Reasonable Security That Holds Up in Court - Ep 515

If you’ve ever wondered what happens when “going viral” meets “losing your license,” this episode has the answer—courtesy of a nurse who took her TikTok dreams a little too far. From cringe-worthy compliance blunders to Oklahoma’s oddly refreshing legal update, we’re diving headfirst into the murky waters of healthcare privacy, social media madness, and why reasonable security might just be your get-out-of-court-free card. It’s like HIPAA meets reality TV—minus the roses and dramatic exits.

More info at HelpMeWithHIPAA.com/515

Check out the episode!

Things That Make You Go Hmm - Ep 514

This week on “Things That Make You Go Hmm,” we’re serving up a digital cocktail featuring disappearing network routes, dark web AI tools with a flair for phishing, and Microsoft’s bold new idea to let Copilot tinker with your system settings—what could possibly go wrong? In this episode, we dissect digital disasters and marvel at how event planners might just be outdoing some organizations when it comes to risk assessments. It’s equal parts facepalm and fascinating.

More info at HelpMeWithHIPAA.com/514

Check out the episode!

Sometimes It’s Just a Squirrel - Ep 513

You’ve heard of phishing scams, ransomware, and all the usual cyber villains—but have you prepared for the wrath of a squirrel? In this episode, we unpack how one fuzzy-tailed offender knocked out power to 11,000 customers and sent a swim club scrambling for pencils and paper. But this isn’t just a woodland horror story. It’s a real-world reminder that sometimes, your biggest threat isn’t a hacker—it’s Alfred the squirrel with a death wish and a talent for circuit boards. We use this nutty incident to highlight the often-overlooked need for utility failure preparedness in healthcare and dig into the super-helpful (and criminally underused) ASPR TRACIE tip sheets that can keep your operations steady when nature gets twitchy.

More info at HelpMeWithHIPAA.com/513

Check out the episode!

Edge of Disaster - Ep 512

Welcome to another episode where chaos meets cybersecurity and common sense tries to crash the party. In this digital drama, we’re untangling the curious case of a former employee with way too much access, some mysterious printed medical records, and a whole lot of "Wait... WHAT?!" moments. We also dive into the thrilling (read: terrifying) reality of outdated edge devices and how your trusty old router might just be moonlighting as a hacker’s BFF. Oh, and spoiler alert—Microsoft Recall still isn’t winning any popularity contests.

More info at HelpMeWithHIPAA.com/512

Check out the episode!

EDR Failed - Leadership Did Too - Ep 511

Ever wonder what would happen if a hacker walked right into your digital living room, kicked off their shoes, and hung out for three months without anyone noticing? This week’s episode dives into a jaw-dropping CISA Red Team Assessment that reads like a cybersecurity horror flick—complete with ignored alarms, forgotten passwords, and an open-door policy for digital intruders. It's not just about tech failures; it’s a full-blown case study in what happens when leadership decides “meh” is a strategy.

More info at HelpMeWithHIPAA.com/511

Check out the episode!

7 Things Healthcare Needs More Than Another Webinar - Ep 510

Let’s face it — if healthcare had a dollar for every time someone said “we need another webinar,” it might actually be able to afford cybersecurity upgrades. This episode takes aim at the overload of online presentations and instead shines a light on what healthcare providers actually need. We unpack the findings of a critical report on the unique cybersecurity challenges facing small and rural healthcare providers, who are often running on shoestring budgets, outdated tech, and a whole lot of crossed fingers.

More info at HelpMeWithHIPAA.com/510

Check out the episode!

Breach, Blame, and Bad Behavior - Ep 509

When a cybersecurity CEO strolls into a hospital and decides to play malware magician with a couple of unlocked computers, you've got yourself a plot twist worthy of a Netflix docuseries. In this episode, we dive headfirst into bizarre breaches, finger-pointing fiascos, and the kind of contractual confusion that’ll make you want to reread your SLAs before breakfast. It’s a rollercoaster of responsibility, reputation, and really bad behavior. But at the heart of it all is the million-dollar question: who’s actually responsible when it all goes sideways?

