Thursday, July 2, 2026

Lava Lamps, Gag Gifts, and HIPAA - Ep 567


What do lava lamps, whoopee cushions, and HIPAA have in common? More than you’d think! This week, a familiar mall retailer famous for gag gifts and lava lamps finds itself at the center of an OCR enforcement action that highlights a common misconception about employer-sponsored health plans. Along the way, you’ll learn why “we’ve never had a problem before” isn’t a cybersecurity strategy, how self-funded health plans fit into HIPAA, and why ignoring compliance can quickly become a very expensive joke.

More info at HelpMeWithHIPAA.com/567


Check out the episode!

Thursday, June 25, 2026

Use Your Free OCR Consulting - Ep 566


Ever wish you could get expert HIPAA advice straight from the source – without the invoice? This episode digs into a little-known offering: the “free consulting” that the Office for Civil Rights (OCR) actually gives out, if you know where to look. We break down the seven biggest lessons buried in official OCR videos and settlement guidance, covering everything from keeping tabs on your inventory (yes, all your data – even the digital version of an old truck growing weeds) to why risk management means more than doing paperwork once a year. If you’re in healthcare and want practical tips to avoid trouble before it makes the headlines, this episode’s for you.

More info at HelpMeWithHIPAA.com/566


Check out the episode!

Thursday, June 18, 2026

Managing AI Before It Manages You - The HSCC AI Framework - Ep 565


Healthcare is rushing to adopt AI, but most organizations haven’t figured out what it really means to keep it in check. The HSCC just released an AI governance framework aimed at helping healthcare leaders get ahead of the curve—before “shadow AI” and unapproved tools turn into a bigger problem. This episode breaks down why AI governance isn’t just IT’s job, where most organizations are getting stuck, and the surprisingly simple questions privacy and compliance teams should be asking about AI before things go sideways.

More info at HelpMeWithHIPAA.com/565


Check out the episode!

Thursday, June 11, 2026

Learning to Live and Work with AI - Ep 564


AI isn’t just a buzzword anymore—it’s showing up everywhere in healthcare, whether you realize it or not. In this episode, we get honest about what it means to live and work with AI, why so many people still feel anxious (or even a little excited) about it, and why avoiding it altogether just isn’t an option. We dig into practical ways healthcare teams can safely experiment with AI in their daily routines, what to watch out for, and how the right approach can help you solve problems instead of just creating new ones. If you’ve been wondering how AI is changing the way you work—or if it really might replace your job—this one’s for you.

More info at HelpMeWithHIPAA.com/564


Check out the episode!

Thursday, June 4, 2026

The Fundamentals Still Matter Says the 2026 DBIR - Ep 563


Are healthcare organizations overcomplicating cybersecurity and missing the basics? In this episode, Donna and David break down the newest Verizon Data Breach Investigations Report and what it really means for hospitals, clinics, and business associates. Despite all the AI headlines and talk about new threats, most breaches still come down to old-school problems—missed patches, credential abuse, and human mistakes. The fundamentals aren’t glamorous, but they’re what keep your data safe. If you’ve ever wondered whether all the new risks really change the game for HIPAA compliance, this episode will help you cut through the noise and focus on what actually matters.

More info at HelpMeWithHIPAA.com/563


Check out the episode!

Thursday, May 28, 2026

When Trust Becomes a Vulnerability - Ep 562


How much should we really trust the systems and people we rely on every day? This week, we’re looking at how trust itself can open the door to risk – whether it’s attackers using AI to speed up finding software flaws, insider threats turning frustration into vulnerability, or the limits of encryption we thought was unbreakable. As healthcare organizations try to keep up, these aren’t just tech problems – they’re operational headaches and policy questions that hit close to home. And yes, the pace of change is only picking up.

More info at HelpMeWithHIPAA.com/562


Check out the episode!

Thursday, May 21, 2026

AI Without Governance Is Just Faster Chaos - Ep 561


AI is showing up everywhere these days like ketchup at a backyard cookout — apparently it belongs on absolutely everything. But as this episode points out, tossing AI into healthcare operations without governance is basically just upgrading your chaos to premium speed. Using insights from a massive global digital health study, the conversation explores why leadership, oversight, and workforce engagement still matter far more than simply throwing AI, cloud apps, and a little “digital transformation seasoning” on every problem. From forgotten integrations and mystery AI tools to the hard truth that automating a bad process just gives you faster bad results, this episode delivers equal parts practical strategy, healthcare reality checks, and painfully accurate tech humor.

