HIPAA відкриті
[search 0]
більше

Download the App!

show episodes
 
HIPAA compliance is complicated, confusing and easy to get wrong. Violations, data breaches and ransomware attacks are everywhere in healthcare. HIPAA Critical brings interviews with leaders in cybersecurity, InfoSec, healthcare, and compliance straight to you. Each 30-minute episode is designed to keep you informed and entertained. A new episode is released on the first three Wednesdays of every month.
 
https://petronellatech.com and our sponsor at https://compliancearmor.com present Cybersecurity and Compliance with Craig Petronella Podcast. Learn the latest on the CMMC 2.0, DFARS, NIST, HIPAA, GDPR, ISO27001 and more. Learn about the most current IT security threats in ransomware, phishing, business email compromise, cybercrime tactics, cyberheist schemes, and social engineering scams, as well as tips and tricks from leading professionals to help you prevent hackers from penetrating your ...
 
Loading …
show series
 
Knowing what vendors your BAs may use to provide services to your organization is crucial. Those downstream vendors could be the cause of a breach of your data. Signing a BAA does not prove a BA is properly securing your data. Vetting your vendors is as important as making sure your vendors are vetting their vendors. More info at HelpMeWithHIPAA.co…
 
Using website tracking technology on healthcare sites can be a double-edged sword. On the one hand, it can help healthcare organizations better understand user behavior, preferences, and interests. However, if not properly secured, this technology can also put users at risk of their sensitive data being accessed and used inappropriately. More info …
 
The recent breach at the popular password manager, LastPass, has caused a lot of concern amongst its users. We ourselves have discussed whether this is the last pass we are going to give to LastPass. So, in today’s episode, we discuss what happened, what it means for LastPass users and what are some things you should do or consider doing. More info…
 
For our first show of 2023 we review 2 more OCR settlements! These are the last ones released in 2022. Listen in to hear what happened so that you can learn how to avoid making the same mistakes in the new year. More info at HelpMeWithHIPAA.com/388
 
This is one of our favorite episodes of the year. We will recap our 2022 privacy and security predictions and then make new predictions for 2023. Aside from the obvious predictions like “ransomware will increase”, our predictions will give you what we think you are going to be hearing about that you should worry about in 2023. More info at HelpMeWi…
 
As is our custom, we take one week off each year from creating new content just to give us a break. It also gives our sound engineer, Bojan Sabioncello, a chance to shine while he goes through all the outtakes he deals with all year. He gets in front of the mic to share how awful we treat him yet, he is still around after all these years. Thanks to…
 
When you think of a power outage happening to you or your business, you probably think of an outage lasting a few hours. Not the case with the recent massive power outage experienced in Moore County NC recently. So, that begs the question, do you have a response plan for experiencing a power outage lasting a week or more? You should. More info at H…
 
The holidays are upon us and everyone is getting excited about buying presents for friends and loved ones. Cyber criminals are excited too because it means even more opportunities to attack us. Today, we are discussing an article from ZDnet about three new ways attackers are trying to trick you. More info at HelpMeWithHIPAA.com/385…
 
OCR recently released a video on their Recognized Security Practices initiative. The intent is to teach HIPAA regulated entities on what Recognized Security Practices is and what is required to prove its implementation in your organizations. We will review the video today and give you some key takeaways from it. More info at HelpMeWithHIPAA.com/384…
 
How To Choose A Cybersecurity Provider. Learn tips on what to ask for and what to look for. Penetration Tests vs. Vulnerability Scans, Pricing, Zero Trust Technology and The Latest Takeaways from the recent FTX Crypto Exchange Hack. Please like, subscribe and visit all of our properties at: YouTube: https://www.youtube.com/channel/UC8Hgyv0SzIqLfKqQ…
 
As we celebrate Thanksgiving, we thought it would be a good idea to cover three reasons why you should be thankful. Or better yet, three situations you should be thankful that you’re not caught up in…. unless, unfortunately, you are. More info at HelpMeWithHIPAA.com/383
 
The healthcare industry is not immune to cyberattacks. In fact, it's one of the most vulnerable industries. To protect patient safety and data security, hospitals and healthcare providers need to implement better cybersecurity measures. Today, we review a paper from the office of Senator Mark Warner (VA) that discusses policy options for the health…
 
What is your Incident Response Plan? If you said “Oh, we’ll just call IT,” then you need to listen to this podcast. We will review the October 2022 OCR Newsletter that discusses nine procedures that entities should consider including in the incident procedures. More info at HelpMeWithHIPAA.com/381
 
Keeping up on ways to protect your business from a cyber attack can feel intimidating, especially because of the continuously changing methods criminals use to social engineer us. The bottom line is it only takes one click at any time by anyone to open the door to the attackers. More info at HelpMeWithHIPAA.com/380…
 
As you know, each year we record a Halloween episode. This year we are covering very scary decisions that have come back to haunt several organizations, including an organization’s decision not to report a cyber attack, an entity that thought they’d just stroke a check for fines assessed and everything would be OK, and a provider who posted PHI on …
 
