Help Me With Hipaa

In the epic battle between cyber threats and the healthcare industry, it's the patients who suffer the most. There is an urgent need for new regulations in the healthcare industry to address the challenges posed by outdated technology and cybersecurity threats. Today, we talk with Josh Corman about the need for new ideas and meaningful changes to protect hospitals and ensure the safety of critical healthcare functions. More info at HelpMeWithHIPAA.com/416

BAs play a vital role in healthcare organizations as they often provide services to covered entities that require them to access PHI. But, they often don’t fully understand their own HIPAA compliance obligations. OCR recently released a resolution agreement against a BA that proves BAs will be held accountable for their obligations under HIPAA. More info at HelpMeWithHIPAA.com/415

Checklists are important for many people who deal with cybersecurity. David and Donna explain that this new checklist is not just for healthcare, but for all businesses to deal with cybersecurity. They discuss these CPGs, which are Cybersecurity Performance Goals recently published by CISA, and how they can help strengthen your cybersecurity regardless of the size and complexity of your organization.   More info at HelpMeWithHIPAA.com/414

Healthcare cybersecurity is no walk in the park! Today, we explore the release of the "Health Industry Cybersecurity Recommendations for Government Policy and Programs" by HSCC. It provides suggestions and ideas on how government policy and programs can support the health sector in beefing up their cybersecurity defenses to help keep our health systems safe from cyber threats.   More info at HelpMeWithHIPAA.com/413

Vacation is a time to relax and get away from everyday worries, but it's important to take steps to ensure that your cybersecurity and privacy are not at risk. Today, we will review vacation and travel security tips from the National Cybersecurity Alliance to help you stay safe during your travels. More info at HelpMeWithHIPAA.com/412

When it comes to cybersecurity, It is important to understand who your audience is and how to communicate effectively with them. Today, we discuss an article on the cybersecurity pitfalls written by Julie Haney, Usable Cybersecurity Program Lead at NIST, and the importance of involving everyone in a team approach to protecting patients' information.  More info at HelpMeWithHIPAA.com/411

Cybersecurity is a big challenge for all businesses these days. Regardless of the size of the business or industry it’s in, hackers are continuously trying to exploit weaknesses to gain access to networks and data. NIST and CISA have some new resources and guides that can help small and medium size businesses face the growing cyber threat. More info at HelpMeWithHIPAA.com/410

You know how people say “it’ll never happen to me”? Well, today we are covering six news stories that chances are will affect you either directly or indirectly in some way. We’ve got yet another story of a practice that doesn’t have a response plan, stories about hardware and software that are vulnerable or were hacked and even a story on how you can make a quick $10m.  More info at HelpMeWithHIPAA.com/409

In the fast-paced world of healthcare, where even your stethoscope can connect to the internet, cybersecurity training for everyone is an absolute must. But fear not, brave healthcare professional!  There is free cybersecurity training online! Listen in and we will tell you all about two great cybersecurity training options for workforce members and clinicians. More info at HelpMeWithHIPAA.com/408

We talk a lot about understanding the current cyber threats and risks involved in not remaining vigilant in protecting against them. Today, we review the Hospital Cyber Resiliency Initiative Landscape Analysis, recently released by 405d. It provides stats and case studies from the real world. It also gives us areas we need to work on and where we need to put our investment of time and money to protect against these threats. More info at HelpMeWithHIPAA.com/407

Healthcare organizations are dealing with increasingly complex cybersecurity threats. With the use of technology and the presence of sensitive patient information, hackers see healthcare systems as valuable targets. Protecting healthcare systems is a major challenge. The 405(d) Task Group has updated their HICP guidance for small, medium and large organizations to help them better secure their networks and applications and manage risks to keep patient information safe. More info at HelpMeWithHIPAA.com/406

It’s fitting that for episode 405 we talk with Erik Decker, lead on the HHS 405d Task Group, about the recently released Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP) 2023 edition. Since David and I are also on the 405d task group, we are excited to talk about the new updates and added resources FREELY available to help everyone prepare and fight against cybersecurity threats.  More info at HelpMeWithHIPAA.com/405

Gary Salman from Black Talon Security joins David as guest host while Donna celebrates her birthday in the Keys. David and Gary will explain why not being constantly vigilant when protecting network security can lead to a false sense of security.  They will discuss the threats Black Talon is seeing in the cyber environment these days and via tabletop exercises they conduct with organizations as well as ways to help protect your organization from and prepare for cyber events and other crisis situations. More info at HelpMeWithHIPAA.com/404

Today, we cover part two of our review of the HIPAA Summit.  We will cover notes from a privacy officer roundtable, security tips from IT’s point of view, key points from crisis vendors and a very interesting discussion around mergers and acquisitions. Listen in to pick up where we left off from part 1 of our 2023 HIPAA Summit Review. More info at HelpMeWithHIPAA.com/403

As always the HIPAA Summit is very interesting and informative. This is the annual summit where we learn what’s going on in the “HIPAAsphere” and what things are coming down the pike. There is a lot of information to cover, so we will break this into two Help Me With HIPAA episodes. Here’s part 1 of our HIPAA Summit review. More info at HelpMeWithHIPAA.com/402

The importance of mobile device security cannot be overstated. With our lives becoming increasingly digital, it is essential that we take the necessary steps to secure our devices. By doing so, we can protect our data and our privacy, while also preventing malicious actors from gaining access to our accounts.  More info at HelpMeWithHIPAA.com/401

We made it to 400 episodes!  We have done, heard and learned a lot. Today, we will discuss 8 of the most important things we have learned so far.  And we still have more to learn and to share, so stay tuned! More info at HelpMeWithHIPAA.com/400

Today’s episode we are going to do a quick recap from the PriSec Boot Camp and we will discuss the recent FTC case involving GoodRx. The PriSec Boot Camp was a lot of fun and Donna’s Bourbon and Breaches was a hit with everyone! More info at HelpMeWithHIPAA.com/399

Earlier this month, The White House released a new National Cybersecurity Strategy aimed at building a more resilient digital environment that is easier to defend than to attack and that is secure and safe for all Americans. The focus is to shift the burden of defending the country's cyberspace towards software vendors and service providers and to stress how essential collaboration between the public and private sectors, as well as with international allies and partners, is for securing the nation against cyber threats. More info at HelpMeWithHIPAA.com/398

Let's face it, family dynamics can be complicated and not everyone gets along. HIPAA is designed to ensure that everyone's health information is kept confidential and that only the appropriate individuals are given access. Believe it or not, HIPAA does not guarantee all relatives access to another relative's protected health information.  More info at HelpMeWithHIPAA.com/397