Working together using Modern Attachments
…
continue reading
1
The Medcurity Podcast: HIPAA Compliance | Security | Technology | Healthcare
Medcurity: HIPAA Compliance
Healthcare is complicated. Joe Gellatly and Amanda Hepper are here to help, guiding us through the biggest issues and updates in healthcare security and compliance. From HIPAA Risk Assessments to the dark web, learn what factors are affecting the security of healthcare information and how to protect your data. Tune in for news, advice, and more.
…
continue reading
It’s the show, that bridges the requirements of regulations, compliance, and privacy with those of security. Your trusted source for complying with various mandates, building effective programs, and current compliance news. It’s time for Security and Compliance Weekly.
…
continue reading
It’s the show, that bridges the requirements of regulations, compliance, and privacy with those of security. Your trusted source for complying with various mandates, building effective programs, and current compliance news. It’s time for Security and Compliance Weekly.
…
continue reading
1
Understanding and Preventing Distributed Denial-of-Service Attacks | Medcurity Live 051
5:46
5:46
Spela senare
Spela senare
Listor
Gilla
Gillad
5:46
DDoS attacks are a growing threat to organizations of all sizes. What are they and what impact do they have on you? Tune in to find out. In this episode, we’er covering: Understanding DDoS Attacks: What DDoS attacks are and how they work to disrupt your services. Immediate Impact: The potential damage to business operations, financial losses, and c…
…
continue reading
1
The Ascension Breach and the Importance of Cybersecurity | Medcurity Live 050
6:05
6:05
Spela senare
Spela senare
Listor
Gilla
Gillad
6:05
The Ascension breach has rocked the healthcare sector, and we're breaking down what happened. In this episode, we cover: - The Ascension Breach: How the Black Basta group managed to breach one of the largest healthcare associations. - Immediate Impact: Delays in patient care, administrative chaos, and over 1.2 million patient records exposed. - Key…
…
continue reading
1
The Evolution of Phishing Attacks in Healthcare: New Tactics and Defenses | Medcurity Live 049
6:20
6:20
Spela senare
Spela senare
Listor
Gilla
Gillad
6:20
How are phishing attacks evolving, and what can healthcare organizations do to defend against them? In this episode, we share the latest phishing tactics targeting the healthcare sector - from spear phishing to vishing and smishing. Discover how cybercriminals are becoming more sophisticated and the devastating impacts these attacks can have on hea…
…
continue reading
1
In-House vs. Cloud-Based Backup Systems | Medcurity Live 048
11:20
11:20
Spela senare
Spela senare
Listor
Gilla
Gillad
11:20
How do you decide between in-house backups and cloud-based backups for your healthcare data? In this episode, HIPAA Risk Assessment Specialist Margaret LaDuke discusses the key differences, advantages, and drawbacks of each approach. Learn how to make informed decisions that ensure HIPAA compliance and protect patient data effectively. Stay tuned f…
…
continue reading
1
The Impact of AI on Healthcare Privacy | Medcurity Live 047
4:06
4:06
Spela senare
Spela senare
Listor
Gilla
Gillad
4:06
Artificial intelligence is revolutionizing healthcare, but what does this mean for patient privacy? In this episode, Sean explores the intersection of AI and healthcare privacy, discussing the benefits and risks of using AI in healthcare, and sharing insights on how to mitigate potential privacy concerns. Keep informed and stay ahead of the curve t…
…
continue reading
1
Simplifying HIPAA Audits | Medcurity Live 046
5:03
5:03
Spela senare
Spela senare
Listor
Gilla
Gillad
5:03
Do you ever feel overwhelmed by HIPAA audits? In this episode, Sean breaks down the complexities of HIPAA audits and shares practical tips on how to simplify the process. From understanding HIPAA requirements to identifying potential risks and developing effective compliance strategies, we’ve got you covered. Tune in to learn how to approach HIPAA …
…
continue reading
1
The Latest Change to HIPAA: SUD Privacy | Medcurity Live 045
3:36
3:36
Spela senare
Spela senare
Listor
Gilla
Gillad
3:36
HIPAA has added a new rule to Substance Use Disorder (SUD) privacy. Are you up-to-date on the latest changes? In this episode, Sean dives into the recent updates and what they mean for healthcare providers. From consent forms to breach notification requirements, he covers the essential changes you need to know to ensure compliance. Tune in to stay …
…
continue reading
1
Cybersecurity Goals for HIPAA and Security Enhancement Pt 4 | Medcurity Live 044
3:20
3:20
Spela senare
Spela senare
