Strap in, folks—this episode charges into the wild frontier of cybersecurity, where Shadow AI runs loose like a toddler with admin access. Whether your security plan is airtight or held together by paperclips and prayers, this deep dive into the IBM Cost of a Data Breach 2025 report offers plenty to think about. From eye-popping breach costs to the cringe of unsecured AI, we’re covering the good, the bad, and the downright reckless. Spoiler: "we don’t use AI" might be the biggest myth since "the...
Aug 22, 2025•50 min•Ep. 523
You might think a single ransomware attack is just a tech hiccup—but tell that to the medical practice that shut its doors permanently because of one. In this episode, we dissect what really happens when cybersecurity goes sideways, peeling back the layers of tech jargon to expose the raw, messy fallout of a breach. It’s less “oops, I forgot my password” and more “goodbye, 12 years of business.” Let’s get real about what these incidents cost—not just in dollars, but in dignity. More info at Help...
Aug 15, 2025•44 min•Ep. 522
What do hackers, patient scams, and IT help desks with too much trust have in common? They're all making healthcare cybersecurity a lot messier—and a lot more vomit-worthy. In this episode, we dive into how bad actors are not only stealing data but turning patients into direct targets. From sneaky social engineering tactics to “I can’t believe they answered that call” level IT fails, we explore why locking down your network is only half the battle. More info at HelpMeWithHIPAA.com/521...
Aug 08, 2025•32 min•Ep. 521
If you thought AI was just about asking ChatGPT for dinner ideas, think again. This episode unpacks the next-level madness of agentic AI—those industrious bots that not only check your emails but might just decide how your healthcare practice runs. We’re talking phishing attacks on steroids, decision-making algorithms with questionable judgment, and the jaw-dropping ways AI is working for—and against—us in cybersecurity. It’s part fascinating, part terrifying, and 100% worth listening to. More i...
Aug 01, 2025•44 min•Ep. 520
You know that moment when someone casually slides a contract across the table and says, “Just sign here”? Yeah, don't do that—especially when it's a Business Associate Agreement. This episode is a deep dive into the dark corners of BAAs, the traps they hide, and why you should read every line like it’s a ransom note. From ping floods to passive-aggressive breach clauses, we unpack the weird, wild world of healthcare contracts. Oh, and stick around—because just when you think it can’t get any mes...
Jul 25, 2025•53 min•Ep. 519
Think cybersecurity laws are just for the big guys? Think again. In this episode, we unravel the patchwork of new state regulations popping up faster than a phishing scam in your inbox—Ohio, Utah, Texas, Florida, and even Iowa are throwing their hats into the compliance ring. From safe harbor perks to tiered requirements for small businesses (yes, Texas made a flowchart-worthy version), we decode what these laws mean, who they apply to, and why HIPAA entities seem to always get the “you’re fine,...
Jul 18, 2025•49 min•Ep. 518
Strap in, folks—this isn’t your average cybersecurity snoozefest. We're plugging into a conversation with Greg Garcia, the guy who's been leading healthcare's cyber crusade like it’s the season finale of a medical drama. From hospitals fending off ransomware to the chaotic ballet of patching ancient medical devices, it’s clear: in a world where tech keeps patients breathing, cyber safety is patient safety. And no, turning it off and on again won’t fix this one. More info at HelpMeWithHIPAA.com/5...
Jul 11, 2025•55 min•Ep. 517
If you thought “One Phish, Two Phish” was a Dr. Seuss classic, think again—this cybercrime edition comes with a twist of ransomware, app-specific passwords, and a side of website hijacking. This week, we explore what happens when software vendors forget to patch, hackers start crafting emails better than your favorite copywriter, and your website becomes a party zone for malware. It’s an episode full of lessons, laughs, and mild panic—just the way we like it. More info at HelpMeWithHIPAA.com/516...
Jul 04, 2025•43 min•Ep. 516
If you’ve ever wondered what happens when “going viral” meets “losing your license,” this episode has the answer—courtesy of a nurse who took her TikTok dreams a little too far. From cringe-worthy compliance blunders to Oklahoma’s oddly refreshing legal update, we’re diving headfirst into the murky waters of healthcare privacy, social media madness, and why reasonable security might just be your get-out-of-court-free card. It’s like HIPAA meets reality TV—minus the roses and dramatic exits. More...
Jun 27, 2025•40 min•Ep. 515
This week on “Things That Make You Go Hmm,” we’re serving up a digital cocktail featuring disappearing network routes, dark web AI tools with a flair for phishing, and Microsoft’s bold new idea to let Copilot tinker with your system settings—what could possibly go wrong? In this episode, we dissect digital disasters and marvel at how event planners might just be outdoing some organizations when it comes to risk assessments. It’s equal parts facepalm and fascinating. More info at HelpMeWithHIPAA....
