to understand is that cybersecurity isn't a problem you solve. It's a chronic condition that you have to manage. More info at HelpMeWithHIPAA.com/358
MSP Customer Alert - Ep 357
May 27, 2022 04:30 - 55 minutes - 77.1 MBRecently, a Cybersecurity Advisory was released worldwide to MSPs and their customers. We will take a look into what this guidance is, how it applies, and what needs to be done about it. This is BIG and we all better be paying attention. More info at HelpMeWithHIPAA.com/357
Everybody get on board! - Ep 356
May 20, 2022 04:30 - 52 minutes - 72.7 MBEverybody get on board because data security laws keep getting signed in states each year. The new Maryland and Kentucky data security laws are designed to help protect insurance companies from cyber attacks by implementing cybersecurity standards, developing, implementing, and maintaining a written information security program. Their service providers are also required to implement such programs which include a requirement to report cyber security incidents within 3 days of discovery. F...
10 Roles of Operational Continuity - Ep 355
May 13, 2022 04:30 - 59 minutes - 83.1 MBIncident response planning is important to every business. You don’t want to figure out how to manage the business and respond to an incident on the fly. These plans should be reviewed and updated regularly. Today we review a brand new guide from the Healthcare & Public Health Sector Coordinating Council on Operational Continuity - Cyber Incident. More info at HelpMeWithHIPAA.com/355
PriSec Teams Require Everyone - Ep 354
May 06, 2022 04:30 - 58 minutes - 82.3 MBOver the last couple years, we’ve had some high-profile cybersecurity compromises and data breaches. And this trend is not slowing down. Today, we review a recent study of the top cyber threats to healthcare organizations. The results reinforce that PriSec teams require everyone to participate. More info at HelpMeWithHIPAA.com/354
3 Tricky Places HIPAA Applied - Ep 353
April 29, 2022 04:30 - 44 minutes - 63.1 MBRecently, we’ve had a couple things come up which involved tricky places that HIPAA has applied that most people might not think of. So, we thought we'd throw them out there and have a little bit of fun discussing them. More info at HelpMeWithHIPAA.com/353
6 Ways To Make Money Online - Ep 352
April 22, 2022 04:30 - 38 minutes - 54.4 MBCybercrime is a booming business. In 2021, the US experienced an unprecedented increase in cyber attacks with criminals making $6.9 billion online. In today’s podcast, we review the FBI’s Internet Crime Report for 2021. More info at HelpMeWithHIPAA.com/352
4 Takeaways from Okta Breach? - Ep 351
April 15, 2022 04:30 - 46 minutes - 65 MBIt is crucial for every business to understand the security practices of their vendors. And also to make sure that those vendors are vetting their vendors. A cyber attack at a link in your supply chain can drastically affect your business. Evidence: the Okta breach. More info at HelpMeWithHIPAA.com/351
4 OCR Cases For Us - Ep 350
April 08, 2022 04:30 - 44 minutes - 61.2 MBHave you heard the one about three dentists and a psychiatrist walk into... an OCR investigation? OCR has announced their first set of enforcement actions of 2022, and just in time for our 350th episode. These involve patient right of access and improper disclosure violations. More info at HelpMeWithHIPAA.com/350
6 Points from HIPAA Summit - Ep 349
April 01, 2022 04:30 - 43 minutes - 60 MBDonna made many notes from the HIPAA Summit. Today, she and David will share six of her top picks, including the difference between an incident and a breach, how a “check the box compliance program” is not a privacy and security program, importance of understanding what your vendor’s incident response plans are and more. More info at HelpMeWithHIPAA.com/349
3 HIPAA Enforcement Arms - Ep 348
March 25, 2022 04:30 - 59 minutes - 81.4 MBIf you are a regular listener of the podcast, you know how Donna loves to “HIPAA-geek out” over the National HIPAA Summit each year. This year’s National HIPAA Summit did not disappoint. Today, we discuss a few points made concerning enforcement of HIPAA related cases by three arms of the federal government. More info at HelpMeWithHIPAA.com/348
One SMBs Cyber Survey - Ep 347
March 18, 2022 04:30 - 51 minutes - 71.1 MBCyber threats are a growing risk that is becoming increasingly difficult to avoid. Small and medium businesses are not immune to these cyber threats. They are a growing business risk. The first step in preventing cyber threats is awareness. More info at HelpMeWithHIPAA.com/347
6 Impacts - 1 Event - Ep 346