Listor
Gilla
Gillad
3:20
In this episode, Sean covers the rest of the cybersecurity performance goals set by the U.S. Department of Health and Human Services. He shares cybersecurity tactics including TTPs, Network Segmentation, Centralized Log Collection, Centralized Incident Planning and Preparedness, and Configuration Management. Learn more about Medcurity here: https:/…
…
continue reading
1
Cybersecurity Goals for HIPAA and Security Enhancement Pt 3 | Medcurity Live 043
4:06
4:06
Spela senare
Spela senare
Listor
Gilla
Gillad
4:06
In this episode, Sean covers the first 5 enhanced cybersecurity goals set by the U.S. Department of Health and Human Services. He discusses cybersecurity tactics including asset inventory, third-party vulnerability disclosure, third-party incident reporting, cybersecurity training, and cybersecurity mitigation. Learn more about Medcurity here: http…
…
continue reading
1
Cybersecurity Goals for HIPAA and Security Enhancement Pt 2 | Medcurity Live 042
5:51
5:51
Spela senare
Spela senare
Listor
Gilla
Gillad
5:51
In this episode, Sean covers the last 6 essential cybersecurity goals set by the U.S. Department of Health and Human Services. He discusses cybersecurity tactics including strong encryption, unique and targeted credentials, incident preparedness, account access, and vendor/supplier cybersecurity requirements. Learn more about Medcurity here: https:…
…
continue reading
1
Cybersecurity Goals for HIPAA and Security Enhancement Pt 1 | Medcurity Live 041
6:07
6:07
Spela senare
Spela senare
Listor
Gilla
Gillad
6:07
Sean talks about the first several cybersecurity goals set by the U.S. Department of Health and Human Services. Learn where to start on your journey of compliance and security. He covers vulnerabilities, email security, MFA, and cybersecurity training. Learn more about Medcurity here: https://medcurity.com…
…
continue reading
1
New Standards are Being Set in Cybersecurity and HIPAA | Medcurity Live 040
5:30
5:30
Spela senare
Spela senare
Listor
Gilla
Gillad
5:30
Join Sean as he breaks down the latest cybersecurity and compliance standards from the U.S. Department of Health and Human Services. He walks through the four pillars of cybersecurity to help you understand what they mean for your organization. Tune in to get straightforward insights and practical tips on staying secure in the digital age. Learn mo…
…
continue reading
1
AI & HIPAA: First Steps for Healthcare Leaders
31:45
31:45
Spela senare
Spela senare
Listor
Gilla
Gillad
31:45
Medcurity CEO Joe Gellatly goes over the latest trends in the healthcare industry's implementation of AI, and how providers should be utilizing these new tools while keeping themselves protected.
…
continue reading
1
HIPAA Privacy and Security: Exploring Internal and External Threats
38:15
38:15
Spela senare
Spela senare
Listor
Gilla
Gillad
38:15
Medcurity and iatricSystems have teamed up to explore internal and external privacy and security threats facing healthcare right now. Joe Gellatly with Medcurity and Demi Borden with iatricSystems are bringing their firsthand experiences in the field to demonstrate the best practices they are seeing work right now. They will be discussing: -Lessons…
…
continue reading
1
Practical Tips for On-Going HIPAA Training
24:54
24:54
Spela senare
Spela senare
Listor
Gilla
Gillad
24:54
Listen to our Director of Business Development Ari Van Peursem as she walks through practical HIPAA training tips to keep your company safe and secure. It is Medcurity's objective to ensure your company is well-equipped to protect patient information and provide the best care possible.
…
continue reading
1
Your End of Year HIPAA Requirements
34:56
34:56
Spela senare
Spela senare
Listor
Gilla
Gillad
34:56
On this episode of the Medcurity Podcast, Ari Van Peursem covers the items to prioritize when you are wrapping up your HIPAA documentation for 2022.
…
continue reading
1
HIPAA Updates for 2023 - What You Need to Know
55:01
55:01
Spela senare
Spela senare
Listor
Gilla
Gillad
55:01
Listen to Medcurity's Director of Business Development, Ari Van Peursem share what healthcare organizations need to keep top of mind as we move into 2023. She will be covering: 1. Themes from 2022 2. The most recent breaches and what we can learn as the environment continues to evolve 3. Regulatory updates 4. The future of technology & HIPAA…
…
continue reading
1
Bridging Compliance and Security- Protecting Patient Data
51:26
51:26
Spela senare
Spela senare
Listor
Gilla
Gillad
51:26
Take a listen to Medcurity's CEO Joe Gellatly and DNSFilter's Sr. Director of DSDI, Rebecca Gazda, for a conversation about Healthcare Compliance, Cybersecurity, and how to bridge both to better protect your patients' data.
