How should Protected Health Information (PHI) be disposed of? In order to avoid stolen data and/or HIPAA violations, learn how to properly dispose of PHI, follow regulations, and keep your staff updated on effective disposal methods. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA…

What happens when a device with sensitive information is lost or stolen? In this episode, we break down how HIPAA factors in, what steps to take if it happens, and how to stay ahead with preventive measures to protect your data and stay compliant. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA…

In this episode of The Medcurity Podcast, we take a closer look at the HIPAA Omnibus Rule - what it means, why it’s important, and how it impacts your practice. Gain valuable insights, expand your knowledge, and stay ahead in the world of compliance. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPA…

Is your social media activity HIPAA compliant? What can / can’t you post / respond to? Learn about social media standards when it comes to HIPAA compliance, and steps to take to make sure your activity on these platforms is not violating any HIPAA rules. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #…

Cybersecurity can save your organization from a costly attack. In this episode, we explore how the right protections will help you save money in the long run by preventing costly incidents and keeping your practice compliant. Find out why cybersecurity is one of the smartest financial moves you can make. Learn more about Medcurity here: https://med…

While cybersecurity grabs all the headlines, it’s easy to forget how important physical security is. In this episode of the Medcurity podcast, we focus on the tangible measures—access controls, surveillance systems, visitor management, and secure storage—that protect your facility’s most sensitive areas. Learn how to strengthen your physical defens…

OCR audits are ramping up in 2024, and healthcare organizations need to be ready. In this episode of the Medcurity podcast, we discuss what these audits will focus on, including risk analysis, technology protections, and third-party management. We also share actionable steps to strengthen your compliance efforts and ensure you're prepared for the h…

AI is being used to target your data. In this episode of the Medcurity podcast, we talk about the latest AI scams hitting the healthcare world. Discover how cybercriminals are using artificial intelligence to hack systems and steal sensitive info, and get practical tips to protect yourself. Learn more about Medcurity here: https://medcurity.com…

The Department of Health and Human Services and the FBI have issued a joint advisory warning healthcare providers about a targeted social engineering campaign. We break down what this means and how you can protect your organization in our latest episode of The Medcurity Podcast. Learn more about Medcurity here: https://medcurity.com…

What is a Security Risk Analysis, why is it important, and how should you effectively conduct one? We address all of these questions in our latest episode of The Medcurity Podcast. Learn more about Medcurity here: https://medcurity.com

Join us for an engaging episode where Joe Gellatly, CEO of Medcurity, and Daniel Schwartz, President and Founder of Design I.T. Solutions, dive into the pressing topic of cybersecurity in the healthcare sector. They discuss: AI in Cybersecurity: How artificial intelligence is transforming cybersecurity practices and what it means for your organizat…

Get ready for our latest episode where we’re discussing the alarming 74 percent rise in ransomware attacks in 2023, with sectors like healthcare being particularly hard hit. We’ll share essential strategies for protecting your organization, including enhancing infrastructure, conducting security audits, and developing a robust incident response pla…

DDoS attacks are a growing threat to organizations of all sizes. What are they and what impact do they have on you? Tune in to find out. In this episode, we’er covering: Understanding DDoS Attacks: What DDoS attacks are and how they work to disrupt your services. Immediate Impact: The potential damage to business operations, financial losses, and c…

The Ascension breach has rocked the healthcare sector, and we're breaking down what happened. In this episode, we cover: - The Ascension Breach: How the Black Basta group managed to breach one of the largest healthcare associations. - Immediate Impact: Delays in patient care, administrative chaos, and over 1.2 million patient records exposed. - Key…

How are phishing attacks evolving, and what can healthcare organizations do to defend against them? In this episode, we share the latest phishing tactics targeting the healthcare sector - from spear phishing to vishing and smishing. Discover how cybercriminals are becoming more sophisticated and the devastating impacts these attacks can have on hea…

How do you decide between in-house backups and cloud-based backups for your healthcare data? In this episode, HIPAA Risk Assessment Specialist Margaret LaDuke discusses the key differences, advantages, and drawbacks of each approach. Learn how to make informed decisions that ensure HIPAA compliance and protect patient data effectively. Stay tuned f…

Artificial intelligence is revolutionizing healthcare, but what does this mean for patient privacy? In this episode, Sean explores the intersection of AI and healthcare privacy, discussing the benefits and risks of using AI in healthcare, and sharing insights on how to mitigate potential privacy concerns. Keep informed and stay ahead of the curve t…

Do you ever feel overwhelmed by HIPAA audits? In this episode, Sean breaks down the complexities of HIPAA audits and shares practical tips on how to simplify the process. From understanding HIPAA requirements to identifying potential risks and developing effective compliance strategies, we’ve got you covered. Tune in to learn how to approach HIPAA …

