You know that warm fuzzy feeling you get thinking AI will solve all your business problems and let you retire early? Yeah, this episode is the cold shower you didn’t know you needed. We’re talking about why most AI projects crash harder than a Segway on launch day, how businesses keep falling into the same traps, and why treating AI like a superpowered intern (instead of your replacement) might be the smarter move.
More info at HelpMeWithHIPAA.com/540
Adulting is hard — but digital adulting? That’s a whole new level of chaos. In this episode, we dive headfirst into the “Most Wired” survey like it’s a techie BuzzFeed quiz for healthcare organizations. From cyber headaches and budget excuses to AI hype and “we’ve always done it this way” energy, we unpack the nine domains that determine whether your digital health game is fire… or just floppy disk-level tragic.
More info at HelpMeWithHIPAA.com/539
Ever wondered what really keeps the Internet running - and what happens when it all goes sideways? The latest Cloudflare outage served up a reality check, exposing just how much of our digital world hangs together with a mix of duct tape, toothpicks, and a whole lot of hope. In this episode we dive into how this outage sent shockwaves through everything from simple website clicks to healthcare payment systems, and why most folks had no idea Cloudflare was even a linchpin for their daily operations.
More info at HelpMeWithHIPAA.com/538
If you thought AI in healthcare was just about cool robots and faster diagnoses, surprise! There's a whole army of volunteers wrangling the chaos behind the scenes, and our own Donna Grindle is leading the charge. In this episode, we take a peek into the AI cyber-security kitchen of the Health Sector Coordinating Council, where they’re cooking up definitions, glossaries, and playbooks faster than AI can generate cat videos. It’s education, governance, and cyber-risk planning, all served with a side of snark and sincerity.
More info at HelpMeWithHIPAA.com/537
You thought phishing was just an email problem? Oh sweet summer child. This episode dives into the new frontier of cyber shenanigans: LinkedIn. That’s right — the land of business jargon, inspirational posts, and awkward endorsements is now a playground for scammers sliding into your DMs like they’re networking for the dark web. Get ready to learn why accepting that too-good-to-be-true board invitation from “a company in South America” might end with malware, not margaritas.
More info at HelpMeWithHIPAA.com/536
Welcome to the latest Help Me With HIPAA episode where healthcare becomes the star of a suspense thriller, except the villains are hackers, and the plot twist? They really don't care how small your practice is. We’re diving into Huntress’ 2025 Cyber Threat Report, which basically confirms that if you're in healthcare, you’ve got a giant “Hack Me” sign taped to your digital forehead. From script-based exploits to info stealers with boundary issues, this episode breaks down how cyber threats are no longer knocking on the front door - they’re already on the couch, eating your snacks, and stealing your patient data.
More info at HelpMeWithHIPAA.com/535
If you've ever wanted to throw your laptop out the window after yet another “Your password must include a hieroglyph and a drop of unicorn blood” message, you're not alone. In this episode, we tackle the chaotic circus that is password creation: the rules, the myths, and the mounting frustration of trying to remember if this is the account that wanted a number, a symbol, or your firstborn’s dental records. From the rise of passkeys to the surprising sanity of NIST’s latest guidance (finally!), we explore how security might actually be getting smarter and less likely to make you cry into your keyboard.
More info at HelpMeWithHIPAA.com/534
If you thought your Halloween playlist peaked at “Monster Mash,” get ready to level up with the Data Mash — a graveyard splash of spooky cybersecurity tales and ghastly good rhymes. In this special Halloween episode, we summon the spirits of password poltergeists, resurrect dusty old policies from the crypt, and stir up a bubbling MFA cauldron. It's cybersecurity with a spooky twist, and yes, there’s even a ransomware reaper lurking around with backup regrets. Boo and boo-hoo for bad data hygiene!
More info at HelpMeWithHIPAA.com/533
Welcome to the digital Twilight Zone, where AI is evolving faster than your weekend plans, and people are still out here using "password123!" like it's a life hack. This episode digs into the “Oh, Behave!” cybersecurity behavior report and asks the big questions: Why do we keep doing dumb things online? Can training catch up with tech? And why are Gen Zs so confident while also being the most hacked? Spoiler: it's equal parts fascinating and terrifying.