…
continue reading
Join Amanda Hepper as she goes over Medcurity's top 5 HIPAA hygiene tips.
…
continue reading
1
Protecting Against Breaches: Practical Steps to Take Today
45:51
45:51
Spela senare
Spela senare
Listor
Gilla
Gillad
45:51
Listen to Joe Gellatly talk about cyber security and the crucial action steps your company can take to prevent data breaches.
…
continue reading
Listen to Amanda Hepper go over some of the most frequently asked questions regarding HIPAA compliance.
…
continue reading
1
Webinar: HIPAA Updates - What You Need To Know 2022
31:18
31:18
Spela senare
Spela senare
Listor
Gilla
Gillad
31:18
Join Ari as she discuss an overview of what happened with cybersecurity in 2021, some of the latest updates for Telehealth, and some practical application steps moving forward.
…
continue reading
1
Becoming the Avengers - SCW #99
1:08:59
1:08:59
Spela senare
Spela senare
Listor
Gilla
Gillad
1:08:59
Author of "Why CISOs Fail" is joining us today to tell us about the success of his first book as well as introduce us to his forthcoming book, "Security Hippie. Barak is best known for pioneering the concept of the virtual (or fractional) CISO model nearly two decades ago. Over the twenty years since then he has applied that model and strategy to b…
…
continue reading
1
The Security Hippie, Part 2 - Barak Engel - SCW #99
29:31
29:31
Spela senare
Spela senare
Listor
Gilla
Gillad
29:31
Author of "Why CISOs Fail" is joining us today to tell us about the success of his first book as well as introduce us to his forthcoming book, "Security Hippie. Barak is best known for pioneering the concept of the virtual (or fractional) CISO model nearly two decades ago. Over the twenty years since then he has applied that model and strategy to b…
…
continue reading
1
The Security Hippie, Part 1 - Barak Engel - SCW #99
39:47
39:47
Spela senare
Spela senare
Listor
Gilla
Gillad
39:47
Author of "Why CISOs Fail" is joining us today to tell us about the success of his first book as well as introduce us to his forthcoming book, "Security Hippie. Barak is best known for pioneering the concept of the virtual (or fractional) CISO model nearly two decades ago. Over the twenty years since then he has applied that model and strategy to b…
…
continue reading
Ben Carr will lead us in a discussion about the origins of the role of CISO, roles/responsibilities, and what it's like to be a CISO. We'll touch on qualifications, organizational structure, its place in security and compliance, what it's like to be hero or scapegoat. All this and more! Show Notes: https://securityweekly.com/scw98 Visit https://www…
…
continue reading
1
Everything You Wanted to Know About CISOs But Were Afraid to Ask, Part 2 - Ben Carr - SCW #98
41:36
41:36
Spela senare
Spela senare
Listor
Gilla
Gillad
41:36
Ben Carr will lead us in a discussion about the origins of the role of CISO, roles/responsibilities, and what it's like to be a CISO. We'll touch on qualifications, organizational structure, its place in security and compliance, what it's like to be hero or scapegoat. All this and more! Visit https://www.securityweekly.com/scw for all the latest ep…
…
continue reading
1
Everything You Wanted to Know About CISOs But Were Afraid to Ask, Part 1 - Ben Carr - SCW #98
35:08
35:08
Spela senare
Spela senare
Listor
Gilla
Gillad
35:08
Ben Carr will lead us in a discussion about the origins of the role of CISO, roles/responsibilities, and what it's like to be a CISO. We'll touch on qualifications, organizational structure, its place in security and compliance, what it's like to be hero or scapegoat. All this and more! Visit https://www.securityweekly.com/scw for all the latest ep…
…
continue reading
There’s something happening here – and what it is ain’t exactly clear to O.G hackers like John Threat or our own Mr. Jeff Man. We’re going to devote an episode talking about how things used to be back in the day from a hacker/penetration perspective and discuss how things are today. Are things better? Worse? Depends on your attack vector, perhaps? …
…
continue reading
1
Hacker Situational Awareness, Part 2 - John Threat - SCW #97
50:38
50:38
Spela senare
Spela senare
Listor
Gilla
Gillad
50:38
There’s something happening here – and what it is ain’t exactly clear to O.G hackers like John Threat or our own Mr. Jeff Man. We’re going to devote an episode talking about how things used to be back in the day from a hacker/penetration perspective and discuss how things are today. Are things better? Worse? Depends on your attack vector, perhaps? …
…
continue reading
1
Hacker Situational Awareness, Part 1 - John Threat - SCW #97
41:01
41:01
Spela senare
