It’s fitting that for episode 405 we talk with Erik Decker, lead on the HHS 405d Task Group, about the recently released Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP) 2023 edition. Since David and I are also on the 405d task group, we are excited to talk about the new updates and added resources FREELY available to help everyone prepare and fight against cybersecurity threats. More info at HelpMeWithHIPAA.com/405...
May 05, 2023•59 min•Ep. 405
Gary Salman from Black Talon Security joins David as guest host while Donna celebrates her birthday in the Keys. David and Gary will explain why not being constantly vigilant when protecting network security can lead to a false sense of security. They will discuss the threats Black Talon is seeing in the cyber environment these days and via tabletop exercises they conduct with organizations as well as ways to help protect your organization from and prepare for cyber events and other crisis situa...
Apr 28, 2023•1 hr 1 min•Ep. 404
Today, we cover part two of our review of the HIPAA Summit. We will cover notes from a privacy officer roundtable, security tips from IT’s point of view, key points from crisis vendors and a very interesting discussion around mergers and acquisitions. Listen in to pick up where we left off from part 1 of our 2023 HIPAA Summit Review . More info at HelpMeWithHIPAA.com/403...
Apr 21, 2023•50 min•Ep. 403
As always the HIPAA Summit is very interesting and informative. This is the annual summit where we learn what’s going on in the “HIPAAsphere” and what things are coming down the pike. There is a lot of information to cover, so we will break this into two Help Me With HIPAA episodes. Here’s part 1 of our HIPAA Summit review. More info at HelpMeWithHIPAA.com/402
Apr 14, 2023•56 min•Ep. 402
The importance of mobile device security cannot be overstated. With our lives becoming increasingly digital, it is essential that we take the necessary steps to secure our devices. By doing so, we can protect our data and our privacy, while also preventing malicious actors from gaining access to our accounts. More info at HelpMeWithHIPAA.com/401
Apr 07, 2023•44 min•Ep. 401
We made it to 400 episodes! We have done, heard and learned a lot. Today, we will discuss 8 of the most important things we have learned so far. And we still have more to learn and to share, so stay tuned! More info at HelpMeWithHIPAA.com/400
Mar 31, 2023•55 min•Ep. 400
Today’s episode we are going to do a quick recap from the PriSec Boot Camp and we will discuss the recent FTC case involving GoodRx. The PriSec Boot Camp was a lot of fun and Donna’s Bourbon and Breaches was a hit with everyone! More info at HelpMeWithHIPAA.com/399
Mar 24, 2023•35 min•Ep. 399
Earlier this month, The White House released a new National Cybersecurity Strategy aimed at building a more resilient digital environment that is easier to defend than to attack and that is secure and safe for all Americans. The focus is to shift the burden of defending the country's cyberspace towards software vendors and service providers and to stress how essential collaboration between the public and private sectors, as well as with international allies and partners, is for securing the nati...
Mar 17, 2023•44 min•Ep. 398
Let's face it, family dynamics can be complicated and not everyone gets along. HIPAA is designed to ensure that everyone's health information is kept confidential and that only the appropriate individuals are given access. Believe it or not, HIPAA does not guarantee all relatives access to another relative's protected health information. More info at HelpMeWithHIPAA.com/397
Mar 10, 2023•42 min•Ep. 397
Today you're going to get a twofer. We're going to discuss the two recent reports that OCR submitted to Congress on the state of compliance with Privacy and Security and the other on Report Breaches and Notifications. Let’s start by saying that OCR is really busy… I mean really busy. More info at HelpMeWithHIPAA.com/396
Mar 03, 2023•42 min•Ep. 396
Data breaches can be costly - so costly, in fact, that they can turn a business's bottom line into a roller coaster of emotion, ranging from shock and dismay to tears of dollars! But with a robust privacy and security program in place, businesses can reduce the likelihood of a data breach and the financial impact that comes with it. More info at HelpMeWithHIPAA.com/395
Feb 24, 2023•50 min•Ep. 395
Today, we are talking about a new OCR settlement that was released from a 2016 hacking attack on Banner Health’s network, causing a data breach of over 2.81 million individuals. We’ll review the OCR CAP. But suffice it to say… until we have more engagement from every person connecting to the internet, we will never make real progress in the battle against cyber criminals. More info at HelpMeWithHIPAA.com/394
Feb 17, 2023•46 min•Ep. 394
It's a story straight out of a blockbuster movie - an elite team of FBI agents infiltrating an underground network to thwart an international crime syndicate, saving over $130 million in ransom demands. Using their expert skills, the FBI agents were able to infiltrate the Hive network without detection and shut them down… at least for now. More info at HelpMeWithHIPAA.com/393
Feb 10, 2023•39 min•Ep. 393
AI is the latest nerd language spreading wildly across… well, everywhere. ChatGPT, an automated AI-powered chatbot, is designed to provide automated conversational responses to users in a friendly and natural way. Today, we discuss and show you how ChatGPT explains itself and how it could be used in healthcare. More info at HelpMeWithHIPAA.com/392
Feb 03, 2023•56 min•Ep. 392
Knowing what vendors your BAs may use to provide services to your organization is crucial. Those downstream vendors could be the cause of a breach of your data. Signing a BAA does not prove a BA is properly securing your data. Vetting your vendors is as important as making sure your vendors are vetting their vendors. More info at HelpMeWithHIPAA.com/391
