All the news about ransomware and hackers usually gets the biggest headlines. But, the ones that fly under the radar may be something you should pay more attention to than the big splashy news. Insiders usually don't have to work hard to plot ways to break into your data, you have invited them in and given them access. A damaging assumption is that you don't have to worry about your insiders.
Get more info at HelpMeWithHIPAA.com/98
Call it teleworking, remote access, or mobile access if you have any access to PHI outside of your office, you should have a HIPAA mobile access policy. Any person that accesses you systems and data outside of your internal network should be trained and sign off on commitments to protect your PHI.
We've never specifically covered the topic of what should be included in a HIPAA mobile access policy. It is about time we did just that.
Learn more at HelpMeWithHIPAA.com/96
Building a culture of a compliance is something we have talked about many times in this podcast. We never looked at it as a community problem. The things we heard about training the human element to build a cyber security culture were very exciting to us. Well, at least to Donna. The concepts they covered about training not just the workforce but training the community as a whole to better understand what cybersecurity really means.
We also followed that up with a session that explained some more scary darknet activity. Your machine could be for sell on the darknet and you don't even know it.
More information at HelpMeWithHIPAA.com/95
If you saw the movie Catch Me If You Can then you know some of Frank Abagnale's story. Maybe you even read his book Catch Me If You Can: The True Story of a Real Fake.
Tom Hanks said "Abagnale’s lecture may be the best one-man show you will ever see." He WAS NOT KIDDING!
The famous con man in his youth eventually became a white hat working for the FBI and others to combat fraud and ID theft for over 40 years. Now, he works as a consultant, writer, and speaker on the subject as he continues working with the United States Government
The information he shared with us during his #HIMSS17 session blew us away. That means we have to tell you guys about it!
Learn more at https://HelpMeWithHIPAA.com/94
The first full day of HIMSS17 HIPAA had a big session. It featured Deven McGraw, Deputy Director for Health Information Privacy at the HHS Office for Civil Rights (OCR). She is also Acting Chief Privacy Officer for the Office of the National Coordinator for Health IT (ONC). Clearly, it was one of the sessions at the top of the list for us to attend. We got there early enough to be perched on the front row. In this episode, we review what McGraw covered in her session and our thoughts on it.
For more details and timestamps go to HelpMeWithHIPAA.com/93