Spela senare
Listor
Gilla
Gillad
41:01
There’s something happening here – and what it is ain’t exactly clear to O.G hackers like John Threat or our own Mr. Jeff Man. We’re going to devote an episode talking about how things used to be back in the day from a hacker/penetration perspective and discuss how things are today. Are things better? Worse? Depends on your attack vector, perhaps? …
…
continue reading
In the early days of PCI there was an online column called StorefrontBacktalk which focused on retail and technology issues. The column provided valuable insights from various specialists on the interpretation and application of many of the more challenging security requirements found in PCI DSS which was reflected in its tag line, “Techniques, Too…
…
continue reading
1
Security & Compliance Thru the Lens of a Technology Journalist, Part 2 - Evan Schuman - SCW #96
42:55
42:55
Spela senare
Spela senare
Listor
Gilla
Gillad
42:55
In the early days of PCI there was an online column called StorefrontBacktalk which focused on retail and technology issues. The column provided valuable insights from various specialists on the interpretation and application of many of the more challenging security requirements found in PCI DSS which was reflected in its tag line, “Techniques, Too…
…
continue reading
1
Security & Compliance Thru the Lens of a Technology Journalist, Part 1 - Evan Schuman - SCW #96
35:24
35:24
Spela senare
Spela senare
Listor
Gilla
Gillad
35:24
In the early days of PCI there was an online column called StorefrontBacktalk which focused on retail and technology issues. The column provided valuable insights from various specialists on the interpretation and application of many of the more challenging security requirements found in PCI DSS which was reflected in its tag line, “Techniques, Too…
…
continue reading
CISA recently published guidance for how managed service providers (MSPs) should approach security for their operations based on the premise that cyber threat actors are known to target MSPs to reach their customers. MSPs provide remote management of customer IT and end-user systems and generally have direct access to their customers’ networks and …
…
continue reading
1
CISA Guidance for MSPs and SMBs, Part 2 - Chris Loehr - SCW #95
38:44
38:44
Spela senare
Spela senare
Listor
Gilla
Gillad
38:44
CISA recently published guidance for how managed service providers (MSPs) should approach security for their operations based on the premise that cyber threat actors are known to target MSPs to reach their customers. MSPs provide remote management of customer IT and end-user systems and generally have direct access to their customers’ networks and …
…
continue reading
1
CISA Guidance for MSPs and SMBs, Part 1 - Chris Loehr - SCW #95
35:22
35:22
Spela senare
Spela senare
Listor
Gilla
Gillad
35:22
CISA recently published guidance for how managed service providers (MSPs) should approach security for their operations based on the premise that cyber threat actors are known to target MSPs to reach their customers. MSPs provide remote management of customer IT and end-user systems and generally have direct access to their customers’ networks and …
…
continue reading
Join us on this episode of SCW for a general discussion about how to do this whole security/compliance thing better; how compliance really needs to come first; how it's all risk-based or should be RGC not GRC; legal and privacy issues/focus - and how they help or hinder the cause; other factors like burnout/gatekeeping/etc. that all contribute to o…
…
continue reading
1
Governance, Risk, & Compliance...so What? - Part 2 - Allan Alford - SCW #94
27:19
27:19
Spela senare
Spela senare
Listor
Gilla
Gillad
27:19
Join us on this episode of SCW for a general discussion about how to do this whole security/compliance thing better; how compliance really needs to come first; how it's all risk-based or should be RGC not GRC; legal and privacy issues/focus - and how they help or hinder the cause; other factors like burnout/gatekeeping/etc. that all contribute to o…
…
continue reading
1
Governance, Risk, & Compliance...so What? - Part 1 - Allan Alford - SCW #94
36:23
36:23
Spela senare
Spela senare
Listor
Gilla
Gillad
36:23
Join us on this episode of SCW for a general discussion about how to do this whole security/compliance thing better; how compliance really needs to come first; how it's all risk-based or should be RGC not GRC; legal and privacy issues/focus - and how they help or hinder the cause; other factors like burnout/gatekeeping/etc. that all contribute to o…
…
continue reading
1
Diversity & Equality - SCW #93
1:12:14
1:12:14
