Help Me With Hipaa

It is crucial to apply mitigation strategies to reduce the likelihood and impact of ransomware incidents due to the severe and far-reaching consequences these cyber threats can have on individuals, organizations, and society as a whole. The FBI recently published a notification highlighting emerging ransomware trends involving attacking the same victims multiple times. Listen in to hear what you can do to help reduce the likelihood of becoming a victim. More info at HelpMeWithHIPAA.com/434

Evaluating the security posture of organizations through the lens of culture, technology, risk, and people is crucial in today's complex digital landscape. Culture sets the tone for an organization's security mindset, influencing employee behavior and awareness.  Today, we review ClubCISO’s Information Security Maturity Report 2023 that evaluates the security posture according to CISOs across the globe. More info at HelpMeWithHIPAA.com/433

OCR just announced its first ransomware settlement, emphasizing the importance of proactive cybersecurity measures and the implications for business associates. Ransomware threats are increasingly common, evolving rapidly and continue to target the healthcare industry which highlights the importance of healthcare organizations and their business associates to prioritize cybersecurity. More info at HelpMeWithHIPAA.com/432

In our rapidly evolving digital environment, cybersecurity misconfigurations pose significant threats to organizations of all sizes. Misconfigurations can expose systemic weaknesses and make organizations vulnerable to cyber attacks. In this episode, we will review a report from the NSA and CISA highlighting some of the most common misconfigurations that need to be addressed. More info at HelpMeWithHIPAA.com/431

When vendors have incidents that disrupt their operations, it’s like having ghosts haunt a business's continuity plan, just waiting to make an eerie appearance. That's why it is crucial for businesses to include vendor-related security incidents or downtime in their business continuity plans. One company’s nightmare can be contagious to its customers. More info at HelpMeWithHIPAA.com/430

In today's interconnected digital world, keeping up with cybersecurity alerts is like having a trusty, cyber-savvy sidekick by your side. As our reliance on technology continues to grow, staying ahead of the game is essential. Cybersecurity alerts are like the Bat-Signal of the digital realm, lighting up to warn you of impending threats. Proactive vigilance in the face of these alerts is not merely a best practice; it's an imperative in safeguarding sensitive data, privacy, and the integrity of our increasingly digital lives. More info at HelpMeWithHIPAA.com/429

Web tracking tools that collect or share personally identifiable health information can pose significant implications when it comes to HIPAA privacy and security. Unauthorized tracking can compromise patient confidentiality and privacy, potentially exposing sensitive health data. Today, we are doing a follow up from our previous podcast on web tracking tools and discuss a few recent articles and guidance released by HHS, FTC and OCR. More info at HelpMeWithHIPAA.com/428

For MSPs, grasping HIPAA compliance isn't just a good idea; it's a necessity. Neglecting it can lead to legal issues and lost opportunities in the healthcare IT sector. Picture unintentionally mishandling patient data and facing legal consequences – that's a risk you can't ignore. A solid understanding of HIPAA can boost your reputation and credibility within the healthcare industry. To acquire this essential knowledge, consider enrolling in the Certified in HIPAA for MSP (CHMSP) course offered by HIPAA for MSPs. It's a valuable resource that equips MSPs with the expertise needed to excel in this specialized field. More info at HelpMeWithHIPAA.com/427

Cybersecurity Awareness Month is just around the corner. It's that time of year when we all take a moment to up our game in the digital world. Whether it's creating stronger passwords, being mindful of phishing emails, or updating our software regularly, it's a reminder that our online safety matters. So, listen to this week’s podcast to find ways to keep cybersecurity top of mind and make sure our digital lives are as secure as possible! More info at HelpMeWithHIPAA.com/426

Assuming large organizations with lots of healthcare clients have a proper HIPAA privacy and security program in place could be disastrous. OCR recently settled investigations with LA Care, a large health plan in California, for $1.3 million and a 3 year corrective action plan.  Join us as we discuss this settlement and learn from others' mistakes. More info at HelpMeWithHIPAA.com/425

Securing older, legacy technologies from cyber threats is extremely important in today's interconnected digital world. Older devices often lack the robust security features of modern counterparts, making them vulnerable targets for hackers seeking to exploit weaknesses. Today, we review HSCC’s Health Industry Cybersecurity – Managing Legacy Technology Security (HIC-MaLTS) guide that provides recommendations to address the legacy technology challenges facing healthcare. More info at HelpMeWithHIPAA.com/424

In the digital age, cybersecurity has become a critical concern for businesses and individuals alike. Today, we review the latest release from 405(d), Check Your Cyber Pulse. This cybersecurity cosmo quiz helps small organizations evaluate their cyber pulse regarding the 10 cybersecurity practices of HICP and decide where they should focus efforts to improve their cybersecurity behaviors. More info at HelpMeWithHIPAA.com/423

Ransomware attacks have become a prevailing threat to businesses of all sizes, causing significant financial losses, reputational damage, and operational disruptions. In this episode, we talk with Robert Cioffi, COO and Co-Founder of Progressive Computing, who shares how they navigated through the Kaseya ransomware attack. He shares invaluable insights into their journey of resilience, recovery, and the crucial lessons learned along the way. More info at HelpMeWithHIPAA.com/422

In a crisis situation, organizations must be prepared to communicate effectively in these challenging situations. Karen Phillips, of Phillips & Marek, joins us to discuss strategies and best practices for managing data breaches and how to communicate with stakeholders, including internal staff, patients and the media. More info at HelpMeWithHIPAA.com/421

Are you worried about the safety of your data and the potential security risks to your organization? In this episode, we talk with Jen Stone of SecurityMetrics to explore the importance of performing technical and nontechnical evaluations of your security program. Jen helps to explain the benefits of thorough evaluations and how they can safeguard your organization against potential vulnerabilities. More info at HelpMeWithHIPAA.com/420

As in years past, we dive into IBM’s 2023 Cost of a Data Breach Report. This annual study sheds light on the ever-evolving landscape of data breaches and provides valuable insights for organizations looking for ways to focus their efforts and money to help prevent and reduce the costs associated with a data breach. More info at HelpMeWithHIPAA.com/419

We all know how important it is to keep our personal information and important data secure. MFA can add an extra layer of protection to our digital lives. But does HIPAA require MFA? The short answer: no, but yes. Listen in to hear how best to lock your cyber door against cyber attacks. More info at HelpMeWithHIPAA.com/418

Verizon has released their 2023 Data Breach Investigations Report (DBIR). This year they focused more on an analysis of actual data breaches - the types of incidents causing the breaches, the motivations of bad actors, how they tend to carry out their attacks and what data they are grabbing. We always look forward to reading this report because it not only has a lot of great information, but also because it contains a good bit of humor. You know we like that. More info at HelpMeWithHIPAA.com/417

In the epic battle between cyber threats and the healthcare industry, it's the patients who suffer the most. There is an urgent need for new regulations in the healthcare industry to address the challenges posed by outdated technology and cybersecurity threats. Today, we talk with Josh Corman about the need for new ideas and meaningful changes to protect hospitals and ensure the safety of critical healthcare functions. More info at HelpMeWithHIPAA.com/416

BAs play a vital role in healthcare organizations as they often provide services to covered entities that require them to access PHI. But, they often don’t fully understand their own HIPAA compliance obligations. OCR recently released a resolution agreement against a BA that proves BAs will be held accountable for their obligations under HIPAA. More info at HelpMeWithHIPAA.com/415