More info at HelpMeWithHIPAA.com/509

Check out the episode!

Busy Broke and Breached - Ep 508

Healthcare still has a giant “Hack Me” sign taped to its back — and the latest reports from Mandiant and Verizon are here to confirm it. These cybercrime breakdowns reveal that attackers are smarter, sneakier, and spending more time poking around your network than ever before. Waiting to secure your systems until after a breach is like installing a smoke detector after the house has already burned down — by the time you smell smoke, it’s too late. From dwell times that feel more like extended Airbnb stays to small businesses learning that “we’re too small to target” isn’t a strategy, the findings hit hard and the lessons come wrapped in some well-placed snark.

More info at HelpMeWithHIPAA.com/508

Check out the episode!

Access Granted... and Never Revoked - Ep 507

If the Ponemon study were a horror flick, it’d be titled "The Login Came from Inside the System." This week’s episode dives into the alarming trend of organizations handing out privileged access like Halloween candy — only to forget who’s still got it long after the party’s over. With 59% of breaches linked to insiders or third parties, and executives confidently sailing past the iceberg of reality, we explore what happens when no one’s really sure who can still get into the network. Spoiler alert: it’s not good. So grab your flashlight and audit logs — we’re heading into the haunted house of unrevoked access.

More info at HelpMeWithHIPAA.com/507

Check out the episode!

They Got Hit. They Just Didn’t Tell You. - Ep 506

Turns out, “they got hit, they just didn’t tell you” isn’t just a snarky title—it’s a terrifying reality. The Black Fog report basically says, “Hey, the cybersecurity iceberg is way bigger below the surface.” From undisclosed data heists to the rapid rise of ransomware attacks, this is your reminder that you don’t want to be the next plot twist in a cyber thriller. Oh, and yeah... shadow AI is watching too. Sleep tight!

More info at HelpMeWithHIPAA.com/506

Check out the episode!

HSCC Makes Bold Cyber Rx Move Before Congress - Ep 505

Imagine your hospital gets hacked—the MRIs are down, billing’s frozen, and suddenly you’re faxing patient records like it’s 1999. No, that’s not a “Twilight Zone” rerun—it’s real life in health care. This week, we’re diving into what the Health Sector Coordinating Council (HSCC) is doing about it, including their recent trip to Congress to lay it all out. From legacy devices clinging to life like old Tamagotchis to cybersecurity plans that don’t sound half bad, we break it all down with just the right amount of snark.

More info at HelpMeWithHIPAA.com/505

Check out the episode!

Keeping It Boring and Patched - Ep 504

Forget action-packed heist movies — the real cybersecurity heroes are the ones making their auditors yawn. In this episode, we break down why "boring and patched" should be everyone's new life goal. From AI developments that won’t sit still for five minutes to real-world cyber drama featuring surprise FBI visits (no popcorn needed), we’re serving up a crash course in staying safe, sane, and just boring enough to avoid disaster.

More info at HelpMeWithHIPAA.com/504

Check out the episode!

AI Has A Patient Safety Problem - Ep 503

AI in healthcare is kind of like an overenthusiastic intern—it’s full of potential, but someone probably should be watching it a little closer. In this episode, we dive into why artificial intelligence might be more “oops” than “awesome” when it comes to patient safety. A recent ECRI report flagged AI as a top safety concern and offered up smart recommendations like stronger governance and better training. From glitchy decision-making to eyebrow-raising cybersecurity breaches, we’re unpacking why AI still needs some serious adult supervision in the healthcare world.

More info at HelpMeWithHIPAA.com/503

Check out the episode!

10 Security & Privacy Metrics to Keep Your SMB in the Black - Ep 502

Think your once-a-year vulnerability scan is enough? That’s adorable. Waiting to check your security metrics until something goes wrong is like only checking your smoke alarm after the house starts smelling like burnt toast. In this episode, we peel back the layers on the top 10 security and privacy metrics every business should be tracking—whether you're the CEO, the IT person, or just someone who knows how to find the printer on the network. From patch management and MFA to phishing tests and forgotten routers older than your intern, we’ve got it all. Buckle up and get ready to verify like your digital life depends on it—because it kinda does.