More info at HelpMeWithHIPAA.com/532
Ah, success stories—where marketing meets warm fuzzies… and sometimes federal investigations. This week, we’re dissecting how one healthcare group turned a few heartfelt patient testimonials into a compliance catastrophe. From missing consent forms to deleting everything in a panic, it’s a cautionary tale of what happens when your privacy policies are more like “guidelines” than rules. Spoiler: OCR reads your website too.
More info at HelpMeWithHIPAA.com/531
Is it still a lie if it’s only half false? Asking for a biotech company that might’ve taken “fake it till you make it” a bit too literally with their cybersecurity claims. From hard-coded admin credentials to ignoring vulnerabilities like a bad ex’s texts, this episode dives into what happens when convenience beats caution and how a $9.8 million lesson got served with a side of whistleblower justice.
More info at HelpMeWithHIPAA.com/530
Welcome to “Digital Jenga,” where the tower’s made of cloud apps, power cords, and fragile backup plans and every pulled piece brings us closer to chaos. Today’s episode is a thought experiment that feels a little too real: What happens when everything goes down but your stress levels? Grab your imaginary generator and follow along as we walk through scenarios that are way more common (and hilarious) than you'd think, because nothing says fun like discovering your entire system was balancing on one Wi-Fi signal and a prayer.
More info at HelpMeWithHIPAA.com/529
If your small business still thinks that a dusty old firewall and a sprinkle of MFA is “good enough,” this episode is your cybersecurity reality check. Picture your company as a lemonade stand with a cash box—hackers are thirsty, and you’re wide open for business. We’re diving into why SMBs are now hacker playgrounds, how AI is helping cybercriminals get sneakier, and why your robot vacuum may be more security-conscious than your network gear. It's everything you didn’t want to know about being a prime target—served up with a twist of humor, a splash of horror, and a tall glass of truth.
More info at HelpMeWithHIPAA.com/528
Ever feel like your tech stack is one shady character away from becoming a security nightmare? Yeah, same. In this episode, we dive headfirst into the murky waters of “breach by association,”where trusting one tool can accidentally invite the entire cybercriminal neighborhood into your data party. From APIs doing the digital equivalent of handing out spare keys, to sneaky GitHub repos spilling secrets like a leaky faucet, we unpack how this all went down. Spoiler: the AI-powered thieves were way too polite to trip any alarms.
More info at HelpMeWithHIPAA.com/527
So you thought AI was just here to help you write emails and generate cat memes? Think again. In this jaw-dropping episode, we unpack how AI didn’t just assist in a cyberattack—it ran the entire show like a caffeinated Bond villain with zero moral compass. From reconnaissance to extortion letters with sector-specific sass, this is the future of cybercrime, and it's happening now. Buckle up. The robots aren’t just coming—they’ve already clocked in.
More info at HelpMeWithHIPAA.com/526
Forget Mission: Impossible-style hacking - today's cyber crooks are all about manners. In this episode, we unravel how asking “pretty please” can crack open digital doors faster than any brute force attack. With tips, tales, and a touch of panic, we break down the importance of knowing your personal risk profile, locking down your accounts, and yes - finally turning on that MFA you've been ignoring.
More info at HelpMeWithHIPAA.com/525
If you thought HIPAA only applied to big hospitals and medical groups swimming in patient data, think again. In this episode, we uncover how just one record with PHI can infect your organization with full-blown HIPAA responsibilities — no vaccine required. We dive into a juicy enforcement case featuring a CPA firm that got hit with a ransomware attack and a $175K HIPAA oopsie, all because someone skipped their security risk analysis. Spoiler: ignorance is not immunity.
More info at HelpMeWithHIPAA.com/524
Strap in, folks—this episode charges into the wild frontier of cybersecurity, where Shadow AI runs loose like a toddler with admin access. Whether your security plan is airtight or held together by paperclips and prayers, this deep dive into the IBM Cost of a Data Breach 2025 report offers plenty to think about. From eye-popping breach costs to the cringe of unsecured AI, we’re covering the good, the bad, and the downright reckless. Spoiler: "we don’t use AI" might be the biggest myth since "the check’s in the mail."