Jun 20, 2025•43 min•Ep. 514
You’ve heard of phishing scams, ransomware, and all the usual cyber villains—but have you prepared for the wrath of a squirrel? In this episode, we unpack how one fuzzy-tailed offender knocked out power to 11,000 customers and sent a swim club scrambling for pencils and paper. But this isn’t just a woodland horror story. It’s a real-world reminder that sometimes, your biggest threat isn’t a hacker—it’s Alfred the squirrel with a death wish and a talent for circuit boards. We use this nutty incid...
Jun 13, 2025•51 min•Ep. 513
Welcome to another episode where chaos meets cybersecurity and common sense tries to crash the party. In this digital drama, we’re untangling the curious case of a former employee with way too much access, some mysterious printed medical records, and a whole lot of "Wait... WHAT?!" moments. We also dive into the thrilling (read: terrifying) reality of outdated edge devices and how your trusty old router might just be moonlighting as a hacker’s BFF. Oh, and spoiler alert—Microsoft Recall still is...
Jun 06, 2025•47 min•Ep. 512
Ever wonder what would happen if a hacker walked right into your digital living room, kicked off their shoes, and hung out for three months without anyone noticing? This week’s episode dives into a jaw-dropping CISA Red Team Assessment that reads like a cybersecurity horror flick—complete with ignored alarms, forgotten passwords, and an open-door policy for digital intruders. It's not just about tech failures; it’s a full-blown case study in what happens when leadership decides “meh” is a strate...
May 30, 2025•52 min•Ep. 511
Let’s face it — if healthcare had a dollar for every time someone said “we need another webinar,” it might actually be able to afford cybersecurity upgrades. This episode takes aim at the overload of online presentations and instead shines a light on what healthcare providers actually need. We unpack the findings of a critical report on the unique cybersecurity challenges facing small and rural healthcare providers, who are often running on shoestring budgets, outdated tech, and a whole lot of c...
May 23, 2025•48 min•Ep. 510
When a cybersecurity CEO strolls into a hospital and decides to play malware magician with a couple of unlocked computers, you've got yourself a plot twist worthy of a Netflix docuseries. In this episode, we dive headfirst into bizarre breaches, finger-pointing fiascos, and the kind of contractual confusion that’ll make you want to reread your SLAs before breakfast. It’s a rollercoaster of responsibility, reputation, and really bad behavior. But at the heart of it all is the million-dollar quest...
May 16, 2025•49 min•Ep. 509
Healthcare still has a giant “Hack Me” sign taped to its back — and the latest reports from Mandiant and Verizon are here to confirm it. These cybercrime breakdowns reveal that attackers are smarter, sneakier, and spending more time poking around your network than ever before. Waiting to secure your systems until after a breach is like installing a smoke detector after the house has already burned down — by the time you smell smoke, it’s too late. From dwell times that feel more like extended Ai...
May 09, 2025•53 min•Ep. 508
If the Ponemon study were a horror flick, it’d be titled "The Login Came from Inside the System." This week’s episode dives into the alarming trend of organizations handing out privileged access like Halloween candy — only to forget who’s still got it long after the party’s over. With 59% of breaches linked to insiders or third parties, and executives confidently sailing past the iceberg of reality, we explore what happens when no one’s really sure who can still get into the network. Spoiler ale...
May 02, 2025•41 min•Ep. 507
Turns out, “they got hit, they just didn’t tell you” isn’t just a snarky title—it’s a terrifying reality. The Black Fog report basically says, “Hey, the cybersecurity iceberg is way bigger below the surface.” From undisclosed data heists to the rapid rise of ransomware attacks, this is your reminder that you don’t want to be the next plot twist in a cyber thriller. Oh, and yeah... shadow AI is watching too. Sleep tight! More info at HelpMeWithHIPAA.com/506...
Apr 25, 2025•49 min•Ep. 506
Imagine your hospital gets hacked—the MRIs are down, billing’s frozen, and suddenly you’re faxing patient records like it’s 1999. No, that’s not a “Twilight Zone” rerun—it’s real life in health care. This week, we’re diving into what the Health Sector Coordinating Council (HSCC) is doing about it, including their recent trip to Congress to lay it all out. From legacy devices clinging to life like old Tamagotchis to cybersecurity plans that don’t sound half bad, we break it all down with just the...
Apr 18, 2025•54 min•Ep. 505
Forget action-packed heist movies — the real cybersecurity heroes are the ones making their auditors yawn. In this episode, we break down why "boring and patched" should be everyone's new life goal. From AI developments that won’t sit still for five minutes to real-world cyber drama featuring surprise FBI visits (no popcorn needed), we’re serving up a crash course in staying safe, sane, and just boring enough to avoid disaster. More info at HelpMeWithHIPAA.com/504...