More info at HelpMeWithHIPAA.com/502

Check out the episode!

HIPAA, Hackers, and Havoc – A Cybersecurity Reality Check - Ep 501

Buckle up, folks—this episode is a rollercoaster of cyber chaos! We kick things off with a quick chat about the upcoming PriSec Boot Camp (because let’s be real, who doesn’t love a good security boot camp?). But then, we dive headfirst into the madness: a fresh HIPAA smackdown over right-of-access failures, a rogue IT guy who locked down an entire company out of revenge, and some seriously sketchy Bluetooth vulnerabilities that could have hackers eavesdropping on your life. And if that wasn’t enough, the 2025 SonicWall Cyber Threat Report drops some terrifying stats on ransomware, business email compromise, and how AI is making cyberattacks even more dangerous. Grab your tinfoil hat and let’s get into it.

More info at HelpMeWithHIPAA.com/501

Check out the episode!

500 Episodes Later – The Threats Are Worse But So Are Our Jokes - Ep 500

500 episodes. A whole decade. Countless cybersecurity threats (and just as many dad jokes). Somehow, we’re still talking about the same cybersecurity nightmares—only now with fancier threats and AI-powered scams. In this milestone episode of Help Me With HIPAA, we take a trip down memory lane—reminiscing about our early struggles, the evolution of security risks, and why some lessons seem to need repeating... forever. Spoiler alert: bad guys are still bad, security is still hard, and if you’ve been with us since episode one, you’re officially a HMWH OG. If you’re new here, welcome—just know that staying out of breaches is a marathon, not a sprint.

More info at HelpMeWithHIPAA.com/500

Check out the episode!

AI Tools Making AI Fools - Ep 499

Cybersecurity: It’s like flossing—we all know we should do it, but a shocking number of people just…don’t. This week, we’re digging into the annual cybersecurity attitudes and behaviors report, which reveals just how careless people are with their passwords, personal info, and, well, basic online survival skills. But don’t worry, AI is here to save us! Or, possibly, to make things even worse. We’ll also explore how AI tools are being used (and misused), and why a scary number of people are feeding them sensitive work info like it’s a buffet. Buckle up—this one’s got some eye-opening stats!

More info at HelpMeWithHIPAA.com/499

Check out the episode!

Big Money Breaches & Bad Security Grades - Ep 498

Cybersecurity report cards are in, and let’s just say—most companies would be grounded if their IT security grades were real school grades. With over 80% of Fortune 500s scoring a D or F, and healthcare companies hovering around the danger zone, it's clear that many organizations are securing data about as well as a cardboard vault. Just ask Warby Parker, which racked up multiple breaches over the years while seemingly skipping Cybersecurity 101. In this episode, we break down what these cybersecurity scores mean, how they were calculated, and what companies should be doing before they end up in the digital hall of shame.

More info at HelpMeWithHIPAA.com/498

Check out the episode!

DeepSeek, Deepfakes and AI’s Big Game Moment - Ep 497

AI just leveled up, and we’re here to talk about it! In this episode, we dive into DeepSeek—the AI model that shook up the stock market, gave OpenAI a run for its money (literally), and is both insanely cheap to run and totally open-source (which is equal parts exciting and terrifying). We also break down the rise of deepfake scams, AI’s growing role in cybersecurity, and why you should probably question everything you see and hear online. If you love tech, security, and a healthy dose of paranoia, buckle up—this one’s for you!

More info at HelpMeWithHIPAA.com/497

Check out the episode!

Healthcare Has A Kick Me Sign - Ep 496

Imagine leaving your front door wide open in a neighborhood full of burglars, then acting shocked when your TV disappears. That’s basically what’s happening in healthcare cybersecurity. This week, we’re talking about why hackers are running rampant, how small healthcare practices are prime targets (no, you’re not “too small to matter”), and what basic security steps can actually make a difference. Spoiler alert: Ignoring the problem won’t make it go away.  