More info at HelpMeWithHIPAA.com/561


Check out the episode!

Thursday, May 14, 2026

Same Hacks, Bigger Losses, Smarter Scams - Ep 560


Cybercrime has officially entered its “hold my beer” era. In this episode, we break down the FBI’s annual Internet Crime Complaint Center report and the numbers are equal parts fascinating and horrifying. We’re talking over $20 billion in reported losses, exploding ransomware attacks, AI-powered scams, fake charities, romance cons, business email compromises, and criminals who apparently work harder than some middle managers. It’s a practical, eye-opening look at how modern scams actually work — and why staying skeptical online may now qualify as a survival skill.

More info at HelpMeWithHIPAA.com/560


Check out the episode!

Thursday, May 7, 2026

Vibecoding, Breaches, and Regret - Ep 559


If you’ve ever wondered what happens when ransomware, bad decisions, cyber insurance confusion, and TikTok tech advice all collide in one spectacular dumpster fire… this episode is for you. The conversation dives into four fresh OCR enforcement actions that all share one painfully common theme: nobody did a proper risk analysis until after everything caught on fire. Add in cybersecurity “professionals” secretly helping ransomware gangs and business owners trying to replace enterprise security tools with AI-generated software from TikTok, and you’ve got an episode that somehow manages to be both educational and deeply concerning.

More info at HelpMeWithHIPAA.com/559


Check out the episode!

Thursday, April 30, 2026

You Didn’t Invite AI - But Your Vendor Did - Ep 558


AI isn’t coming – it’s already here, quietly working behind the scenes, updating itself, and occasionally making decisions you didn’t realize you outsourced. In this episode, we unpack the chaos (yes, chaos) of modern AI adoption, especially when it sneaks in through third-party vendors and tools you already use every day. Think less “cool futuristic tech” and more “did we just pour gasoline on our existing risks?” If you’ve ever wondered whether you’re actually using AI… spoiler alert: you are.

More info at HelpMeWithHIPAA.com/558


Check out the episode!

Thursday, April 23, 2026

HIPAA Summit 2026 - What OCR Had To Say - Ep 557


Ever leave a conference with a notebook full of “wait…we should probably be doing that” moments? That’s exactly the energy here. In this episode, we unpack key takeaways fresh from the HIPAA Summit - what stood out, what raised eyebrows, and what might quietly keep compliance folks up at night. Then we pivot into a timely breakdown of the latest OCR webinar on Risk Management Plans, connecting the dots between what’s being said on stage and what’s expected in practice. Think of it as part field report, part reality check.

More info at HelpMeWithHIPAA.com/557


Check out the episode!

Thursday, April 16, 2026

PriSec Is Not Optional for Patient Safety - Ep 556


If you thought healthcare had enough to juggle already, think again. This episode dives headfirst into the latest “Top 10 Patient Safety Concerns,” and spoiler alert—AI is sitting right at the top like it owns the place. From the growing pains of AI-assisted diagnosis to the not-so-small issue of whether anyone is double-checking the robots, things get interesting fast. Toss in cybersecurity risks, workforce shortages, and a system stretched thinner than your patience on hold with tech support, and you’ve got a conversation that’s equal parts eye-opening and “wait… are we okay?”

More info at HelpMeWithHIPAA.com/556


Check out the episode!

Thursday, April 9, 2026

We Need to Talk About Your Home Router - Ep 555


Let’s be honest – most of us treat our home router like a mysterious appliance that just… works. Plug it in, forget about it, and hope the internet gods stay happy. But what if that “set it and forget it” mindset is exactly the problem? With outdated firmware, questionable manufacturing origins, and zero attention for years, your router could be the weakest link in your entire digital life. And yes, that includes your work-from-home setup, your smart devices, and pretty much everything else connected to it.

More info at HelpMeWithHIPAA.com/555


Check out the episode!

