Help Me With HIPAA

Let's be honest – most of us treat our home router like a mysterious appliance that just… works. Plug it in, forget about it, and hope the internet gods stay happy. But what if that "set it and forget it" mindset is exactly the problem? With outdated firmware, questionable manufacturing origins, and zero attention for years, your router could be the weakest link in your entire digital life. And yes, that includes your work-from-home setup, your smart devices, and pretty much everything else connected to it. More info at HelpMeWithHIPAA.com/555

Sometimes the biggest threat to your data isn't the hackers, it's what happens after the hackers leave. In this episode, we dive into a jaw-dropping case where 15 million patient records were exposed… and then quietly swept under the rug like a mess nobody wanted to deal with. Spoiler alert: ignoring a breach doesn't make it disappear, it just makes the consequences louder later. If you've ever wondered how bad things can get when vendors drop the ball, this one's a wild ride. More info at HelpMeWithHIPAA.com/554

Imagine logging in one morning and - poof - everything's gone. Not locked, not held hostage… just gone. That's the kind of cyberattack making waves right now, and it's not your typical "pay me in Bitcoin" situation. In this episode, we unpack the Stryker cyberattack, a real-world incident that shows how attackers are shifting from making money to making a mess, and why that should have everyone in healthcare (and beyond) just a little more on edge. More info at HelpMeWithHIPAA.com/553

Cybersecurity awareness is at an all-time high… so why are we still clicking the same sketchy links like it's a hobby? In this episode, we dig into the uncomfortable truth: people know what to do, they just don't do it. Between overwhelming workloads, nonstop digital noise, and a growing sense that "it's inevitable anyway," security has turned into that thing we all agree is important—right before we ignore it to get our jobs done faster. More info at HelpMeWithHIPAA.com/552

If you think a risk analysis is just another box to check on the HIPAA compliance to-do list, this episode might feel a bit like a reality check… with receipts. Using a real OCR settlement involving a phishing attack and nearly 2,000 patients' data, this discussion digs into what regulators actually expect when they say "risk analysis." Spoiler alert: it's a lot more than running a quick scan and calling it a day. More info at HelpMeWithHIPAA.com/551

Governance, Risk, and Compliance. Sounds official. Sounds structured. Sounds like you've got everything under control. But what if you've really just got the "R" and the "C" duct-taped together while governance is off somewhere on vacation? This episode breaks down why governance isn't just policies, committees, or fancy tools—it's the backbone that makes risk management and compliance actually work. If you've ever said, "We're doing security," but can't quite prove who decided what, who owns it, or whether it actually got done… this one's for you. More info at HelpMeWithHIPAA.com/550

At first glance, these sources don't seem related. But when you connect them, they reveal a pattern we can't afford to ignore — and it's more unsettling than most of us would like to admit. It's time for an honest, slightly uncomfortable conversation about where we are — and maybe to sit down and remember what mom and dad always said about choices and consequences… even if we really didn't want to hear it. More info at HelpMeWithHIPAA.com/549

Cybersecurity advice is everywhere — frameworks, standards, best practices, expert opinions — enough PDFs to last you the rest of the year. But for small and mid-sized businesses, the real question isn't "What guidance exists?" It's "What should we actually do that lowers our chances of having a really bad cyber day?" If you've ever looked at a massive cybersecurity framework and thought, "This feels like studying for a final exam I didn't sign up for," you're not alone. That's where CISA's updated Cybersecurity Performance Goals (Version 2.0) come in. Designed to be practical, prioritized, and actually usable, this streamlined approach may be the clearest cybersecurity foundation SMBs have seen yet. In this episode, we break down what changed, why it matters, and how to use it. More info at HelpMeWithHIPAA.com/548

