Help Me With Hipaa


Sinopsis is a collaboration between Kardon Compliance founder, Donna Grindle, and founder, David Sims. Our mission is to share our Privacy and Security knowledge with those who are required to understand, implement, and manage the complex Privacy and Security requirements of HIPAA compliance.Our work with CEs and BAs inspired us to launch the service to provide information about the complex requirements of HIPAA in a relaxed manner without using too much legalese or geek speak. As the podcasts programs progress we will cover topics about that include sorting through the requirements as well as real world examples of the procedures used, both good and bad.Join us as we do our best to create a show where HIPAA and humor collide!


  • Cyber Insurance Applications Are Intense - Ep 363

    08/07/2022 Duración: 54min

    When you're shopping for cybersecurity insurance, the applications can be intense. You'll need to provide a lot of details about your current security protections, and you may be asked to complete a security audit. This is because insurance companies want to be sure that they're not insuring businesses that aren't doing everything they can to protect themselves from cyber attacks. This episode we discuss what questions you may encounter on your cyber insurance applications.

  • 4 Ransomware Stats For Planning - Ep 362

    01/07/2022 Duración: 38min

    Ransomware tactics are constantly changing. Understanding the protections we use today will not be enough down the road is key. We must constantly adjust and adapt our security protections to protect against these attacks. Today, we are going to discuss ransomware stats and key points from two recent reports that can help you create a response plan for ransomware attacks. More info at

  • No More Passwords FIDO - Ep 361

    24/06/2022 Duración: 49min

    We use passwords for everything. Creating a unique, secure password for every website and application is hard to remember, right? So, why hasn’t someone figured out how to get rid of passwords? Well, today we are going to talk about the FIDO password killer solution. More info at

  • What Would You Do? - Ep 360

    17/06/2022 Duración: 47min

    How many of us know what we don’t know, or at least, willing to admit we don't know what we don't know? Today, we are going to find out as we cover a few potential data breach scenarios and ask “what would you do - report it or not?”  More info at

  • 6 Takeaways 2022 Verizon DBIR - Ep 359

    10/06/2022 Duración: 53min

    Today, we are going to give you our six takeaways from the 15th annual Verizon Data Breach Investigation Report. We like these reports because they give us an indication of what's going on in the cyber world, what we need to be looking for and looking out for. More info at

  • How Do They Get In? - Ep 358

    03/06/2022 Duración: 49min

    We get this question all of the time:  How do they get in?  How do the bad guys get in and attack my network? Seems like a simple question, right?  Well there’s not always a clear cut answer.  The first thing you need to understand is that cybersecurity isn't a problem you solve. It's a chronic condition that you have to manage.  More info at

  • MSP Customer Alert - Ep 357

    27/05/2022 Duración: 55min

    Recently, a Cybersecurity Advisory was released worldwide to MSPs and their customers. We will take a look into what this guidance is, how it applies, and what needs to be done about it.  This is BIG and we all better be paying attention. More info at

  • Everybody get on board! - Ep 356

    20/05/2022 Duración: 52min

    Everybody get on board because data security laws keep getting signed in states each year. The new Maryland and Kentucky data security laws are designed to help protect insurance companies from cyber attacks by implementing cybersecurity standards, developing, implementing, and maintaining a written information security program. Their service providers are also required to implement such programs which include a requirement to report cyber security incidents within 3 days of discovery. For more details go to

  • 10 Roles of Operational Continuity - Ep 355

    13/05/2022 Duración: 59min

    Incident response planning is important to every business. You don’t want to figure out how to manage the business and respond to an incident on the fly.  These plans should be reviewed and updated regularly. Today we review a brand new guide from the Healthcare & Public Health Sector Coordinating Council on Operational Continuity - Cyber Incident. More info at

  • PriSec Teams Require Everyone - Ep 354

    06/05/2022 Duración: 58min

    Over the last couple years, we’ve had some high-profile cybersecurity compromises and data breaches. And this trend is not slowing down. Today, we review a recent study of the top cyber threats to healthcare organizations. The results reinforce that PriSec teams require everyone to participate. More info at

  • 3 Tricky Places HIPAA Applied - Ep 353

    29/04/2022 Duración: 44min

    Recently, we’ve had a couple things come up which involved tricky places that HIPAA has applied that most people might not think of. So, we thought we'd throw them out there and have a little bit of fun discussing them. More info at

  • 6 Ways To Make Money Online - Ep 352

    22/04/2022 Duración: 38min

    Cybercrime is a booming business. In 2021, the US experienced an unprecedented increase in cyber attacks with criminals making $6.9 billion online. In today’s podcast, we review the FBI’s Internet Crime Report for 2021. More info at

  • 4 Takeaways from Okta Breach? - Ep 351

    15/04/2022 Duración: 46min

    It is crucial for every business to understand the security practices of their vendors. And also to make sure that those vendors are vetting their vendors.  A cyber attack at a link in your supply chain can drastically affect your business. Evidence: the Okta breach. More info at

  • 4 OCR Cases For Us - Ep 350

    08/04/2022 Duración: 44min

    Have you heard the one about three dentists and a psychiatrist walk into... an OCR investigation? OCR has announced their first set of enforcement actions of 2022, and just in time for our 350th episode.  These involve patient right of access and improper disclosure violations. More info at

  • 6 Points from HIPAA Summit - Ep 349

    01/04/2022 Duración: 43min

    Donna made many notes from the HIPAA Summit. Today, she and David will share six of her top picks, including the difference between an incident and a breach, how a “check the box compliance program” is not a privacy and security program, importance of understanding what your vendor’s incident response plans are and more. More info at

  • 3 HIPAA Enforcement Arms - Ep 348

    25/03/2022 Duración: 59min

    If you are a regular listener of the podcast, you know how Donna loves to “HIPAA-geek out” over the National HIPAA Summit each year. This year’s National HIPAA Summit did not disappoint. Today, we discuss a few points made concerning enforcement of HIPAA related cases by three arms of the federal government. More info at

  • One SMBs Cyber Survey - Ep 347

    18/03/2022 Duración: 51min

    Cyber threats are a growing risk that is becoming increasingly difficult to avoid. Small and medium businesses are not immune to these cyber threats. They are a growing business risk. The first step in preventing cyber threats is awareness.  More info at

  • 6 Impacts - 1 Event - Ep 346

    11/03/2022 Duración: 40min

    Security events can have a significant impact on your business. It’s important to understand the magnitude of what’s going on and what the risks are. Having a plan in place to deal with privacy and security events can make it better, but not having one can make it worse.  More info at

  • 3 Harsh Realities - Ep 345

    04/03/2022 Duración: 53min

    The harsh realities of cybersecurity are not always easy to hear, but they are the one thing that we cannot compromise on as they can have a huge impact on our lives. We must remain cyber aware and be vigilant in order to combat cyber threats. More info at

  • Help Me With PriSec - Ep 344

    25/02/2022 Duración: 45min

    Kardon, Help Me With HIPAA and HIPAA for MSPs is hosting the first PriSec Boot Camp in Louisville, KY on Sep 12, 13, 14 and 15. This ain’t yo Momma’s privacy and security. It is a one of a kind event designed for those who need to understand and manage a privacy and security program.  Listen to today’s podcast to learn all about it. More info at

página 2 de 20