Do you remember the saying “there’s an app for that”? Apps certainly are cool and convenient, but can you tell whether they are malicious or not? Today, we discuss and give you some vetting tips you can use before you download apps. More info at HelpMeWithHIPAA.com/378
 
More and more the healthcare industry is using connected medical devices that do cool things, like creating efficiencies in the delivery of patient care and automating tasks for healthcare providers and their staff. But, what about the security of these connected devices? Has anyone thought about that? Well, Ponemon and Cynerio did a study on just …
 
OCR’s right of access initiative keeps on churning with three more cases, making a total of 41 violations of patient right of access so far. Dentists are a known problem when it comes to doing anything for HIPAA privacy and security, including right of access requirements. But, they are quickly learning all about OCR enforcements of HIPAA violation…
 
Every year we review the Ponemon Institute’s Cost of a Data Breach report. It's always interesting because we learn that it's not just about the money. We learn what really makes a difference in our privacy and security program, what we can do that can make the biggest positive impact in the overall cost or a data breach and, more importantly, what…
 
We follow a lot of the Ponemon studies. They help us see changes and trends and make better recommendations to our clients. We are going to cover their annual cost of an insider breach study. This global study covers insider incidents and provides five signs your organization is at risk. More info at HelpMeWithHIPAA.com/374…
 
The ongoing, rapidly changing cyber war has created a need for us to change our viewpoint on cybersecurity. Yes, we need to worry about cyber hygiene and continue working on ways to secure our systems, networks and data. However, there is also a need to take the “plan for the worst but hope for the best” approach and start focusing on cyber resilie…
 
David admits that as a kid he would dumpster dive for “treasures” people threw away. We’ve heard more than once of clients who have gone dumpster diving to retrieve documents containing PHI that were mistakenly thrown away in the regular trash. But, a recent OCR announcement highlights one dermatology group that had quite the trashy privacy violati…
 
What will happen to my Ethereum after Ethereum's Merge? Blockchain Solutions and use cases - Zero Trust Solutions - PTG-Podcast-September-7-2022 Visit https://ComplianceArmor.com for the latest in Cybersecurity and Training. NO INVESTMENT ADVICE The Content is for informational purposes only, you should not construe any such information or other ma…
 
Should we be questioning other people and vendors we work with about the trust we should have in them? The answer is yes. Are they protecting and securing the patient data we entrust them with? Trust, but verify is something we talk about a lot. So, I ask you… should you be trusted? And can you prove it? More info at HelpMeWithHIPAA.com/371…
 
Privacy laws are being passed in more and more states every year. Even non-healthcare businesses are finding they must follow privacy laws in the states they do business in. Conducting a privacy assessment is a great way to understand what data you have that needs protecting, what things can go wrong and then, of those things that can go wrong, whi…
 
In order to protect PHI, you have to know where it is stored and how it comes in, goes out and moves around your organization. This includes marketing analytic tools used on websites and patient portals. They could be transmitting PHI to social media platforms. Very unnerving, right? More info at HelpMeWithHIPAA.com/369…
 
It’s that time again folks! October is Cybersecurity Awareness Month. This year’s theme is “It’s easy to stay safe online” with a weekly focus on key behaviors to help protect your important data. Using these free training tools and practicing basic cybersecurity behaviors, you are much more likely to stay safe online. More info at HelpMeWithHIPAA.…
 
An updated version of the security rule guide that we’ve all been waiting for! NIST has developed a cybersecurity resource guide on implementing the HIPAA Security Rule. It provides key activities, descriptions and sample questions to help covered entities and business associates comply with the HIPAA Security Rule. This guide has tons of good info…
 
OCR recently announced the resolution of 12 investigations. Eleven were for patient right of access violations and one was a big dollar settlement of a security incident at Oklahoma State University Center for Health Services. Lots to cover and learn in this episode. So, pay attention, folks. More info at HelpMeWithHIPAA.com/366…
 
Today’s podcast episode is all about why we worry about supply chain issues, why we keep talking about the HiC SCRiM guidance, and why the first day of the PriSec Boot Camp is supply chain risk management. We’ll review several supply chain breaches, one where there were 660 providers hit at once. As you probably have guessed, these breaches involve…
 
It can be a stressful time when you are adding a new vendor or switching vendors for your critical services. This is the time to create a plan and do a risk analysis to make sure everything gets transitioned and set up properly. Things can go wrong if there’s no plan in place. Today, we review some tips to help you prepare for a vendor transition. …
 
When you're shopping for cybersecurity insurance, the applications can be intense. You'll need to provide a lot of details about your current security protections, and you may be asked to complete a security audit. This is because insurance companies want to be sure that they're not insuring businesses that aren't doing everything they can to prote…
 