March 11, 2022 05:30 - 40 minutes - 55.4 MBSecurity events can have a significant impact on your business. It’s important to understand the magnitude of what’s going on and what the risks are. Having a plan in place to deal with privacy and security events can make it better, but not having one can make it worse. More info at HelpMeWithHIPAA.com/346
3 Harsh Realities - Ep 345
March 04, 2022 05:30 - 53 minutes - 72.8 MBThe harsh realities of cybersecurity are not always easy to hear, but they are the one thing that we cannot compromise on as they can have a huge impact on our lives. We must remain cyber aware and be vigilant in order to combat cyber threats. More info at HelpMeWithHIPAA.com/345
Help Me With PriSec - Ep 344
February 25, 2022 05:30 - 45 minutes - 62.8 MBKardon, Help Me With HIPAA and HIPAA for MSPs is hosting the first PriSec Boot Camp in Louisville, KY on Sep 12, 13, 14 and 15. This ain’t yo Momma’s privacy and security. It is a one of a kind event designed for those who need to understand and manage a privacy and security program. Listen to today’s podcast to learn all about it. More info at HelpMeWithHIPAA.com/344
3 Ways Encryption Fails - Ep 343
February 18, 2022 05:30 - 46 minutes - 63.6 MBEncryption can give you a false sense of security. Just because your device or your data is encrypted doesn’t mean it is secure. You have to understand how encryption works in order to understand how it doesn't work. More info at HelpMeWithHIPAA.com/343
Why Does Website Security Matter? - Ep 342
February 11, 2022 05:30 - 40 minutes - 55.7 MBSecuring your website is often overlooked in planning discussions and business risk management decisions. Building a website is pretty easy these days, but keep in mind users expect to have a safe online experience too. Just like with social media sites, a lot can go wrong with a forgotten website. More info at HelpMeWithHIPAA.com/342
4 Observations for SMBs and MSPs- Ep 341
February 04, 2022 05:30 - 56 minutes - 77.3 MBMore and more SMBs are turning to MSPs to help secure their networks, protect their assets from cyber attacks and meet compliance obligations. MSPs are looking to add new services to meet the SMB market demand. Today, we review a few of our observations for SMBs and MSPs from a recent report on the focus for small businesses in the next few years. More info at HelpMeWithHIPAA.com/341
Honeypots Get Quick Attention - Ep 340
January 28, 2022 05:30 - 43 minutes - 59.3 MBHoneypots are an important tool in the cybersecurity arsenal. They can be used to observe how attackers work and what their activities, intentions and strategies are. This information can help organizations better understand and defend against cyber attacks. More info at HelpMeWithHIPAA.com/340
5 Steps For Securing Your Social Media - Ep 339
January 21, 2022 05:30 - 42 minutes - 58.2 MBSocial media has become a very important part of our lives. It is the easiest way to connect with friends, family and even promote your business. If not secured properly, it can also be an easy way for someone to hack into your account and become “you” or be the spokesperson for your business. More info at HelpMeWithHIPAA.com/339
7 Ways To Screw Up Incident Response - Ep 338
January 14, 2022 05:30 - 38 minutes - 53.2 MBA proper incident response plan is one that details your response to a data breach, cyber attack or other event. Without a proper plan, things can go horribly awry. In this episode, we discuss the steps to properly respond to a security incident and then give you seven ways you can completely screw it up. More info at HelpMeWithHIPAA.com/338
Why You Need Asset Inventories - Ep 337
January 07, 2022 05:30 - 58 minutes - 80.4 MBThe unknown is the most dangerous. It's a saying that should be taken into account when protecting your most valuable asset - your data. Today we talk about why creating an asset inventory of your hardware, software and data is an important first step to being able to protect it. More info at HelpMeWithHIPAA.com/337
Annual Predictions Review - Ep 336
December 31, 2021 05:30 - 1 hour - 92.1 MBA new year is right around the corner. The good news is 2021 wasn’t as unpredictable as 2020, but 2022 could be tricky to navigate. It’s time for the review of our 2021 predictions and for us to set new ones for 2022. So, let’s get started. More info at HelpMeWithHIPAA.com/336
2021 Blooper Show
December 24, 2021 05:30 - 15 minutes - 21.3 MBWell, another year is coming to a close. No one will forget living through 2020. Then, 2021 said "Hold my beer." As with every year, there were ups and downs. Who knows what we will be in for in 2022. Regardless, we will continue to adjust. Thanks to Bojan and our teams who help make this podcast a success. And special thanks to all our podcast listeners. We appreciate everyone’s continued support of our efforts to educate and entertain. As we do at the end of each year, we let Bojan cr...
