Help Me With Hipaa

When a cybersecurity CEO strolls into a hospital and decides to play malware magician with a couple of unlocked computers, you've got yourself a plot twist worthy of a Netflix docuseries. In this episode, we dive headfirst into bizarre breaches, finger-pointing fiascos, and the kind of contractual confusion that’ll make you want to reread your SLAs before breakfast. It’s a rollercoaster of responsibility, reputation, and really bad behavior. But at the heart of it all is the million-dollar question: who’s actually responsible when it all goes sideways? More info at HelpMeWithHIPAA.com/509

Healthcare still has a giant “Hack Me” sign taped to its back — and the latest reports from Mandiant and Verizon are here to confirm it. These cybercrime breakdowns reveal that attackers are smarter, sneakier, and spending more time poking around your network than ever before. Waiting to secure your systems until after a breach is like installing a smoke detector after the house has already burned down — by the time you smell smoke, it’s too late. From dwell times that feel more like extended Airbnb stays to small businesses learning that “we’re too small to target” isn’t a strategy, the findings hit hard and the lessons come wrapped in some well-placed snark. More info at HelpMeWithHIPAA.com/508

If the Ponemon study were a horror flick, it’d be titled "The Login Came from Inside the System." This week’s episode dives into the alarming trend of organizations handing out privileged access like Halloween candy — only to forget who’s still got it long after the party’s over. With 59% of breaches linked to insiders or third parties, and executives confidently sailing past the iceberg of reality, we explore what happens when no one’s really sure who can still get into the network. Spoiler alert: it’s not good. So grab your flashlight and audit logs — we’re heading into the haunted house of unrevoked access. More info at HelpMeWithHIPAA.com/507

Turns out, “they got hit, they just didn’t tell you” isn’t just a snarky title—it’s a terrifying reality. The Black Fog report basically says, “Hey, the cybersecurity iceberg is way bigger below the surface.” From undisclosed data heists to the rapid rise of ransomware attacks, this is your reminder that you don’t want to be the next plot twist in a cyber thriller. Oh, and yeah... shadow AI is watching too. Sleep tight! More info at HelpMeWithHIPAA.com/506

Imagine your hospital gets hacked—the MRIs are down, billing’s frozen, and suddenly you’re faxing patient records like it’s 1999. No, that’s not a “Twilight Zone” rerun—it’s real life in health care. This week, we’re diving into what the Health Sector Coordinating Council (HSCC) is doing about it, including their recent trip to Congress to lay it all out. From legacy devices clinging to life like old Tamagotchis to cybersecurity plans that don’t sound half bad, we break it all down with just the right amount of snark. More info at HelpMeWithHIPAA.com/505

Forget action-packed heist movies — the real cybersecurity heroes are the ones making their auditors yawn. In this episode, we break down why "boring and patched" should be everyone's new life goal. From AI developments that won’t sit still for five minutes to real-world cyber drama featuring surprise FBI visits (no popcorn needed), we’re serving up a crash course in staying safe, sane, and just boring enough to avoid disaster. More info at HelpMeWithHIPAA.com/504

AI in healthcare is kind of like an overenthusiastic intern—it’s full of potential, but someone probably should be watching it a little closer. In this episode, we dive into why artificial intelligence might be more “oops” than “awesome” when it comes to patient safety. A recent ECRI report flagged AI as a top safety concern and offered up smart recommendations like stronger governance and better training. From glitchy decision-making to eyebrow-raising cybersecurity breaches, we’re unpacking why AI still needs some serious adult supervision in the healthcare world. More info at HelpMeWithHIPAA.com/503

Think your once-a-year vulnerability scan is enough? That’s adorable. Waiting to check your security metrics until something goes wrong is like only checking your smoke alarm after the house starts smelling like burnt toast. In this episode, we peel back the layers on the top 10 security and privacy metrics every business should be tracking—whether you're the CEO, the IT person, or just someone who knows how to find the printer on the network. From patch management and MFA to phishing tests and forgotten routers older than your intern, we’ve got it all. Buckle up and get ready to verify like your digital life depends on it—because it kinda does. More info at HelpMeWithHIPAA.com/502

Buckle up, folks—this episode is a rollercoaster of cyber chaos! We kick things off with a quick chat about the upcoming PriSec Boot Camp (because let’s be real, who doesn’t love a good security boot camp?). But then, we dive headfirst into the madness: a fresh HIPAA smackdown over right-of-access failures, a rogue IT guy who locked down an entire company out of revenge, and some seriously sketchy Bluetooth vulnerabilities that could have hackers eavesdropping on your life. And if that wasn’t enough, the 2025 SonicWall Cyber Threat Report drops some terrifying stats on ransomware, business email compromise, and how AI is making cyberattacks even more dangerous. Grab your tinfoil hat and let’s get into it. More info at HelpMeWithHIPAA.com/501

500 episodes. A whole decade. Countless cybersecurity threats (and just as many dad jokes). Somehow, we’re still talking about the same cybersecurity nightmares—only now with fancier threats and AI-powered scams. In this milestone episode of Help Me With HIPAA, we take a trip down memory lane—reminiscing about our early struggles, the evolution of security risks, and why some lessons seem to need repeating... forever. Spoiler alert: bad guys are still bad, security is still hard, and if you’ve been with us since episode one, you’re officially a HMWH OG. If you’re new here, welcome—just know that staying out of breaches is a marathon, not a sprint. More info at HelpMeWithHIPAA.com/500

