Help Me With Hipaa

Basic Cyber Hygiene is a fairly new term, but I realized we have mentioned it several times over the last few weeks. What do we really intend people to see when we talk about it? That may be helpful if we think it would solve most of our cyber attack problems, huh. More info at HelpMeWithHIPAA.com/301

Hard to believe that this is our official 300th episode! We are still a tiny podcast in a huge sea but we are pretty sure you can not find a longer running podcast about HIPAA Privacy and Security. To celebrate we have some very special guests, Dave Bittner and Ben Yellen from the CyberWire Caveat podcast. They are  joining us for a discussion about where we all see things going in the future for data privacy laws and cybersecurity protections.  More info at HelpMeWithHIPAA.com/300

Each year the National HIPAA Summit 2021 is a regular event for us. It was held last year just before the shutdown. The event this year was loaded with discussions about what had happened in the previous 12 months and the massive list of things happening in the next 12 months. That is A LOT of HIPAA! Today we cover part 2 of news of note from the conference. More at HelpMeWithHIPAA.com/299

If you are a regular listener of the podcast, you know how Donna loves to “HIPAA-geek out” over the HIPAA Summit each year.  Things are no different this year as the virtual conference stretched 3 full days and another half day.  Needless to say Donna got TONS of information to share - so much so we won’t be able to fit it all in this one podcast.  So, let’s get to Part 1 of the HIPAA Summit 2021. More info at HelpMeWithHIPAA.com/298

Cyber attacks keep on coming and there is no expectation that they’ll ever stop. Attacks are coming from everywhere - vulnerabilities in software applications, insecure IoT devices connected on the internet, email attacks and phishing, etc. Protecting your systems from cyber attacks is not a “one and done,” “set it and forget it” project.  It is a critical and continuous business process that every organization must address.  And, surprise surprise, it also requires vetting your vendors as many attacks are coming through your supply chain. More info at HelpMeWithHIPAA.com/297

Reports are coming out evaluating cyber threats with stats and details documenting the aftermath of attacks happening in 2020 and the outlook for 2021. Let’s just say they are all on brand with what you expect from anything related to 2020. As you can guess, it isn’t looking good for 2021 based on where we are right now. We reviewed some of the articles and reports evaluating cyber threats so you don’t have to... unless you must. More at HelpMeWithHIPAA.com/296

Isn’t it always the little things that make a big difference?  That’s true not only in life, but also when it comes to protecting your data and network from attacks. And, it is often the small things that when overlooked can become a big problem.  So, today we are talking about some of the things that you need to be looking for and that can make a big difference in your privacy and security programs. For more info HelpMeWithHIPAA.com/295

Supply chain cyber threats are happening so often it seems like they keep showing up in the news daily. The list of cases keeps growing every month. So much is still slowly being learned about the SolarWinds attack it is getting hard to keep up with how far it goes. Now we have water systems and more healthcare breaches trickling in. This week I even saw a case we covered before about exposed PACS images.  It’s time for us to talk about what these supply chain attacks mean to the rest of us. For more info HelpMeWithHIPAA.com/294

Supply chain cyber threats are happening so often they keep showing up in the news. The list keeps growing every month. So much is still slowly being learned about the SolarWinds attack it is getting hard to keep up. Now we have water systems and more healthcare breaches trickling in.  It’s time for us to talk about what these supply chain attacks mean to the rest of us. More at HelpMeWithHIPAA.com/293

Smart cyber habits are part of a new initiative introduced by CISA they have titled Reduce the Risk of Ransomware Awareness Campaign that will be running for a new month now. The campaign includes a lot of great educational information and a toolkit among other things they have planned. Certainly worth us sharing with you guys because you can’t have too many chances to find something that will connect with leadership or your workforce. More at HelpMeWithHIPAA.com/292

HHS's Office for Civil Rights published their proposed changes to the HIPAA Privacy Rule. The changes include some required to make HIPAA better align with the requirements of 21st Century Cures Act for patient access to their records. There's a few other changes to note, as well. Let's check them out, shall we? More into at HelpMeWithHIPAA.com/291

During NCSAM Kardon signed up for the Terranova Phishing Tournament - much to everyone’s surprise. Great news is we didn’t have anyone clicking on the link. What did they learn in the tournament? More at HelpMeWithHIPAA.com/290

The OCR enforcement announcements keep coming. Our reviews of not only the new announcements but news on some of the older ones are the topic for today. Did you know one from 2018 is still being reviewed in the courts while we get new ones already in 2021? More at HelpMeWithHIPAA.com/289

Always great to talk cybersecurity insurance coverage with John Miller of Sterling Seacrest Partners. Threats are constantly evolving for all of us. That means cyber liability coverage must also evolve. Have you evaluated what your cyber policy will really cover when you are attacked? There are certainly several areas John brings up for us all to consider in our cybersecurity policies. More info at HelpMeWithHIPAA.com/288

Making annual predictions is always a little bit guessing and a lot of luck by the end of the year. No way any of us could have predicted where we would go throughout the year we just call 2020. Only history will tell us will give us the distance to understand the last 12 months. Who knows where we will go next but what the umm heck. We figured we would do it again. More info at HelpMeWithHIPAA.com/287

A new HIPAA safe harbor rule is out there floating around now. A safe harbor is a legal term that refers to laws and regulations that specify that certain actions will be considered not to violate a given rule. It is often used to clarify big standards like HIPAA. Encryption is one of those things under the breach rules. Do you know about HR 7898? More at HelpMeWithHIPAA/286

A hospital President, after being hit by a cyber attack, said “We really did not anticipate the scope or the impact the attack had on our system and how far-reaching it was.” This is just the beginning.  Get prepared for more to come. Especially, with the success of the major SolarWinds infiltration. We knew things were getting worse weeks ago when we recorded this one. Where do we see things going? More at HelpMeWithHIPAA.com/285

What a year it has been! Say what you will but none of us will EVER forget living through 2020. As we have all adjusted throughout the year we appreciate everyone's continued support of our efforts to educate and entertain. As is our custom, our editor, Bojan, gets his annual 15 minutes of fame.  Enjoy his year end Blooper Show edition that gives us a week off and gives him a chance to get back at us for the whole year of crap. More data privacy and security madness coming your way next year which is actually next week!  Happy Holidays, Happy New Year, and Happy End of 2020!

The value of the HICP guides is really beginning to be realized as we approach the 2nd anniversary of it's release. Erik Decker, Chief Information Security Officer and Chief Privacy Officer, University of Chicago Medical Center (and 405d Task Force industry lead and co-chair) was kind enough to join us again to discuss what's coming next for HICP and what he sees in healthcare cybersecurity management as we head into 2021. More at HelpMeWithHIPAA.com/284

Amazon is rolling out a new “feature” called Sidewalk. If you have any Alexa devices or certain Ring devices on a network we say get off the Sidewalk! At least until you figure out how it can be secured. More at HelpMeWithHIPAA.com/283