5 More Patient's Rights Cases - Ep 335
December 17, 2021 05:30 - 52 minutes - 72.5 MBOCR has released resolutions to five cases in its HIPAA Patient Right of Access Initiative. This brings the total cases to 25 since the initiative began. These cases continue to underscore the importance of this initiative. More info at HelpMeWithHIPAA.com/335
Secure Your SaaS - Ep 334
December 10, 2021 05:30 - 1 hour - 82.9 MBSaaS continues to grow as a popular way to deploy business applications. It is crucial for businesses to understand what data they are storing in their SaaS cloud applications and how to protect it from data breaches. So, listen to us discuss securing your SaaS. More info at HelpMeWithHIPAA.com/334
Taking the Team Approach to Privacy and Security - Ep 333
December 03, 2021 05:30 - 1 hour - 83.9 MBProtecting your company’s data is no longer optional. With so many changes in how people work today and where they are working from, keeping a low profile when it comes to protecting data won’t cut it anymore. Today, we review a recent report released by Shred-it, a secure information destruction company, called Data Protection Report 2021. More info at HelpMeWithHIPAA.com/333
HMWH Thanksgiving Team Discussion - Ep 332
November 26, 2021 05:30 - 52 minutes - 72 MBFor the Thanksgiving episode this year, we talk to the Kardon Team about the recent social engineering attack; a follow up from our Halloween episode, We Are Under Attack - Ep 328. We find out what they experienced and how they felt during and after the attack. And, because it’s Thanksgiving, we each share what we are thankful for in 2021. More info at HelpMeWithHIPAA.com/332
Secure Your Legacy - Ep 331
November 19, 2021 05:30 - 43 minutes - 59.3 MBUse of legacy software and devices plague healthcare. OCR’s recent newsletter focuses on why legacy systems are still used in healthcare organizations and provides guidance on ways to manage the risks of these systems. More info at HelpMeWithHIPAA.com/331
Don't forget about the SAG! - Ep 330
November 12, 2021 05:30 - 58 minutes - 79.9 MBThe HITECH Act added that state attorney generals can take on cases on behalf of their constituents under HIPAA. We haven’t seen that many cases from the states thus far, but that may be changing. Today we discuss a recent New Jersey case regarding fraud, deceit, misrepresentation and professional misconduct. This is an eye opening state level case that everyone should pay attention to. More info at HelpMeWithHIPAA.com/330
Do you audit your EHR logs? - Ep 329
November 05, 2021 04:30 - 1 hour - 89.9 MBInsider threats are dangerous for any organization, not just healthcare. As a result, healthcare organizations need to be extra vigilant when it comes to protecting patient data. Today, we talk with Ray Ribble, CEO of SPHER, to hear some stories about why it’s important to review EHR logs and how his company can help you identify potential insider threats. More info at HelpMeWithHIPAA.com/329
We are under attack! - Ep 328
October 29, 2021 04:30 - 50 minutes - 69.8 MBIt’s time for our annual Halloween episode! This year we will tell you a scary, true story of how our two companies were actively targeted and attacked by a cybercriminal. Hear what happened and how our teams reacted to the cyber attack. More info at HelpMeWithHIPAA.com/328
CISA Interview - Ep 327
October 22, 2021 04:30 - 1 hour - 124 MBIn today’s episode, we talk with Josh Corman, Chief Strategist Cybersecurity and Infrastructure Security Agency (CISA) at the Department of Homeland Security. We will learn about CISA and what information and freely available services they provide to help healthcare businesses and other organizations within the nation’s 16 critical infrastructure sectors from cyber attacks. More info at HelpMeWithHIPAA.com/327
Is email evil? - Ep 326