Spela senare
Spela senare
Listor
Gilla
Gillad
1:12:14
With cybersecurity skills already in short supply, the prospect of losing what little workforce there is to pull from to resignations (especially in the context of the ‘Great Resignation’), is a disturbing one. Rick McElroy will speak to the causes of security burnout and the steps organizations need to take to prevent the loss of the precious reso…
…
continue reading
1
Security Industry Burnout, Part 2 - Rick McElroy - SCW #93
36:16
36:16
Spela senare
Spela senare
Listor
Gilla
Gillad
36:16
With cybersecurity skills already in short supply, the prospect of losing what little workforce there is to pull from to resignations (especially in the context of the ‘Great Resignation’), is a disturbing one. Rick McElroy will speak to the causes of security burnout and the steps organizations need to take to prevent the loss of the precious reso…
…
continue reading
1
Security Industry Burnout, Part 1 - Rick McElroy - SCW #93
36:07
36:07
Spela senare
Spela senare
Listor
Gilla
Gillad
36:07
With cybersecurity skills already in short supply, the prospect of losing what little workforce there is to pull from to resignations (especially in the context of the ‘Great Resignation’), is a disturbing one. Rick McElroy will speak to the causes of security burnout and the steps organizations need to take to prevent the loss of the precious reso…
…
continue reading
1
Overly Prescriptive - SCW #92
1:11:29
1:11:29
Spela senare
Spela senare
Listor
Gilla
Gillad
1:11:29
Tony and Thomas will discuss the importance, value, and challenge of cross-mapping security frameworks, and the rationale and process used by CIS to create end support mapping, and some real-world examples and some real-life problems. Show Notes: https://securityweekly.com/scw92 Visit https://www.securityweekly.com/scw for all the latest episodes! …
…
continue reading
1
Mapping Across an Ocean of Security Frameworks, Part 2 - Thomas Sager, Tony Sager - SCW #92
35:03
35:03
Spela senare
Spela senare
Listor
Gilla
Gillad
35:03
Tony and Thomas will discuss the importance, value, and challenge of cross-mapping security frameworks, and the rationale and process used by CIS to create end support mapping, some real-world examples, and some real-life problems. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw92…
…
continue reading
1
Mapping Across an Ocean of Security Frameworks, Part 1 - Thomas Sager, Tony Sager - SCW #92
36:31
36:31
Spela senare
Spela senare
Listor
Gilla
Gillad
36:31
Tony and Thomas will discuss the importance, value, and challenge of cross-mapping security frameworks, and the rationale and process used by CIS to create end support mapping, some real-world examples, and some real-life problems. Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw92…
…
continue reading
1
Different Directions - SCW #91
1:19:54
1:19:54
Spela senare
Spela senare
Listor
Gilla
Gillad
1:19:54
We’re getting closer to the Q1 2022 release of PCI DSS 4.0, which is expected to differ from the current PCI DSS 3.2.1 version in a few key ways. This includes giving organizations more options in how they become compliant, along with customized implementation. In this podcast, Chris Pin, VP of Privacy and Compliance at PKWARE, will discuss what cu…
…
continue reading
1
Excited About PCI DSS 4.0? What to Expect & How to Prepare, Part 2 - Chris Pin - SCW #91
45:51
45:51
Spela senare
Spela senare
Listor
Gilla
Gillad
45:51
We’re getting closer to the Q1 2022 release of PCI DSS 4.0, which is expected to differ from the current PCI DSS 3.2.1 version in a few key ways. This includes giving organizations more options in how they become compliant, along with customized implementation. In this podcast, Chris Pin, VP of Privacy and Compliance at PKWARE, will discuss what cu…
…
continue reading
1
Excited about PCI DSS 4.0? What to Expect & How to Prepare, Part 1 - Chris Pin - SCW #91
34:08
34:08
Spela senare
Spela senare
Listor
Gilla
Gillad
34:08
We’re getting closer to the Q1 2022 release of PCI DSS 4.0, which is expected to differ from the current PCI DSS 3.2.1 version in a few key ways. This includes giving organizations more options in how they become compliant, along with customized implementation. In this podcast, Chris Pin, VP of Privacy and Compliance at PKWARE, will discuss what cu…
…
continue reading
1
Webinar: Your Actual Requirements Under HIPAA Part 2
45:28
45:28
Spela senare
Spela senare
Listor
Gilla
Gillad
45:28
Amanda and Ari go over the crucial things for practices to know about HIPAA compliance. This webinar covers your Policies and Procedures requirements as well as HIPAA Training.
…
continue reading