More info at HelpMeWithHIPAA.com/523
You might think a single ransomware attack is just a tech hiccup—but tell that to the medical practice that shut its doors permanently because of one. In this episode, we dissect what really happens when cybersecurity goes sideways, peeling back the layers of tech jargon to expose the raw, messy fallout of a breach. It’s less “oops, I forgot my password” and more “goodbye, 12 years of business.” Let’s get real about what these incidents cost—not just in dollars, but in dignity.
More info at HelpMeWithHIPAA.com/522
What do hackers, patient scams, and IT help desks with too much trust have in common? They're all making healthcare cybersecurity a lot messier—and a lot more vomit-worthy. In this episode, we dive into how bad actors are not only stealing data but turning patients into direct targets. From sneaky social engineering tactics to “I can’t believe they answered that call” level IT fails, we explore why locking down your network is only half the battle.
More info at HelpMeWithHIPAA.com/521
If you thought AI was just about asking ChatGPT for dinner ideas, think again. This episode unpacks the next-level madness of agentic AI—those industrious bots that not only check your emails but might just decide how your healthcare practice runs. We’re talking phishing attacks on steroids, decision-making algorithms with questionable judgment, and the jaw-dropping ways AI is working for—and against—us in cybersecurity. It’s part fascinating, part terrifying, and 100% worth listening to.
More info at HelpMeWithHIPAA.com/520
You know that moment when someone casually slides a contract across the table and says, “Just sign here”? Yeah, don't do that—especially when it's a Business Associate Agreement. This episode is a deep dive into the dark corners of BAAs, the traps they hide, and why you should read every line like it’s a ransom note. From ping floods to passive-aggressive breach clauses, we unpack the weird, wild world of healthcare contracts. Oh, and stick around—because just when you think it can’t get any messier, a breach shows up to ruin everyone’s day.
More info at HelpMeWithHIPAA.com/519
Think cybersecurity laws are just for the big guys? Think again. In this episode, we unravel the patchwork of new state regulations popping up faster than a phishing scam in your inbox—Ohio, Utah, Texas, Florida, and even Iowa are throwing their hats into the compliance ring. From safe harbor perks to tiered requirements for small businesses (yes, Texas made a flowchart-worthy version), we decode what these laws mean, who they apply to, and why HIPAA entities seem to always get the “you’re fine, probably” treatment. Bonus: there's a federal bill in Congress that might actually help. Maybe.
More info at HelpMeWithHIPAA.com/518
Strap in, folks—this isn’t your average cybersecurity snoozefest. We're plugging into a conversation with Greg Garcia, the guy who's been leading healthcare's cyber crusade like it’s the season finale of a medical drama. From hospitals fending off ransomware to the chaotic ballet of patching ancient medical devices, it’s clear: in a world where tech keeps patients breathing, cyber safety is patient safety. And no, turning it off and on again won’t fix this one.
More info at HelpMeWithHIPAA.com/517
If you thought “One Phish, Two Phish” was a Dr. Seuss classic, think again—this cybercrime edition comes with a twist of ransomware, app-specific passwords, and a side of website hijacking. This week, we explore what happens when software vendors forget to patch, hackers start crafting emails better than your favorite copywriter, and your website becomes a party zone for malware. It’s an episode full of lessons, laughs, and mild panic—just the way we like it.
More info at HelpMeWithHIPAA.com/516
If you’ve ever wondered what happens when “going viral” meets “losing your license,” this episode has the answer—courtesy of a nurse who took her TikTok dreams a little too far. From cringe-worthy compliance blunders to Oklahoma’s oddly refreshing legal update, we’re diving headfirst into the murky waters of healthcare privacy, social media madness, and why reasonable security might just be your get-out-of-court-free card. It’s like HIPAA meets reality TV—minus the roses and dramatic exits.
More info at HelpMeWithHIPAA.com/515
This week on “Things That Make You Go Hmm,” we’re serving up a digital cocktail featuring disappearing network routes, dark web AI tools with a flair for phishing, and Microsoft’s bold new idea to let Copilot tinker with your system settings—what could possibly go wrong? In this episode, we dissect digital disasters and marvel at how event planners might just be outdoing some organizations when it comes to risk assessments. It’s equal parts facepalm and fascinating.
