Compliance Officer Personal Liability? - EP 114

There has always been a concern from many people we work with about compliance officer personal liability. Specifically, is a compliance officer personally liable for the compliance of the company?

The recent settlement agreement between the FTC and the Chief Compliance Officer of Moneygram has created interesting conversations for compliance circles. In this case, the Chief Compliance Officer of Moneygram was able to reach a settlement in the liability case against him but it included a $250,000 penalty payment and 3 years restriction on working in that industry. Yep, that is enough to make you sit up and take notice.

More details at HelpMeWithHIPAA.com/114

Check out the episode!

OCR Mic Drop For Cloud Providers - EP 113

The monthly OCR Cyber Newsletter for June had some interesting points.  The fact that OCR mentions multiple times and in multiple ways that they do not endorse, certify, or recommend specific technology or products should serve as their "OCR mic drop moment" on this discussion.  We can dream, can't we!  Today we are going to review that newsletter and how they have pointed these things out once again.

Before we close out the episode we are also covering some questions and comments from listeners.  Hang around for those just after the 30-minute mark.

More info at HelpMeWithHIPAA.com/113

Check out the episode!

NotPetya, Windows, and Ransomware - Ep 112

This is not another episode about preventing and responding to the NotPetya ransomware. There are countless articles about those topics.  We are discussing the bigger picture today.  In this episode, NotPetya, Windows, and Ransomware, we discuss what happened in the case but also what does all of this really mean in the big picture of cyber attacks.  If you don't stay proactive in evaluating what the criminals may do next then you don't have a chance of being anything but reactive.

In light of these recent global attacks, we have many questions.  Are we experiencing a shift in the criminal's intentions or are they just bumbling around with new toys?  If is it no longer just about taking our money then what is really about?  If you haven't cared about protecting your data so far, how about protecting your data from becoming a pawn in the latest cyberwarfare battle?

For more information go to HelpMeWithHIPAA.com/112

Check out the episode!

Breach reporting costs and decisions for 2017 - Ep 111

In June, the NY State Attorney General announced a settlement with CoPilot, a healthcare services company that illegally deferred notice of breach of more than 220,000 patient records.  Another annual report was also just released with the latest numbers : 2017 Cost of a Data Breach Study from Ponemon Institute and IBM.  Today, we are going to discuss how the two of them can help us all make better decisions where potential breaches of PHI are concerned.  Breach reporting costs and decisions in 2017 are proving to be something you should understand before a crisis, not after one hits.

For more info: HelpMeWithHIPAA.com/111

Check out the episode!