Apr 11, 2025•47 min•Ep. 504
AI in healthcare is kind of like an overenthusiastic intern—it’s full of potential, but someone probably should be watching it a little closer. In this episode, we dive into why artificial intelligence might be more “oops” than “awesome” when it comes to patient safety. A recent ECRI report flagged AI as a top safety concern and offered up smart recommendations like stronger governance and better training. From glitchy decision-making to eyebrow-raising cybersecurity breaches, we’re unpacking wh...
Apr 04, 2025•49 min•Ep. 503
Think your once-a-year vulnerability scan is enough? That’s adorable. Waiting to check your security metrics until something goes wrong is like only checking your smoke alarm after the house starts smelling like burnt toast. In this episode, we peel back the layers on the top 10 security and privacy metrics every business should be tracking—whether you're the CEO, the IT person, or just someone who knows how to find the printer on the network. From patch management and MFA to phishing tests and ...
Mar 28, 2025•48 min•Ep. 502
Buckle up, folks—this episode is a rollercoaster of cyber chaos! We kick things off with a quick chat about the upcoming PriSec Boot Camp (because let’s be real, who doesn’t love a good security boot camp?). But then, we dive headfirst into the madness: a fresh HIPAA smackdown over right-of-access failures, a rogue IT guy who locked down an entire company out of revenge, and some seriously sketchy Bluetooth vulnerabilities that could have hackers eavesdropping on your life. And if that wasn’t en...
Mar 21, 2025•56 min•Ep. 501
500 episodes. A whole decade. Countless cybersecurity threats (and just as many dad jokes). Somehow, we’re still talking about the same cybersecurity nightmares—only now with fancier threats and AI-powered scams. In this milestone episode of Help Me With HIPAA, we take a trip down memory lane—reminiscing about our early struggles, the evolution of security risks, and why some lessons seem to need repeating... forever. Spoiler alert: bad guys are still bad, security is still hard, and if you’ve b...
Mar 14, 2025•45 min•Ep. 500
Cybersecurity: It’s like flossing—we all know we should do it, but a shocking number of people just…don’t. This week, we’re digging into the annual cybersecurity attitudes and behaviors report, which reveals just how careless people are with their passwords, personal info, and, well, basic online survival skills. But don’t worry, AI is here to save us! Or, possibly, to make things even worse. We’ll also explore how AI tools are being used (and misused), and why a scary number of people are feedi...
Mar 07, 2025•43 min•Ep. 499
Cybersecurity report cards are in, and let’s just say—most companies would be grounded if their IT security grades were real school grades. With over 80% of Fortune 500s scoring a D or F, and healthcare companies hovering around the danger zone, it's clear that many organizations are securing data about as well as a cardboard vault. Just ask Warby Parker, which racked up multiple breaches over the years while seemingly skipping Cybersecurity 101. In this episode, we break down what these cyberse...
Feb 28, 2025•45 min•Ep. 498
AI just leveled up, and we’re here to talk about it! In this episode, we dive into DeepSeek—the AI model that shook up the stock market, gave OpenAI a run for its money (literally), and is both insanely cheap to run and totally open-source (which is equal parts exciting and terrifying). We also break down the rise of deepfake scams, AI’s growing role in cybersecurity, and why you should probably question everything you see and hear online. If you love tech, security, and a healthy dose of parano...
Feb 21, 2025•40 min•Ep. 497
Imagine leaving your front door wide open in a neighborhood full of burglars, then acting shocked when your TV disappears. That’s basically what’s happening in healthcare cybersecurity. This week, we’re talking about why hackers are running rampant, how small healthcare practices are prime targets (no, you’re not “too small to matter”), and what basic security steps can actually make a difference. Spoiler alert: Ignoring the problem won’t make it go away. More info at HelpMeWithHIPAA.com/496...
Feb 14, 2025•45 min•Ep. 496
If you’ve ever wondered what it’s like to scream into the cybersecurity void, this episode might feel oddly relatable. We dive into why “bare minimum” isn’t a security strategy—it’s more like playing Russian roulette with your data. From regulatory head-scratchers to the harsh reality that a “bare minimum” security strategy is about as effective as locking your front door while leaving the windows wide open, this episode is your wake-up call, packed with sharp insights, analogies involving go-ka...
Feb 07, 2025•37 min•Ep. 495
If ignoring cybersecurity was a sport, some companies would be gold medalists—until they realize the prize is a hefty fine and years of regulatory headaches. It’s like leaving your car unlocked in a sketchy part of town with a neon sign that says, “Free Stuff Inside.” What could possibly go wrong? Well, in this episode, we break down six real-life cases that prove skimping on security is way more expensive than just doing it right in the first place. From ransomware attacks to patient right of a...
Jan 31, 2025•40 min•Ep. 494