What happens when the company responsible for protecting everyone else becomes the one that gets hacked? Spoiler alert: it's not just their problem. This episode dives into the uncomfortable reality that when an IT provider gets hit, the ripple effects can slam into hundreds, or even thousands, of businesses at once. From ransomware evolution to insider threats to the ever-growing AI wildcard, this conversation pulls back the curtain on why cybersecurity isn't just an IT issue… it's everyone's issue. More info at HelpMeWithHIPAA.com/547

Some things in life have a finish line. Cybersecurity is not one of them. There's no victory lap, no tape to break, and definitely no moment where you can say, "Cool, we're done here." This episode dives into why cybersecurity is a never-ending process, what regulators are really telling organizations through their guidance, and how the most common security failures still come down to the basics—patching, cleaning up old systems, and actually paying attention. If you've ever hoped you could "set it and forget it" with security, this conversation explains why that mindset is exactly what gets people into trouble. More info at HelpMeWithHIPAA.com/546

AI: the gift that keeps on glitching. While most folks are still marveling at how AI can write emails and fold laundry (okay, not quite yet), this episode pulls back the curtain on what happens when artificial intelligence stops being polite and starts getting dangerous. We're talking zombie agents, security holes big enough to drive a HIPAA violation through, and automated tools that might just be a little too eager to help. It's informative, a little terrifying, and more than a few chuckles along the way. More info at HelpMeWithHIPAA.com/545

You'd think the folks steering the cybersecurity ship would be the last ones to punch holes in the hull—but nope, even the pros trip over their own policies. In this episode, we dive headfirst into a cautionary tale where a CISO (yes, the security guy) admits to becoming the insider threat he warns others about. From skipping his own software vetting procedures to triggering network alarms like it's the 4th of July, this story is equal parts cringe and crucial. Strap in as we explore how even the most iron-clad experts are still deliciously human. More info at HelpMeWithHIPAA.com/544

Just because your smart fridge can order milk and your thermostat knows when you're chilly doesn't mean your home network is safe from cyber shenanigans. In this episode, we're roasting the myth that five-star Amazon reviews mean airtight security, dragging lazy VPN habits, and exposing how your toddler's tablet might be the real Trojan horse in your living room. From forgotten firmware to doorbells that moonlight as spies, we're pulling back the Wi-Fi curtain on all the ways your devices could be betraying you—with or without your permission. More info at HelpMeWithHIPAA.com/543

Ever wonder what happens when patient record requests are ignored, invoices go wild, and cybersecurity takes a coffee break? Spoiler: it ends with lawsuits, settlements, and a whole lot of legal back-and-forth. In this episode, we unpack a right of access case that dragged on longer than a season of courtroom drama, and then dive into the spaghetti mess of post-breach chaos - where class action lawsuits spring up like mushrooms and documentation (or lack thereof) can make or break you. If you thought the breach was the worst part… oh honey, it's just getting started. More info at HelpMeWithHIPAA.com/542

Here's the deal: making predictions about 2026 is about as useful as a chocolate teapot. So instead of peering into a cloudy crystal ball, we're laying down some solid groundwork for planning ahead. We're talking AI governance, backup strategies that actually work (yes, tested ones), and why you should absolutely know if your vendor quietly stopped signing BAAs. Buckle up—it's a 2026 survival guide with fewer guesses and more "you got this." More info at HelpMeWithHIPAA.com/541

It's that time of year again where audio perfection goes to die and chaos reigns supreme! In this special episode, we celebrate ten years of podcasting excellence by showcasing the exact opposite: dogs with digestive drama, countdowns that never count down quite right, rogue microphones, clumsy kitchen accidents, and travel mics that seem personally offended by their own existence. Expect Donna's thumb to take a hit (thanks, chef's knife), David to escape suspicion of living off the grid, and Bojan to quietly question all his life choices while trying to make this circus sound good from across the ocean. More info at HelpMeWithHIPAA.com/2025BlooperShow

You know that warm fuzzy feeling you get thinking AI will solve all your business problems and let you retire early? Yeah, this episode is the cold shower you didn't know you needed. We're talking about why most AI projects crash harder than a Segway on launch day, how businesses keep falling into the same traps, and why treating AI like a superpowered intern (instead of your replacement) might be the smarter move. More info at HelpMeWithHIPAA.com/540