Thursday, April 2, 2026

15 Million Record Cover-Up - Ep 554


Sometimes the biggest threat to your data isn’t the hackers, it’s what happens after the hackers leave. In this episode, we dive into a jaw-dropping case where 15 million patient records were exposed… and then quietly swept under the rug like a mess nobody wanted to deal with. Spoiler alert: ignoring a breach doesn’t make it disappear, it just makes the consequences louder later. If you’ve ever wondered how bad things can get when vendors drop the ball, this one’s a wild ride.

More info at HelpMeWithHIPAA.com/554


Check out the episode!

Thursday, March 26, 2026

The Cyberattack Everyone Should Watch - Especially Healthcare - Ep 553


Imagine logging in one morning and - poof - everything’s gone. Not locked, not held hostage… just gone. That’s the kind of cyberattack making waves right now, and it’s not your typical “pay me in Bitcoin” situation. In this episode, we unpack the Stryker cyberattack,  a real-world incident that shows how attackers are shifting from making money to making a mess, and why that should have everyone in healthcare (and beyond) just a little more on edge. 

More info at HelpMeWithHIPAA.com/553


Check out the episode!

Thursday, March 19, 2026

Security Awareness Problem No One Talks About - Ep 552


Cybersecurity awareness is at an all-time high… so why are we still clicking the same sketchy links like it’s a hobby? In this episode, we dig into the uncomfortable truth: people know what to do, they just don’t do it. Between overwhelming workloads, nonstop digital noise, and a growing sense that “it’s inevitable anyway,” security has turned into that thing we all agree is important—right before we ignore it to get our jobs done faster.

More info at HelpMeWithHIPAA.com/552


Check out the episode!

Thursday, March 12, 2026

Risk Analysis - Not a Checkbox, Not Optional - Ep 551


If you think a risk analysis is just another box to check on the HIPAA compliance to-do list, this episode might feel a bit like a reality check… with receipts. Using a real OCR settlement involving a phishing attack and nearly 2,000 patients’ data, this discussion digs into what regulators actually expect when they say “risk analysis.” Spoiler alert: it’s a lot more than running a quick scan and calling it a day.

More info at HelpMeWithHIPAA.com/551


Check out the episode!

Thursday, March 5, 2026

Do You GRC or Just RC? - Ep 550


Governance, Risk, and Compliance. Sounds official. Sounds structured. Sounds like you’ve got everything under control. But what if you’ve really just got the “R” and the “C” duct-taped together while governance is off somewhere on vacation? This episode breaks down why governance isn’t just policies, committees, or fancy tools—it’s the backbone that makes risk management and compliance actually work. If you’ve ever said, “We’re doing security,” but can’t quite prove who decided what, who owns it, or whether it actually got done… this one’s for you.

More info at HelpMeWithHIPAA.com/550


Check out the episode!

Thursday, February 26, 2026

Choices Have Consequences - Ep 549


At first glance, these sources don’t seem related. But when you connect them, they reveal a pattern we can’t afford to ignore — and it’s more unsettling than most of us would like to admit. It’s time for an honest, slightly uncomfortable conversation about where we are — and maybe to sit down and remember what mom and dad always said about choices and consequences… even if we really didn’t want to hear it.

More info at HelpMeWithHIPAA.com/549


Check out the episode!

Thursday, February 19, 2026

CISA CPGs V2 Might Be the Best SMB Cybersecurity Approach Yet - Ep 548


Cybersecurity advice is everywhere — frameworks, standards, best practices, expert opinions — enough PDFs to last you the rest of the year. But for small and mid-sized businesses, the real question isn’t “What guidance exists?” It’s “What should we actually do that lowers our chances of having a really bad cyber day?” If you’ve ever looked at a massive cybersecurity framework and thought, “This feels like studying for a final exam I didn’t sign up for,” you’re not alone. That’s where CISA’s updated Cybersecurity Performance Goals (Version 2.0) come in. Designed to be practical, prioritized, and actually usable, this streamlined approach may be the clearest cybersecurity foundation SMBs have seen yet. In this episode, we break down what changed, why it matters, and how to use it.

More info at HelpMeWithHIPAA.com/548


Check out the episode!