More info at HelpMeWithHIPAA.com/496

Check out the episode!

Bare Minimum Isn’t a Security Strategy - Ep 495

If you’ve ever wondered what it’s like to scream into the cybersecurity void, this episode might feel oddly relatable. We dive into why “bare minimum” isn’t a security strategy—it’s more like playing Russian roulette with your data. From regulatory head-scratchers to the harsh reality that a “bare minimum” security strategy is about as effective as locking your front door while leaving the windows wide open, this episode is your wake-up call, packed with sharp insights, analogies involving go-karts on the interstate, and the occasional frustrated sigh.

More info at HelpMeWithHIPAA.com/495

Check out the episode!

From $10K to $3M: The Price Tag of Neglecting Cybersecurity - Ep 494

If ignoring cybersecurity was a sport, some companies would be gold medalists—until they realize the prize is a hefty fine and years of regulatory headaches. It’s like leaving your car unlocked in a sketchy part of town with a neon sign that says, “Free Stuff Inside.” What could possibly go wrong? Well, in this episode, we break down six real-life cases that prove skimping on security is way more expensive than just doing it right in the first place. From ransomware attacks to patient right of access failures, we’re diving into what went wrong, why it happened, and—most importantly—how you can avoid becoming the next cautionary tale.

More info at HelpMeWithHIPAA.com/494

Check out the episode!

Cavity of Lies: Westend Dental’s HIPAA Coverup - Ep 493

Buckle up, folks, because this week’s episode is a wild ride through the Cavity of Lies—where HIPAA violations, ransomware attacks, and outright absurdity collide. What happens when a dental group tries to sweep a massive breach under the rug (or, you know, hide servers in bathrooms)? Let’s just say it doesn’t end well. From a 3-year-long cover-up to servers stored in all the wrong places, we’ve got lies under oath, policies that might as well be urban legends, and enough bad decisions to make you cringe harder than hearing the dentist say “we need to talk about your flossing habits.”

More info at HelpMeWithHIPAA.com/493

Check out the episode!

HIPAA Security Changes Are Here: We Saw This Coming - Ep 492

Hold onto your compliance hats—big changes are brewing for HIPAA’s Security Rule! The Notice of Proposed Rulemaking (NPRM) is officially out for public comment, and it’s clear HHA and OCR are on a mission to modernize and tighten the safeguards for electronic protected health information (ePHI). From clarifying risk analysis expectations to making security requirements less, well, “vague,” these updates aim to bolster patient safety and data protection while keeping pace with today’s tech-driven world. But with great updates come great responsibilities for covered entities and business associates alike, so now’s the perfect time to weigh in and help shape the final rule before it’s set in stone.

More info at HelpMeWithHIPAA.com/492

Check out the episode!

PriSec Priorities Q1 2025 - Ep 491

Ready to kick off 2025 with a bang? We’re diving into the must-dos for your Q1 2025 compliance and cybersecurity checklist, sprinkling in some risk management wisdom, and why Windows 10 is about as fashionable as shoulder pads in the 2020s. Plus, we sprinkle in a hearty dose of snark to keep you entertained while you get your compliance game strong. Oh and if your incident response plan is just “hope for the best,” it’s time to tune in.

More info at HelpMeWithHIPAA.com/491

Check out the episode!

Supply Chain Attacks: The Risks Keep Growing - Ep 490

Ah, supply chain attacks—the gift that keeps on giving... headaches, fines, and catastrophic data breaches. In this episode, we unwrap three cautionary tales of organizations caught in the tangled web of digital supply chain chaos. From unpatched vulnerabilities and sneaky software backdoors to hackers casually buying network access like it’s an eBay auction, each story serves up a hard truth: you don’t want to be part of a supply chain attack, you don’t want to have a supply chain attack, and you definitely don’t want to delay dealing with a supply chain attack. So grab your metaphorical flashlight and let’s go spelunking into the murky caves of cybersecurity mishaps.

More info at HelpMeWithHIPAA.com/490

Check out the episode!