Help Me With Hipaa

We all know that OCR is the HHS department that oversees and enforces HIPAA to ensure the protection of individuals' healthcare information.  However, more and more states around the country are also making efforts to protect their constituents’ personal information and hold companies accountable for their poor data security practices. Today, we discuss recent HIPAA enforcement actions taken on businesses by the NY State Attorney General’s Office. More info at HelpMeWithHIPAA.com/442

The number of ransomware attacks impacting critical services, compromising personal information and attackers requesting higher and higher ransoms continue to rise. Today, we discuss this pressing issue, implications of ransomware attacks, the ethical considerations of paying ransoms, and the urgent need for preventative measures.  More info at HelpMeWithHIPAA.com/441

In today’s world, it's essential to recognize the importance of safeguarding your personal information. From the moment you wake up and check your smartphone to the minute you stream your favorite show or make an online purchase, your every digital move leaves a trail of data breadcrumbs. But, you have the power to take charge of your data privacy. You can start by taking part in Data Privacy Week, sponsored by the National Cybersecurity Alliance.  More info at HelpMeWithHIPAA.com/440

It’s time to recap Donna and David’s 2023 HIPAA and cybersecurity predictions and hear what their crystal ball says about what to look out for in 2024. And, since AI exploded in 2023, we asked ChatGPT for predictions for 2024 too. More info at HelpMeWithHIPAA.com/439

It’s no secret that healthcare is vulnerable to cybersecurity threats and patient privacy and safety are at risk. Good news! HHS recently announced a plan to enhance cybersecurity in the healthcare and public health sectors. Through various initiatives, including 405(d) and other HHS efforts, plans are starting to come together like pieces of a puzzle to help practices stay ahead in the ever-evolving landscape of cybersecurity. It's time to get informed and take action to protect your practice, business, and patients. More info at HelpMeWithHIPAA.com/438

It's time of year again where we take some time off and let Bojan create a Help Me with HIPAA bloopers show of our mishaps and outtakes. Stick around to the end - we have a little surprise for you. Thanks to Bojan for his skill in making us sound so good every week.  Thanks to all our listeners who have been with us and share our podcast with others. We are here because of you. As always, remember, HIPAA is not about compliance, it is about patient care.

CISA has released a mitigation guide to combat the critical and complex cyber threats affecting the Healthcare and Public Health Sector. It provides best practices, essential strategies and insights for safeguarding our healthcare infrastructure against ever-evolving cyber threats. Join us as we navigate through this important document, breaking down its complexities and highlighting its significance in the ongoing battle against cyber threats in the healthcare sector. More info at HelpMeWithHIPAA.com/437

You know how we say that hackers love to launch attacks during the holidays because that’s when most folks are distracted and in a hurry to begin their time off? Well guess what?  There are already a few cyber attacks in the news just from this past Thanksgiving. Case in point, the recent ransomware attack that diverts ER ambulance services across multiple states. More info at HelpMeWithHIPAA.com/436

A data breach can have significant and far-reaching consequences for both patients and businesses in the healthcare industry. Today, we delve into the impacts of a recent breach and discuss the evolving challenges of managing healthcare vendors with access to sensitive patient information. Plus, we weigh in on patient privacy concerns when it comes to the media. More info at HelpMeWithHIPAA.com/435

It is crucial to apply mitigation strategies to reduce the likelihood and impact of ransomware incidents due to the severe and far-reaching consequences these cyber threats can have on individuals, organizations, and society as a whole. The FBI recently published a notification highlighting emerging ransomware trends involving attacking the same victims multiple times. Listen in to hear what you can do to help reduce the likelihood of becoming a victim. More info at HelpMeWithHIPAA.com/434

Evaluating the security posture of organizations through the lens of culture, technology, risk, and people is crucial in today's complex digital landscape. Culture sets the tone for an organization's security mindset, influencing employee behavior and awareness.  Today, we review ClubCISO’s Information Security Maturity Report 2023 that evaluates the security posture according to CISOs across the globe. More info at HelpMeWithHIPAA.com/433

OCR just announced its first ransomware settlement, emphasizing the importance of proactive cybersecurity measures and the implications for business associates. Ransomware threats are increasingly common, evolving rapidly and continue to target the healthcare industry which highlights the importance of healthcare organizations and their business associates to prioritize cybersecurity. More info at HelpMeWithHIPAA.com/432

In our rapidly evolving digital environment, cybersecurity misconfigurations pose significant threats to organizations of all sizes. Misconfigurations can expose systemic weaknesses and make organizations vulnerable to cyber attacks. In this episode, we will review a report from the NSA and CISA highlighting some of the most common misconfigurations that need to be addressed. More info at HelpMeWithHIPAA.com/431

When vendors have incidents that disrupt their operations, it’s like having ghosts haunt a business's continuity plan, just waiting to make an eerie appearance. That's why it is crucial for businesses to include vendor-related security incidents or downtime in their business continuity plans. One company’s nightmare can be contagious to its customers. More info at HelpMeWithHIPAA.com/430

In today's interconnected digital world, keeping up with cybersecurity alerts is like having a trusty, cyber-savvy sidekick by your side. As our reliance on technology continues to grow, staying ahead of the game is essential. Cybersecurity alerts are like the Bat-Signal of the digital realm, lighting up to warn you of impending threats. Proactive vigilance in the face of these alerts is not merely a best practice; it's an imperative in safeguarding sensitive data, privacy, and the integrity of our increasingly digital lives. More info at HelpMeWithHIPAA.com/429

Web tracking tools that collect or share personally identifiable health information can pose significant implications when it comes to HIPAA privacy and security. Unauthorized tracking can compromise patient confidentiality and privacy, potentially exposing sensitive health data. Today, we are doing a follow up from our previous podcast on web tracking tools and discuss a few recent articles and guidance released by HHS, FTC and OCR. More info at HelpMeWithHIPAA.com/428

For MSPs, grasping HIPAA compliance isn't just a good idea; it's a necessity. Neglecting it can lead to legal issues and lost opportunities in the healthcare IT sector. Picture unintentionally mishandling patient data and facing legal consequences – that's a risk you can't ignore. A solid understanding of HIPAA can boost your reputation and credibility within the healthcare industry. To acquire this essential knowledge, consider enrolling in the Certified in HIPAA for MSP (CHMSP) course offered by HIPAA for MSPs. It's a valuable resource that equips MSPs with the expertise needed to excel in this specialized field. More info at HelpMeWithHIPAA.com/427

Cybersecurity Awareness Month is just around the corner. It's that time of year when we all take a moment to up our game in the digital world. Whether it's creating stronger passwords, being mindful of phishing emails, or updating our software regularly, it's a reminder that our online safety matters. So, listen to this week’s podcast to find ways to keep cybersecurity top of mind and make sure our digital lives are as secure as possible! More info at HelpMeWithHIPAA.com/426

Assuming large organizations with lots of healthcare clients have a proper HIPAA privacy and security program in place could be disastrous. OCR recently settled investigations with LA Care, a large health plan in California, for $1.3 million and a 3 year corrective action plan.  Join us as we discuss this settlement and learn from others' mistakes. More info at HelpMeWithHIPAA.com/425

Securing older, legacy technologies from cyber threats is extremely important in today's interconnected digital world. Older devices often lack the robust security features of modern counterparts, making them vulnerable targets for hackers seeking to exploit weaknesses. Today, we review HSCC’s Health Industry Cybersecurity – Managing Legacy Technology Security (HIC-MaLTS) guide that provides recommendations to address the legacy technology challenges facing healthcare. More info at HelpMeWithHIPAA.com/424