Jan 27, 2023•58 min•Ep. 391
Using website tracking technology on healthcare sites can be a double-edged sword. On the one hand, it can help healthcare organizations better understand user behavior, preferences, and interests. However, if not properly secured, this technology can also put users at risk of their sensitive data being accessed and used inappropriately. More info at HelpMeWithHIPAA.com/390
Jan 20, 2023•40 min•Ep. 390
The recent breach at the popular password manager, LastPass, has caused a lot of concern amongst its users. We ourselves have discussed whether this is the last pass we are going to give to LastPass. So, in today’s episode, we discuss what happened, what it means for LastPass users and what are some things you should do or consider doing. More info at HelpMeWithHIPAA.com/389
Jan 13, 2023•57 min•Ep. 389
For our first show of 2023 we review 2 more OCR settlements! These are the last ones released in 2022. Listen in to hear what happened so that you can learn how to avoid making the same mistakes in the new year. More info at HelpMeWithHIPAA.com/388
Jan 06, 2023•42 min•Ep. 388
This is one of our favorite episodes of the year. We will recap our 2022 privacy and security predictions and then make new predictions for 2023. Aside from the obvious predictions like “ransomware will increase”, our predictions will give you what we think you are going to be hearing about that you should worry about in 2023. More info at HelpMeWithHIPAA.com/387
Dec 30, 2022•59 min•Ep. 387
As is our custom, we take one week off each year from creating new content just to give us a break. It also gives our sound engineer, Bojan Sabioncello, a chance to shine while he goes through all the outtakes he deals with all year. He gets in front of the mic to share how awful we treat him yet, he is still around after all these years. Thanks to Bojan for his skill in making us sound so good every week. Thanks to all our listeners who have been with us and share our podcast with others. We ar...
Dec 23, 2022•17 min
When you think of a power outage happening to you or your business, you probably think of an outage lasting a few hours. Not the case with the recent massive power outage experienced in Moore County NC recently. So, that begs the question, do you have a response plan for experiencing a power outage lasting a week or more? You should. More info at HelpMeWithHIPAA.com/386
Dec 16, 2022•47 min•Ep. 386
The holidays are upon us and everyone is getting excited about buying presents for friends and loved ones. Cyber criminals are excited too because it means even more opportunities to attack us. Today, we are discussing an article from ZDnet about three new ways attackers are trying to trick you. More info at HelpMeWithHIPAA.com/385
Dec 09, 2022•48 min•Ep. 385
OCR recently released a video on their Recognized Security Practices initiative. The intent is to teach HIPAA regulated entities on what Recognized Security Practices is and what is required to prove its implementation in your organizations. We will review the video today and give you some key takeaways from it. More info at HelpMeWithHIPAA.com/384
Dec 01, 2022•50 min•Ep. 384
As we celebrate Thanksgiving, we thought it would be a good idea to cover three reasons why you should be thankful. Or better yet, three situations you should be thankful that you’re not caught up in…. unless, unfortunately, you are. More info at HelpMeWithHIPAA.com/383
Nov 25, 2022•33 min•Ep. 383
The healthcare industry is not immune to cyberattacks. In fact, it's one of the most vulnerable industries. To protect patient safety and data security, hospitals and healthcare providers need to implement better cybersecurity measures. Today, we review a paper from the office of Senator Mark Warner (VA) that discusses policy options for the healthcare sector. More info at HelpMeWithHIPAA.com/382
Nov 18, 2022•46 min•Ep. 382
What is your Incident Response Plan? If you said “Oh, we’ll just call IT,” then you need to listen to this podcast. We will review the October 2022 OCR Newsletter that discusses nine procedures that entities should consider including in the incident procedures. More info at HelpMeWithHIPAA.com/381
Nov 11, 2022•47 min•Ep. 381
Keeping up on ways to protect your business from a cyber attack can feel intimidating, especially because of the continuously changing methods criminals use to social engineer us. The bottom line is it only takes one click at any time by anyone to open the door to the attackers. More info at HelpMeWithHIPAA.com/380
Nov 04, 2022•48 min•Ep. 380
As you know, each year we record a Halloween episode. This year we are covering very scary decisions that have come back to haunt several organizations, including an organization’s decision not to report a cyber attack, an entity that thought they’d just stroke a check for fines assessed and everything would be OK, and a provider who posted PHI on social media. Listen in and learn what NOT to do. More info at HelpMeWithHIPAA.com/379
Oct 28, 2022•52 min•Ep. 379
Do you remember the saying “there’s an app for that”? Apps certainly are cool and convenient, but can you tell whether they are malicious or not? Today, we discuss and give you some vetting tips you can use before you download apps. More info at HelpMeWithHIPAA.com/378
Oct 21, 2022•43 min•Ep. 378
More and more the healthcare industry is using connected medical devices that do cool things, like creating efficiencies in the delivery of patient care and automating tasks for healthcare providers and their staff. But, what about the security of these connected devices? Has anyone thought about that? Well, Ponemon and Cynerio did a study on just that topic and the results are very concerning. More info at HelpMeWithHIPAA.com/377
Oct 14, 2022•49 min•Ep. 377