Cybersecurity: It’s like flossing—we all know we should do it, but a shocking number of people just…don’t. This week, we’re digging into the annual cybersecurity attitudes and behaviors report, which reveals just how careless people are with their passwords, personal info, and, well, basic online survival skills. But don’t worry, AI is here to save us! Or, possibly, to make things even worse. We’ll also explore how AI tools are being used (and misused), and why a scary number of people are feeding them sensitive work info like it’s a buffet. Buckle up—this one’s got some eye-opening stats! More info at HelpMeWithHIPAA.com/499

Cybersecurity report cards are in, and let’s just say—most companies would be grounded if their IT security grades were real school grades. With over 80% of Fortune 500s scoring a D or F, and healthcare companies hovering around the danger zone, it's clear that many organizations are securing data about as well as a cardboard vault. Just ask Warby Parker, which racked up multiple breaches over the years while seemingly skipping Cybersecurity 101. In this episode, we break down what these cybersecurity scores mean, how they were calculated, and what companies should be doing before they end up in the digital hall of shame. More info at HelpMeWithHIPAA.com/498

AI just leveled up, and we’re here to talk about it! In this episode, we dive into DeepSeek—the AI model that shook up the stock market, gave OpenAI a run for its money (literally), and is both insanely cheap to run and totally open-source (which is equal parts exciting and terrifying). We also break down the rise of deepfake scams, AI’s growing role in cybersecurity, and why you should probably question everything you see and hear online. If you love tech, security, and a healthy dose of paranoia, buckle up—this one’s for you! More info at HelpMeWithHIPAA.com/497

Imagine leaving your front door wide open in a neighborhood full of burglars, then acting shocked when your TV disappears. That’s basically what’s happening in healthcare cybersecurity. This week, we’re talking about why hackers are running rampant, how small healthcare practices are prime targets (no, you’re not “too small to matter”), and what basic security steps can actually make a difference. Spoiler alert: Ignoring the problem won’t make it go away.   More info at HelpMeWithHIPAA.com/496

If you’ve ever wondered what it’s like to scream into the cybersecurity void, this episode might feel oddly relatable. We dive into why “bare minimum” isn’t a security strategy—it’s more like playing Russian roulette with your data. From regulatory head-scratchers to the harsh reality that a “bare minimum” security strategy is about as effective as locking your front door while leaving the windows wide open, this episode is your wake-up call, packed with sharp insights, analogies involving go-karts on the interstate, and the occasional frustrated sigh. More info at HelpMeWithHIPAA.com/495

If ignoring cybersecurity was a sport, some companies would be gold medalists—until they realize the prize is a hefty fine and years of regulatory headaches. It’s like leaving your car unlocked in a sketchy part of town with a neon sign that says, “Free Stuff Inside.” What could possibly go wrong? Well, in this episode, we break down six real-life cases that prove skimping on security is way more expensive than just doing it right in the first place. From ransomware attacks to patient right of access failures, we’re diving into what went wrong, why it happened, and—most importantly—how you can avoid becoming the next cautionary tale. More info at HelpMeWithHIPAA.com/494

Buckle up, folks, because this week’s episode is a wild ride through the Cavity of Lies—where HIPAA violations, ransomware attacks, and outright absurdity collide. What happens when a dental group tries to sweep a massive breach under the rug (or, you know, hide servers in bathrooms)? Let’s just say it doesn’t end well. From a 3-year-long cover-up to servers stored in all the wrong places, we’ve got lies under oath, policies that might as well be urban legends, and enough bad decisions to make you cringe harder than hearing the dentist say “we need to talk about your flossing habits.” More info at HelpMeWithHIPAA.com/493

Hold onto your compliance hats—big changes are brewing for HIPAA’s Security Rule! The Notice of Proposed Rulemaking (NPRM) is officially out for public comment, and it’s clear HHA and OCR are on a mission to modernize and tighten the safeguards for electronic protected health information (ePHI). From clarifying risk analysis expectations to making security requirements less, well, “vague,” these updates aim to bolster patient safety and data protection while keeping pace with today’s tech-driven world. But with great updates come great responsibilities for covered entities and business associates alike, so now’s the perfect time to weigh in and help shape the final rule before it’s set in stone. More info at HelpMeWithHIPAA.com/492

Ready to kick off 2025 with a bang? We’re diving into the must-dos for your Q1 2025 compliance and cybersecurity checklist, sprinkling in some risk management wisdom, and why Windows 10 is about as fashionable as shoulder pads in the 2020s. Plus, we sprinkle in a hearty dose of snark to keep you entertained while you get your compliance game strong. Oh and if your incident response plan is just “hope for the best,” it’s time to tune in. More info at HelpMeWithHIPAA.com/491

Ah, supply chain attacks—the gift that keeps on giving... headaches, fines, and catastrophic data breaches. In this episode, we unwrap three cautionary tales of organizations caught in the tangled web of digital supply chain chaos. From unpatched vulnerabilities and sneaky software backdoors to hackers casually buying network access like it’s an eBay auction, each story serves up a hard truth: you don’t want to be part of a supply chain attack, you don’t want to have a supply chain attack, and you definitely don’t want to delay dealing with a supply chain attack. So grab your metaphorical flashlight and let’s go spelunking into the murky caves of cybersecurity mishaps. More info at HelpMeWithHIPAA.com/490