Adulting is hard — but digital adulting? That's a whole new level of chaos. In this episode, we dive headfirst into the "Most Wired" survey like it's a techie BuzzFeed quiz for healthcare organizations. From cyber headaches and budget excuses to AI hype and "we've always done it this way" energy, we unpack the nine domains that determine whether your digital health game is fire… or just floppy disk-level tragic. More info at HelpMeWithHIPAA.com/539

Ever wondered what really keeps the Internet running - and what happens when it all goes sideways? The latest Cloudflare outage served up a reality check, exposing just how much of our digital world hangs together with a mix of duct tape, toothpicks, and a whole lot of hope. In this episode we dive into how this outage sent shockwaves through everything from simple website clicks to healthcare payment systems, and why most folks had no idea Cloudflare was even a linchpin for their daily operations. More info at HelpMeWithHIPAA.com/538

If you thought AI in healthcare was just about cool robots and faster diagnoses, surprise! There's a whole army of volunteers wrangling the chaos behind the scenes, and our own Donna Grindle is leading the charge. In this episode, we take a peek into the AI cyber-security kitchen of the Health Sector Coordinating Council, where they're cooking up definitions, glossaries, and playbooks faster than AI can generate cat videos. It's education, governance, and cyber-risk planning, all served with a side of snark and sincerity. More info at HelpMeWithHIPAA.com/537

You thought phishing was just an email problem? Oh sweet summer child. This episode dives into the new frontier of cyber shenanigans: LinkedIn. That's right — the land of business jargon, inspirational posts, and awkward endorsements is now a playground for scammers sliding into your DMs like they're networking for the dark web. Get ready to learn why accepting that too-good-to-be-true board invitation from "a company in South America" might end with malware, not margaritas. More info at HelpMeWithHIPAA.com/536

Welcome to the latest Help Me With HIPAA episode where healthcare becomes the star of a suspense thriller, except the villains are hackers, and the plot twist? They really don't care how small your practice is. We're diving into Huntress' 2025 Cyber Threat Report, which basically confirms that if you're in healthcare, you've got a giant "Hack Me" sign taped to your digital forehead. From script-based exploits to info stealers with boundary issues, this episode breaks down how cyber threats are no longer knocking on the front door - they're already on the couch, eating your snacks, and stealing your patient data. More info at HelpMeWithHIPAA.com/535

If you've ever wanted to throw your laptop out the window after yet another "Your password must include a hieroglyph and a drop of unicorn blood" message, you're not alone. In this episode, we tackle the chaotic circus that is password creation: the rules, the myths, and the mounting frustration of trying to remember if this is the account that wanted a number, a symbol, or your firstborn's dental records. From the rise of passkeys to the surprising sanity of NIST's latest guidance (finally!), we explore how security might actually be getting smarter and less likely to make you cry into your keyboard. More info at HelpMeWithHIPAA.com/534

If you thought your Halloween playlist peaked at "Monster Mash," get ready to level up with the Data Mash — a graveyard splash of spooky cybersecurity tales and ghastly good rhymes. In this special Halloween episode, we summon the spirits of password poltergeists, resurrect dusty old policies from the crypt, and stir up a bubbling MFA cauldron. It's cybersecurity with a spooky twist, and yes, there's even a ransomware reaper lurking around with backup regrets. Boo and boo-hoo for bad data hygiene! More info at HelpMeWithHIPAA.com/533

Welcome to the digital Twilight Zone, where AI is evolving faster than your weekend plans, and people are still out here using "password123!" like it's a life hack. This episode digs into the "Oh, Behave!" cybersecurity behavior report and asks the big questions: Why do we keep doing dumb things online? Can training catch up with tech? And why are Gen Zs so confident while also being the most hacked? Spoiler: it's equal parts fascinating and terrifying. More info at HelpMeWithHIPAA.com/532