Thursday, February 12, 2026

When One IT Provider Gets Hit Everyone Feels IT - Ep 547


What happens when the company responsible for protecting everyone else becomes the one that gets hacked? Spoiler alert: it’s not just their problem. This episode dives into the uncomfortable reality that when an IT provider gets hit, the ripple effects can slam into hundreds, or even thousands, of businesses at once. From ransomware evolution to insider threats to the ever-growing AI wildcard, this conversation pulls back the curtain on why cybersecurity isn’t just an IT issue… it’s everyone’s issue.

More info at HelpMeWithHIPAA.com/547


Check out the episode!

Thursday, February 5, 2026

There Is No Finish Line in Cybersecurity- Ep 546


Some things in life have a finish line. Cybersecurity is not one of them. There’s no victory lap, no tape to break, and definitely no moment where you can say, “Cool, we’re done here.” This episode dives into why cybersecurity is a never-ending process, what regulators are really telling organizations through their guidance, and how the most common security failures still come down to the basics—patching, cleaning up old systems, and actually paying attention. If you’ve ever hoped you could “set it and forget it” with security, this conversation explains why that mindset is exactly what gets people into trouble. 

More info at HelpMeWithHIPAA.com/546


Check out the episode!

Thursday, January 29, 2026

When AI Stops Being Helpful - Ep 545


AI: the gift that keeps on glitching. While most folks are still marveling at how AI can write emails and fold laundry (okay, not quite yet), this episode pulls back the curtain on what happens when artificial intelligence stops being polite and starts getting dangerous. We're talking zombie agents, security holes big enough to drive a HIPAA violation through, and automated tools that might just be a little too eager to help. It's informative, a little terrifying, and more than a few chuckles along the way.

More info at HelpMeWithHIPAA.com/545


Check out the episode!

Thursday, January 22, 2026

Even Security Leaders Make Human Mistakes - Ep 544


You’d think the folks steering the cybersecurity ship would be the last ones to punch holes in the hull—but nope, even the pros trip over their own policies. In this episode, we dive headfirst into a cautionary tale where a CISO (yes, the security guy) admits to becoming the insider threat he warns others about. From skipping his own software vetting procedures to triggering network alarms like it’s the 4th of July, this story is equal parts cringe and crucial. Strap in as we explore how even the most iron-clad experts are still deliciously human.

More info at HelpMeWithHIPAA.com/544


Check out the episode!

Thursday, January 15, 2026

But It Was Five Stars on Amazon - Ep 543


Just because your smart fridge can order milk and your thermostat knows when you're chilly doesn’t mean your home network is safe from cyber shenanigans. In this episode, we’re roasting the myth that five-star Amazon reviews mean airtight security, dragging lazy VPN habits, and exposing how your toddler’s tablet might be the real Trojan horse in your living room. From forgotten firmware to doorbells that moonlight as spies, we’re pulling back the Wi-Fi curtain on all the ways your devices could be betraying you—with or without your permission.

More info at HelpMeWithHIPAA.com/543


Check out the episode!

Thursday, January 8, 2026

After the Breach Notice Comes the Lawsuit - Ep 542


Ever wonder what happens when patient record requests are ignored, invoices go wild, and cybersecurity takes a coffee break? Spoiler: it ends with lawsuits, settlements, and a whole lot of legal back-and-forth. In this episode, we unpack a right of access case that dragged on longer than a season of courtroom drama, and then dive into the spaghetti mess of post-breach chaos - where class action lawsuits spring up like mushrooms and documentation (or lack thereof) can make or break you. If you thought the breach was the worst part… oh honey, it’s just getting started.

More info at HelpMeWithHIPAA.com/542


Check out the episode!

Thursday, January 1, 2026

2026 Planning Since Predicting Is Pointless - Ep 541


Here’s the deal: making predictions about 2026 is about as useful as a chocolate teapot. So instead of peering into a cloudy crystal ball, we’re laying down some solid groundwork for planning ahead. We’re talking AI governance, backup strategies that actually work (yes, tested ones), and why you should absolutely know if your vendor quietly stopped signing BAAs. Buckle up—it’s a 2026 survival guide with fewer guesses and more “you got this.”

More info at HelpMeWithHIPAA.com/541


Check out the episode!