October 15, 2021 04:30 - 51 minutes - 70.4 MBEmail is a great tool for communication. It is quick, simple, and it has the potential to reach so many people in so little time. But, it can also be an easy way for hackers to get their hands on your personal information if you're not being careful. Phishing scams are one of the most popular ways that hackers use email as a tool to steal your information and cause data breaches. Email is evil! More info at HelpMeWithHIPAA.com/326
IT and cybersecurity are not the same - Ep 325
October 08, 2021 04:30 - 45 minutes - 62.8 MBIT and cybersecurity services are not the same. If you are in the market to purchase managed services or security services from an IT firm, you’ll want to listen to this podcast to understand how they are different, why they are different and why you need to understand those differences to better protect your organization from cyber attacks. More info at HelpMeWithHIPAA.com/325
Insights for Customers of MSPs - CISA - Ep 324
October 01, 2021 04:30 - 1 hour - 102 MBIn a world where people are more dependent on technology but lack the expertise to manage their own networks and systems effectively and efficiently, they turn to Managed Service Providers (MSPs). CISA has released a guide, Risk Considerations For Managed Service Provider Customers, that outlines risk considerations organizations need to consider when they partner with a MSP. We will cover this in today’s episode and we are making a big announcement that you’ll want to hear. More info at...
Consider 3 Ransomware Stories - Ep 323
September 24, 2021 04:30 - 59 minutes - 82.4 MBThere are many challenges that come with preparing for and responding to a ransomware attack. Ransomware gangs are constantly changing their tactics in order to get to your organization's data. Therefore, as the ransomware landscape continues to evolve, so too must the preparations and responses of businesses. More info at HelpMeWithHIPAA.com/323
ASPR TRACIE - Readiness and Response Planning - Ep 322
September 17, 2021 04:30 - 49 minutes - 67.5 MBYou know how we love to pass along guides and resources that can help you improve your organization's privacy and security programs. Today, we are going to review a recent resource guide put out by HHS’ ASPR TRACIE office called Healthcare System Cybersecurity - Readiness and Response Considerations. This guide is packed with very helpful tips, best practices, and resources surrounding cybersecurity and responding to cyber incidents. And it’s FREE! More info at HelpMeWithHIPAA.com/322
7 HIPAA Facts - Ep 321
September 10, 2021 04:30 - 1 hour - 86 MBSocial media is full of people who speak “confidently” about topics that they simply do not fully understand. HIPAA is one of those topics. Today, we are covering 7 HIPAA facts that we hope will set the record straight about frequently misunderstood HIPAA topics. More at HelpMeWithHIPAA.com/321
Social Engineering Tricks with William Price - Ep 320
September 03, 2021 04:30 - 53 minutes - 73.8 MBLearn 'tricks of the trade' from a real social engineering tester. We interview William Price of Cyberx.tech to learn how they are able to successfully penetrate a company's defenses and get access to their most critical information. How likely would your organization be vulnerable to these same methods? More info at HelpMeWithHIPAA.com/320
Don’t Be An ID10T! - Ep 319
August 27, 2021 04:30 - 48 minutes - 67.3 MBHave you ever heard tech folks refer to a computer problem as an ID10T error? You probably thought it was some highly technical term geeks use. Well, it’s not and today we are going to talk about a couple posts and articles where folks’ are flying their ID10T flag high and proud. And hopefully try to prevent you from making an ID10T error. More info at HelpMeWithHIPAA.com/319