More info at HelpMeWithHIPAA.com/514
You’ve heard of phishing scams, ransomware, and all the usual cyber villains—but have you prepared for the wrath of a squirrel? In this episode, we unpack how one fuzzy-tailed offender knocked out power to 11,000 customers and sent a swim club scrambling for pencils and paper. But this isn’t just a woodland horror story. It’s a real-world reminder that sometimes, your biggest threat isn’t a hacker—it’s Alfred the squirrel with a death wish and a talent for circuit boards. We use this nutty incident to highlight the often-overlooked need for utility failure preparedness in healthcare and dig into the super-helpful (and criminally underused) ASPR TRACIE tip sheets that can keep your operations steady when nature gets twitchy.
More info at HelpMeWithHIPAA.com/513
Welcome to another episode where chaos meets cybersecurity and common sense tries to crash the party. In this digital drama, we’re untangling the curious case of a former employee with way too much access, some mysterious printed medical records, and a whole lot of "Wait... WHAT?!" moments. We also dive into the thrilling (read: terrifying) reality of outdated edge devices and how your trusty old router might just be moonlighting as a hacker’s BFF. Oh, and spoiler alert—Microsoft Recall still isn’t winning any popularity contests.
More info at HelpMeWithHIPAA.com/512
Ever wonder what would happen if a hacker walked right into your digital living room, kicked off their shoes, and hung out for three months without anyone noticing? This week’s episode dives into a jaw-dropping CISA Red Team Assessment that reads like a cybersecurity horror flick—complete with ignored alarms, forgotten passwords, and an open-door policy for digital intruders. It's not just about tech failures; it’s a full-blown case study in what happens when leadership decides “meh” is a strategy.
More info at HelpMeWithHIPAA.com/511
Let’s face it — if healthcare had a dollar for every time someone said “we need another webinar,” it might actually be able to afford cybersecurity upgrades. This episode takes aim at the overload of online presentations and instead shines a light on what healthcare providers actually need. We unpack the findings of a critical report on the unique cybersecurity challenges facing small and rural healthcare providers, who are often running on shoestring budgets, outdated tech, and a whole lot of crossed fingers.
More info at HelpMeWithHIPAA.com/510
When a cybersecurity CEO strolls into a hospital and decides to play malware magician with a couple of unlocked computers, you've got yourself a plot twist worthy of a Netflix docuseries. In this episode, we dive headfirst into bizarre breaches, finger-pointing fiascos, and the kind of contractual confusion that’ll make you want to reread your SLAs before breakfast. It’s a rollercoaster of responsibility, reputation, and really bad behavior. But at the heart of it all is the million-dollar question: who’s actually responsible when it all goes sideways?
More info at HelpMeWithHIPAA.com/509
Healthcare still has a giant “Hack Me” sign taped to its back — and the latest reports from Mandiant and Verizon are here to confirm it. These cybercrime breakdowns reveal that attackers are smarter, sneakier, and spending more time poking around your network than ever before. Waiting to secure your systems until after a breach is like installing a smoke detector after the house has already burned down — by the time you smell smoke, it’s too late. From dwell times that feel more like extended Airbnb stays to small businesses learning that “we’re too small to target” isn’t a strategy, the findings hit hard and the lessons come wrapped in some well-placed snark.
More info at HelpMeWithHIPAA.com/508
If the Ponemon study were a horror flick, it’d be titled "The Login Came from Inside the System." This week’s episode dives into the alarming trend of organizations handing out privileged access like Halloween candy — only to forget who’s still got it long after the party’s over. With 59% of breaches linked to insiders or third parties, and executives confidently sailing past the iceberg of reality, we explore what happens when no one’s really sure who can still get into the network. Spoiler alert: it’s not good. So grab your flashlight and audit logs — we’re heading into the haunted house of unrevoked access.
More info at HelpMeWithHIPAA.com/507
Turns out, “they got hit, they just didn’t tell you” isn’t just a snarky title—it’s a terrifying reality. The Black Fog report basically says, “Hey, the cybersecurity iceberg is way bigger below the surface.” From undisclosed data heists to the rapid rise of ransomware attacks, this is your reminder that you don’t want to be the next plot twist in a cyber thriller. Oh, and yeah... shadow AI is watching too. Sleep tight!