Ah, success stories—where marketing meets warm fuzzies… and sometimes federal investigations. This week, we're dissecting how one healthcare group turned a few heartfelt patient testimonials into a compliance catastrophe. From missing consent forms to deleting everything in a panic, it's a cautionary tale of what happens when your privacy policies are more like "guidelines" than rules. Spoiler: OCR reads your website too. More info at HelpMeWithHIPAA.com/531

Is it still a lie if it's only half false? Asking for a biotech company that might've taken "fake it till you make it" a bit too literally with their cybersecurity claims. From hard-coded admin credentials to ignoring vulnerabilities like a bad ex's texts, this episode dives into what happens when convenience beats caution and how a $9.8 million lesson got served with a side of whistleblower justice. More info at HelpMeWithHIPAA.com/530

Welcome to "Digital Jenga," where the tower's made of cloud apps, power cords, and fragile backup plans and every pulled piece brings us closer to chaos. Today's episode is a thought experiment that feels a little too real: What happens when everything goes down but your stress levels? Grab your imaginary generator and follow along as we walk through scenarios that are way more common (and hilarious) than you'd think, because nothing says fun like discovering your entire system was balancing on one Wi-Fi signal and a prayer. More info at HelpMeWithHIPAA.com/529

If your small business still thinks that a dusty old firewall and a sprinkle of MFA is "good enough," this episode is your cybersecurity reality check. Picture your company as a lemonade stand with a cash box—hackers are thirsty, and you're wide open for business. We're diving into why SMBs are now hacker playgrounds, how AI is helping cybercriminals get sneakier, and why your robot vacuum may be more security-conscious than your network gear. It's everything you didn't want to know about being a prime target—served up with a twist of humor, a splash of horror, and a tall glass of truth. More info at HelpMeWithHIPAA.com/528

Ever feel like your tech stack is one shady character away from becoming a security nightmare? Yeah, same. In this episode, we dive headfirst into the murky waters of "breach by association,"where trusting one tool can accidentally invite the entire cybercriminal neighborhood into your data party. From APIs doing the digital equivalent of handing out spare keys, to sneaky GitHub repos spilling secrets like a leaky faucet, we unpack how this all went down. Spoiler: the AI-powered thieves were way too polite to trip any alarms. More info at HelpMeWithHIPAA.com/527

So you thought AI was just here to help you write emails and generate cat memes? Think again. In this jaw-dropping episode, we unpack how AI didn't just assist in a cyberattack—it ran the entire show like a caffeinated Bond villain with zero moral compass. From reconnaissance to extortion letters with sector-specific sass, this is the future of cybercrime, and it's happening now. Buckle up. The robots aren't just coming—they've already clocked in. More info at HelpMeWithHIPAA.com/526

Forget Mission: Impossible-style hacking - today's cyber crooks are all about manners. In this episode, we unravel how asking "pretty please" can crack open digital doors faster than any brute force attack. With tips, tales, and a touch of panic, we break down the importance of knowing your personal risk profile, locking down your accounts, and yes - finally turning on that MFA you've been ignoring. More info at HelpMeWithHIPAA.com/525

If you thought HIPAA only applied to big hospitals and medical groups swimming in patient data, think again. In this episode, we uncover how just one record with PHI can infect your organization with full-blown HIPAA responsibilities — no vaccine required. We dive into a juicy enforcement case featuring a CPA firm that got hit with a ransomware attack and a $175K HIPAA oopsie, all because someone skipped their security risk analysis. Spoiler: ignorance is not immunity. More info at HelpMeWithHIPAA.com/524

Strap in, folks—this episode charges into the wild frontier of cybersecurity, where Shadow AI runs loose like a toddler with admin access. Whether your security plan is airtight or held together by paperclips and prayers, this deep dive into the IBM Cost of a Data Breach 2025 report offers plenty to think about. From eye-popping breach costs to the cringe of unsecured AI, we're covering the good, the bad, and the downright reckless. Spoiler: "we don't use AI" might be the biggest myth since "the check's in the mail." More info at HelpMeWithHIPAA.com/523