Ransomware tactics are constantly changing. Understanding the protections we use today will not be enough down the road is key. We must constantly adjust and adapt our security protections to protect against these attacks. Today, we are going to discuss ransomware stats and key points from two recent reports that can help you create a response plan…
 
We use passwords for everything. Creating a unique, secure password for every website and application is hard to remember, right? So, why hasn’t someone figured out how to get rid of passwords? Well, today we are going to talk about the FIDO password killer solution. More info at HelpMeWithHIPAA.com/361…
 
How many of us know what we don’t know, or at least, willing to admit we don't know what we don't know? Today, we are going to find out as we cover a few potential data breach scenarios and ask “what would you do - report it or not?” More info at HelpMeWithHIPAA.com/360
 
Today, we are going to give you our six takeaways from the 15th annual Verizon Data Breach Investigation Report. We like these reports because they give us an indication of what's going on in the cyber world, what we need to be looking for and looking out for. More info at HelpMeWithHIPAA.com/359
 
We get this question all of the time: How do they get in? How do the bad guys get in and attack my network? Seems like a simple question, right? Well there’s not always a clear cut answer. The first thing you need to understand is that cybersecurity isn't a problem you solve. It's a chronic condition that you have to manage. More info at HelpMeWith…
 
With everything going on on the internet, navigating the digital waters of the internet with your children can be a real challenge. You want to may sure they are safe and that they don't get hacked, but how? In this episode, we give you practical tips and tricks to help keep your kids (and their devices) safe from hackers! Hosts: Craig, Erin, and B…
 
Recently, a Cybersecurity Advisory was released worldwide to MSPs and their customers. We will take a look into what this guidance is, how it applies, and what needs to be done about it. This is BIG and we all better be paying attention. More info at HelpMeWithHIPAA.com/357
 
Hackers have no shame. Any opportunity they think they can exploit will be exploited. That includes a global pandemic that has taken the lives of millions of people around the world. The death and destruction are of no consequence to these bad actors and with millions of workers working remotely, hackers have a field day. Did your business go remot…
 
***In order to get the breaking cyber news to you guys FAST we are posting these right after the live broadcast! If you prefer your news more filtered, keep an eye out for the edited posting tomorrow!*** With everything going on on the internet, navigating the digital waters of the internet with your children can be a real challenge. You want to ma…
 
In this episode, we talk about what a day in the life of a cybersecurity firm looks like, and what kind of mindset it takes to be successful in this industry. Are you thinking of making a switch? Do you know a young person who is looking for career advice? Listen in, and find out if it's right for you! Hosts: Blake and Erin Please like, subscribe a…
 
Everybody get on board because data security laws keep getting signed in states each year. The new Maryland and Kentucky data security laws are designed to help protect insurance companies from cyber attacks by implementing cybersecurity standards, developing, implementing, and maintaining a written information security program. Their service provi…
 
***In order to get the breaking cyber news to you guys FAST we are posting these right after the live broadcast! If you prefer your news more filtered, keep an eye out for the edited posting tomorrow!*** Hackers have no shame. Any opportunity they think they can exploit will be exploited. That includes a global pandemic that has taken the lives of …
 
Sometimes it seems as if America is ALWAYS the target of cybersecurity attacks. And that's because it kinda is! But what remakes the US such an attractive target? It's a complicated answer with multiple reasons - some that aren't too surprising, and others that may be harder to spot. But one thing is for sure: We in the US, collectively, need to ta…
 
Incident response planning is important to every business. You don’t want to figure out how to manage the business and respond to an incident on the fly. These plans should be reviewed and updated regularly. Today we review a brand new guide from the Healthcare & Public Health Sector Coordinating Council on Operational Continuity - Cyber Incident. …
 
We've all seen the news and read the headlines - Hackers aren't going anywhere anytime soon! In fact, quite the opposite is true... So what can YOU do to keep your company's name out of the papers? Listen in and find out! Hosts: Erin and Blake Please like, subscribe and visit all of our properties at: YouTube: https://www.youtube.com/channel/UC8Hgy…
 
***In order to get the breaking cyber news to you guys FAST we are posting these right after the live broadcast! If you prefer your news more filtered, keep an eye out for the edited posting tomorrow!*** With the rash of cyberscams and a huge portion of the workforce going remote, there has been a lot of talk about implementing a "Zero-Trust Framew…
 
Today we welcome Craig back! Not only do we get to hear about Compliance regulations you're probably subject to but unaware of, but we also get to hear Craig's harrowing tail of 'Gator wrestling in the murky waters of North Carolina! Link: Craig Reels in a Gator in Arapahoe, NC! Host: Craig Co-Hosts: BJ, Blake, and Erin Please like, subscribe and v…
 
Over the last couple years, we’ve had some high-profile cybersecurity compromises and data breaches. And this trend is not slowing down. Today, we review a recent study of the top cyber threats to healthcare organizations. The results reinforce that PriSec teams require everyone to participate. More info at HelpMeWithHIPAA.com/354…
 
Loading …

Короткий довідник

Google login Twitter login Classic login