More info at HelpMeWithHIPAA.com/506
Imagine your hospital gets hacked—the MRIs are down, billing’s frozen, and suddenly you’re faxing patient records like it’s 1999. No, that’s not a “Twilight Zone” rerun—it’s real life in health care. This week, we’re diving into what the Health Sector Coordinating Council (HSCC) is doing about it, including their recent trip to Congress to lay it all out. From legacy devices clinging to life like old Tamagotchis to cybersecurity plans that don’t sound half bad, we break it all down with just the right amount of snark.
More info at HelpMeWithHIPAA.com/505
Forget action-packed heist movies — the real cybersecurity heroes are the ones making their auditors yawn. In this episode, we break down why "boring and patched" should be everyone's new life goal. From AI developments that won’t sit still for five minutes to real-world cyber drama featuring surprise FBI visits (no popcorn needed), we’re serving up a crash course in staying safe, sane, and just boring enough to avoid disaster.
More info at HelpMeWithHIPAA.com/504
AI in healthcare is kind of like an overenthusiastic intern—it’s full of potential, but someone probably should be watching it a little closer. In this episode, we dive into why artificial intelligence might be more “oops” than “awesome” when it comes to patient safety. A recent ECRI report flagged AI as a top safety concern and offered up smart recommendations like stronger governance and better training. From glitchy decision-making to eyebrow-raising cybersecurity breaches, we’re unpacking why AI still needs some serious adult supervision in the healthcare world.
More info at HelpMeWithHIPAA.com/503
Think your once-a-year vulnerability scan is enough? That’s adorable. Waiting to check your security metrics until something goes wrong is like only checking your smoke alarm after the house starts smelling like burnt toast. In this episode, we peel back the layers on the top 10 security and privacy metrics every business should be tracking—whether you're the CEO, the IT person, or just someone who knows how to find the printer on the network. From patch management and MFA to phishing tests and forgotten routers older than your intern, we’ve got it all. Buckle up and get ready to verify like your digital life depends on it—because it kinda does.
More info at HelpMeWithHIPAA.com/502
Buckle up, folks—this episode is a rollercoaster of cyber chaos! We kick things off with a quick chat about the upcoming PriSec Boot Camp (because let’s be real, who doesn’t love a good security boot camp?). But then, we dive headfirst into the madness: a fresh HIPAA smackdown over right-of-access failures, a rogue IT guy who locked down an entire company out of revenge, and some seriously sketchy Bluetooth vulnerabilities that could have hackers eavesdropping on your life. And if that wasn’t enough, the 2025 SonicWall Cyber Threat Report drops some terrifying stats on ransomware, business email compromise, and how AI is making cyberattacks even more dangerous. Grab your tinfoil hat and let’s get into it.
More info at HelpMeWithHIPAA.com/501
500 episodes. A whole decade. Countless cybersecurity threats (and just as many dad jokes). Somehow, we’re still talking about the same cybersecurity nightmares—only now with fancier threats and AI-powered scams. In this milestone episode of Help Me With HIPAA, we take a trip down memory lane—reminiscing about our early struggles, the evolution of security risks, and why some lessons seem to need repeating... forever. Spoiler alert: bad guys are still bad, security is still hard, and if you’ve been with us since episode one, you’re officially a HMWH OG. If you’re new here, welcome—just know that staying out of breaches is a marathon, not a sprint.
More info at HelpMeWithHIPAA.com/500
Cybersecurity: It’s like flossing—we all know we should do it, but a shocking number of people just…don’t. This week, we’re digging into the annual cybersecurity attitudes and behaviors report, which reveals just how careless people are with their passwords, personal info, and, well, basic online survival skills. But don’t worry, AI is here to save us! Or, possibly, to make things even worse. We’ll also explore how AI tools are being used (and misused), and why a scary number of people are feeding them sensitive work info like it’s a buffet. Buckle up—this one’s got some eye-opening stats!
More info at HelpMeWithHIPAA.com/499
Cybersecurity report cards are in, and let’s just say—most companies would be grounded if their IT security grades were real school grades. With over 80% of Fortune 500s scoring a D or F, and healthcare companies hovering around the danger zone, it's clear that many organizations are securing data about as well as a cardboard vault. Just ask Warby Parker, which racked up multiple breaches over the years while seemingly skipping Cybersecurity 101. In this episode, we break down what these cybersecurity scores mean, how they were calculated, and what companies should be doing before they end up in the digital hall of shame.