You might think a single ransomware attack is just a tech hiccup—but tell that to the medical practice that shut its doors permanently because of one. In this episode, we dissect what really happens when cybersecurity goes sideways, peeling back the layers of tech jargon to expose the raw, messy fallout of a breach. It's less "oops, I forgot my password" and more "goodbye, 12 years of business." Let's get real about what these incidents cost—not just in dollars, but in dignity. More info at HelpMeWithHIPAA.com/522

What do hackers, patient scams, and IT help desks with too much trust have in common? They're all making healthcare cybersecurity a lot messier—and a lot more vomit-worthy. In this episode, we dive into how bad actors are not only stealing data but turning patients into direct targets. From sneaky social engineering tactics to "I can't believe they answered that call" level IT fails, we explore why locking down your network is only half the battle. More info at HelpMeWithHIPAA.com/521

If you thought AI was just about asking ChatGPT for dinner ideas, think again. This episode unpacks the next-level madness of agentic AI—those industrious bots that not only check your emails but might just decide how your healthcare practice runs. We're talking phishing attacks on steroids, decision-making algorithms with questionable judgment, and the jaw-dropping ways AI is working for—and against—us in cybersecurity. It's part fascinating, part terrifying, and 100% worth listening to. More info at HelpMeWithHIPAA.com/520

You know that moment when someone casually slides a contract across the table and says, "Just sign here"? Yeah, don't do that—especially when it's a Business Associate Agreement. This episode is a deep dive into the dark corners of BAAs, the traps they hide, and why you should read every line like it's a ransom note. From ping floods to passive-aggressive breach clauses, we unpack the weird, wild world of healthcare contracts. Oh, and stick around—because just when you think it can't get any messier, a breach shows up to ruin everyone's day. More info at HelpMeWithHIPAA.com/519

Think cybersecurity laws are just for the big guys? Think again. In this episode, we unravel the patchwork of new state regulations popping up faster than a phishing scam in your inbox—Ohio, Utah, Texas, Florida, and even Iowa are throwing their hats into the compliance ring. From safe harbor perks to tiered requirements for small businesses (yes, Texas made a flowchart-worthy version), we decode what these laws mean, who they apply to, and why HIPAA entities seem to always get the "you're fine, probably" treatment. Bonus: there's a federal bill in Congress that might actually help. Maybe. More info at HelpMeWithHIPAA.com/518

Strap in, folks—this isn't your average cybersecurity snoozefest. We're plugging into a conversation with Greg Garcia, the guy who's been leading healthcare's cyber crusade like it's the season finale of a medical drama. From hospitals fending off ransomware to the chaotic ballet of patching ancient medical devices, it's clear: in a world where tech keeps patients breathing, cyber safety is patient safety. And no, turning it off and on again won't fix this one. More info at HelpMeWithHIPAA.com/517

If you thought "One Phish, Two Phish" was a Dr. Seuss classic, think again—this cybercrime edition comes with a twist of ransomware, app-specific passwords, and a side of website hijacking. This week, we explore what happens when software vendors forget to patch, hackers start crafting emails better than your favorite copywriter, and your website becomes a party zone for malware. It's an episode full of lessons, laughs, and mild panic—just the way we like it. More info at HelpMeWithHIPAA.com/516

If you've ever wondered what happens when "going viral" meets "losing your license," this episode has the answer—courtesy of a nurse who took her TikTok dreams a little too far. From cringe-worthy compliance blunders to Oklahoma's oddly refreshing legal update, we're diving headfirst into the murky waters of healthcare privacy, social media madness, and why reasonable security might just be your get-out-of-court-free card. It's like HIPAA meets reality TV—minus the roses and dramatic exits. More info at HelpMeWithHIPAA.com/515