Help Me With Hipaa

Securing older, legacy technologies from cyber threats is extremely important in today's interconnected digital world. Older devices often lack the robust security features of modern counterparts, making them vulnerable targets for hackers seeking to exploit weaknesses. Today, we review HSCC’s Health Industry Cybersecurity – Managing Legacy Technology Security (HIC-MaLTS) guide that provides recommendations to address the legacy technology challenges facing healthcare. More info at HelpMeWithHIPAA.com/424

In the digital age, cybersecurity has become a critical concern for businesses and individuals alike. Today, we review the latest release from 405(d), Check Your Cyber Pulse. This cybersecurity cosmo quiz helps small organizations evaluate their cyber pulse regarding the 10 cybersecurity practices of HICP and decide where they should focus efforts to improve their cybersecurity behaviors. More info at HelpMeWithHIPAA.com/423

Ransomware attacks have become a prevailing threat to businesses of all sizes, causing significant financial losses, reputational damage, and operational disruptions. In this episode, we talk with Robert Cioffi, COO and Co-Founder of Progressive Computing, who shares how they navigated through the Kaseya ransomware attack. He shares invaluable insights into their journey of resilience, recovery, and the crucial lessons learned along the way. More info at HelpMeWithHIPAA.com/422

In a crisis situation, organizations must be prepared to communicate effectively in these challenging situations. Karen Phillips, of Phillips & Marek, joins us to discuss strategies and best practices for managing data breaches and how to communicate with stakeholders, including internal staff, patients and the media. More info at HelpMeWithHIPAA.com/421

Are you worried about the safety of your data and the potential security risks to your organization? In this episode, we talk with Jen Stone of SecurityMetrics to explore the importance of performing technical and nontechnical evaluations of your security program. Jen helps to explain the benefits of thorough evaluations and how they can safeguard your organization against potential vulnerabilities. More info at HelpMeWithHIPAA.com/420

As in years past, we dive into IBM’s 2023 Cost of a Data Breach Report. This annual study sheds light on the ever-evolving landscape of data breaches and provides valuable insights for organizations looking for ways to focus their efforts and money to help prevent and reduce the costs associated with a data breach. More info at HelpMeWithHIPAA.com/419

We all know how important it is to keep our personal information and important data secure. MFA can add an extra layer of protection to our digital lives. But does HIPAA require MFA? The short answer: no, but yes. Listen in to hear how best to lock your cyber door against cyber attacks. More info at HelpMeWithHIPAA.com/418

Verizon has released their 2023 Data Breach Investigations Report (DBIR). This year they focused more on an analysis of actual data breaches - the types of incidents causing the breaches, the motivations of bad actors, how they tend to carry out their attacks and what data they are grabbing. We always look forward to reading this report because it not only has a lot of great information, but also because it contains a good bit of humor. You know we like that. More info at HelpMeWithHIPAA.com/417

In the epic battle between cyber threats and the healthcare industry, it's the patients who suffer the most. There is an urgent need for new regulations in the healthcare industry to address the challenges posed by outdated technology and cybersecurity threats. Today, we talk with Josh Corman about the need for new ideas and meaningful changes to protect hospitals and ensure the safety of critical healthcare functions. More info at HelpMeWithHIPAA.com/416

BAs play a vital role in healthcare organizations as they often provide services to covered entities that require them to access PHI. But, they often don’t fully understand their own HIPAA compliance obligations. OCR recently released a resolution agreement against a BA that proves BAs will be held accountable for their obligations under HIPAA. More info at HelpMeWithHIPAA.com/415

Checklists are important for many people who deal with cybersecurity. David and Donna explain that this new checklist is not just for healthcare, but for all businesses to deal with cybersecurity. They discuss these CPGs, which are Cybersecurity Performance Goals recently published by CISA, and how they can help strengthen your cybersecurity regardless of the size and complexity of your organization. More info at HelpMeWithHIPAA.com/414

Healthcare cybersecurity is no walk in the park! Today, we explore the release of the "Health Industry Cybersecurity Recommendations for Government Policy and Programs" by HSCC. It provides suggestions and ideas on how government policy and programs can support the health sector in beefing up their cybersecurity defenses to help keep our health systems safe from cyber threats.   More info at HelpMeWithHIPAA.com/413

Vacation is a time to relax and get away from everyday worries, but it's important to take steps to ensure that your cybersecurity and privacy are not at risk. Today, we will review vacation and travel security tips from the National Cybersecurity Alliance to help you stay safe during your travels. More info at HelpMeWithHIPAA.com/412

When it comes to cybersecurity, It is important to understand who your audience is and how to communicate effectively with them. Today, we discuss an article on the cybersecurity pitfalls written by Julie Haney, Usable Cybersecurity Program Lead at NIST, and the importance of involving everyone in a team approach to protecting patients' information.  More info at HelpMeWithHIPAA.com/411

Cybersecurity is a big challenge for all businesses these days. Regardless of the size of the business or industry it’s in, hackers are continuously trying to exploit weaknesses to gain access to networks and data. NIST and CISA have some new resources and guides that can help small and medium size businesses face the growing cyber threat. More info at HelpMeWithHIPAA.com/410

You know how people say “it’ll never happen to me”? Well, today we are covering six news stories that chances are will affect you either directly or indirectly in some way. We’ve got yet another story of a practice that doesn’t have a response plan, stories about hardware and software that are vulnerable or were hacked and even a story on how you can make a quick $10m.  More info at HelpMeWithHIPAA.com/409

In the fast-paced world of healthcare, where even your stethoscope can connect to the internet, cybersecurity training for everyone is an absolute must. But fear not, brave healthcare professional!  There is free cybersecurity training online! Listen in and we will tell you all about two great cybersecurity training options for workforce members and clinicians. More info at HelpMeWithHIPAA.com/408

We talk a lot about understanding the current cyber threats and risks involved in not remaining vigilant in protecting against them. Today, we review the Hospital Cyber Resiliency Initiative Landscape Analysis, recently released by 405d. It provides stats and case studies from the real world. It also gives us areas we need to work on and where we need to put our investment of time and money to protect against these threats. More info at HelpMeWithHIPAA.com/407

Healthcare organizations are dealing with increasingly complex cybersecurity threats. With the use of technology and the presence of sensitive patient information, hackers see healthcare systems as valuable targets. Protecting healthcare systems is a major challenge. The 405(d) Task Group has updated their HICP guidance for small, medium and large organizations to help them better secure their networks and applications and manage risks to keep patient information safe. More info at HelpMeWithHIPAA.com/406

It’s fitting that for episode 405 we talk with Erik Decker, lead on the HHS 405d Task Group, about the recently released Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP) 2023 edition. Since David and I are also on the 405d task group, we are excited to talk about the new updates and added resources FREELY available to help everyone prepare and fight against cybersecurity threats.  More info at HelpMeWithHIPAA.com/405