More info at HelpMeWithHIPAA.com/498
AI just leveled up, and we’re here to talk about it! In this episode, we dive into DeepSeek—the AI model that shook up the stock market, gave OpenAI a run for its money (literally), and is both insanely cheap to run and totally open-source (which is equal parts exciting and terrifying). We also break down the rise of deepfake scams, AI’s growing role in cybersecurity, and why you should probably question everything you see and hear online. If you love tech, security, and a healthy dose of paranoia, buckle up—this one’s for you!
More info at HelpMeWithHIPAA.com/497
Imagine leaving your front door wide open in a neighborhood full of burglars, then acting shocked when your TV disappears. That’s basically what’s happening in healthcare cybersecurity. This week, we’re talking about why hackers are running rampant, how small healthcare practices are prime targets (no, you’re not “too small to matter”), and what basic security steps can actually make a difference. Spoiler alert: Ignoring the problem won’t make it go away.
More info at HelpMeWithHIPAA.com/496
If you’ve ever wondered what it’s like to scream into the cybersecurity void, this episode might feel oddly relatable. We dive into why “bare minimum” isn’t a security strategy—it’s more like playing Russian roulette with your data. From regulatory head-scratchers to the harsh reality that a “bare minimum” security strategy is about as effective as locking your front door while leaving the windows wide open, this episode is your wake-up call, packed with sharp insights, analogies involving go-karts on the interstate, and the occasional frustrated sigh.
More info at HelpMeWithHIPAA.com/495
If ignoring cybersecurity was a sport, some companies would be gold medalists—until they realize the prize is a hefty fine and years of regulatory headaches. It’s like leaving your car unlocked in a sketchy part of town with a neon sign that says, “Free Stuff Inside.” What could possibly go wrong? Well, in this episode, we break down six real-life cases that prove skimping on security is way more expensive than just doing it right in the first place. From ransomware attacks to patient right of access failures, we’re diving into what went wrong, why it happened, and—most importantly—how you can avoid becoming the next cautionary tale.
More info at HelpMeWithHIPAA.com/494
Buckle up, folks, because this week’s episode is a wild ride through the Cavity of Lies—where HIPAA violations, ransomware attacks, and outright absurdity collide. What happens when a dental group tries to sweep a massive breach under the rug (or, you know, hide servers in bathrooms)? Let’s just say it doesn’t end well. From a 3-year-long cover-up to servers stored in all the wrong places, we’ve got lies under oath, policies that might as well be urban legends, and enough bad decisions to make you cringe harder than hearing the dentist say “we need to talk about your flossing habits.”
More info at HelpMeWithHIPAA.com/493
Hold onto your compliance hats—big changes are brewing for HIPAA’s Security Rule! The Notice of Proposed Rulemaking (NPRM) is officially out for public comment, and it’s clear HHA and OCR are on a mission to modernize and tighten the safeguards for electronic protected health information (ePHI). From clarifying risk analysis expectations to making security requirements less, well, “vague,” these updates aim to bolster patient safety and data protection while keeping pace with today’s tech-driven world. But with great updates come great responsibilities for covered entities and business associates alike, so now’s the perfect time to weigh in and help shape the final rule before it’s set in stone.
More info at HelpMeWithHIPAA.com/492
Ready to kick off 2025 with a bang? We’re diving into the must-dos for your Q1 2025 compliance and cybersecurity checklist, sprinkling in some risk management wisdom, and why Windows 10 is about as fashionable as shoulder pads in the 2020s. Plus, we sprinkle in a hearty dose of snark to keep you entertained while you get your compliance game strong. Oh and if your incident response plan is just “hope for the best,” it’s time to tune in.
More info at HelpMeWithHIPAA.com/491
Ah, supply chain attacks—the gift that keeps on giving... headaches, fines, and catastrophic data breaches. In this episode, we unwrap three cautionary tales of organizations caught in the tangled web of digital supply chain chaos. From unpatched vulnerabilities and sneaky software backdoors to hackers casually buying network access like it’s an eBay auction, each story serves up a hard truth: you don’t want to be part of a supply chain attack, you don’t want to have a supply chain attack, and you definitely don’t want to delay dealing with a supply chain attack. So grab your metaphorical flashlight and let’s go spelunking into the murky caves of cybersecurity mishaps.
More info at HelpMeWithHIPAA.com/490