HIPAA has added a new rule to Substance Use Disorder (SUD) privacy. Are you up-to-date on the latest changes? In this episode, Sean dives into the recent updates and what they mean for healthcare providers. From consent forms to breach notification requirements, he covers the essential changes you need to know to ensure compliance. Tune in to stay …

In this episode, Sean covers the rest of the cybersecurity performance goals set by the U.S. Department of Health and Human Services. He shares cybersecurity tactics including TTPs, Network Segmentation, Centralized Log Collection, Centralized Incident Planning and Preparedness, and Configuration Management. Learn more about Medcurity here: https:/…

In this episode, Sean covers the first 5 enhanced cybersecurity goals set by the U.S. Department of Health and Human Services. He discusses cybersecurity tactics including asset inventory, third-party vulnerability disclosure, third-party incident reporting, cybersecurity training, and cybersecurity mitigation. Learn more about Medcurity here: http…

In this episode, Sean covers the last 6 essential cybersecurity goals set by the U.S. Department of Health and Human Services. He discusses cybersecurity tactics including strong encryption, unique and targeted credentials, incident preparedness, account access, and vendor/supplier cybersecurity requirements. Learn more about Medcurity here: https:…

Sean talks about the first several cybersecurity goals set by the U.S. Department of Health and Human Services. Learn where to start on your journey of compliance and security. He covers vulnerabilities, email security, MFA, and cybersecurity training. Learn more about Medcurity here: https://medcurity.com…

Join Sean as he breaks down the latest cybersecurity and compliance standards from the U.S. Department of Health and Human Services. He walks through the four pillars of cybersecurity to help you understand what they mean for your organization. Tune in to get straightforward insights and practical tips on staying secure in the digital age. Learn mo…

Medcurity CEO Joe Gellatly goes over the latest trends in the healthcare industry's implementation of AI, and how providers should be utilizing these new tools while keeping themselves protected.

Medcurity and iatricSystems have teamed up to explore internal and external privacy and security threats facing healthcare right now. Joe Gellatly with Medcurity and Demi Borden with iatricSystems are bringing their firsthand experiences in the field to demonstrate the best practices they are seeing work right now. They will be discussing: -Lessons…

Listen to our Director of Business Development Ari Van Peursem as she walks through practical HIPAA training tips to keep your company safe and secure. It is Medcurity's objective to ensure your company is well-equipped to protect patient information and provide the best care possible.

On this episode of the Medcurity Podcast, Ari Van Peursem covers the items to prioritize when you are wrapping up your HIPAA documentation for 2022.

Listen to Medcurity's Director of Business Development, Ari Van Peursem share what healthcare organizations need to keep top of mind as we move into 2023. She will be covering: 1. Themes from 2022 2. The most recent breaches and what we can learn as the environment continues to evolve 3. Regulatory updates 4. The future of technology & HIPAA…

Take a listen to Medcurity's CEO Joe Gellatly and DNSFilter's Sr. Director of DSDI, Rebecca Gazda, for a conversation about Healthcare Compliance, Cybersecurity, and how to bridge both to better protect your patients' data.

Join Amanda Hepper as she goes over Medcurity's top 5 HIPAA hygiene tips.

Listen to Joe Gellatly talk about cyber security and the crucial action steps your company can take to prevent data breaches.

Listen to Amanda Hepper go over some of the most frequently asked questions regarding HIPAA compliance.

Join Ari as she discuss an overview of what happened with cybersecurity in 2021, some of the latest updates for Telehealth, and some practical application steps moving forward.

Author of "Why CISOs Fail" is joining us today to tell us about the success of his first book as well as introduce us to his forthcoming book, "Security Hippie. Barak is best known for pioneering the concept of the virtual (or fractional) CISO model nearly two decades ago. Over the twenty years since then he has applied that model and strategy to b…

Author of "Why CISOs Fail" is joining us today to tell us about the success of his first book as well as introduce us to his forthcoming book, "Security Hippie. Barak is best known for pioneering the concept of the virtual (or fractional) CISO model nearly two decades ago. Over the twenty years since then he has applied that model and strategy to b…

Author of "Why CISOs Fail" is joining us today to tell us about the success of his first book as well as introduce us to his forthcoming book, "Security Hippie. Barak is best known for pioneering the concept of the virtual (or fractional) CISO model nearly two decades ago. Over the twenty years since then he has applied that model and strategy to b…

Ben Carr will lead us in a discussion about the origins of the role of CISO, roles/responsibilities, and what it's like to be a CISO. We'll touch on qualifications, organizational structure, its place in security and compliance, what it's like to be hero or scapegoat. All this and more! Show Notes: https://securityweekly.com/scw98 Visit https://www…

Ben Carr will lead us in a discussion about the origins of the role of CISO, roles/responsibilities, and what it's like to be a CISO. We'll touch on qualifications, organizational structure, its place in security and compliance, what it's like to be hero or scapegoat. All this and more! Visit https://www.securityweekly.com/scw for all the latest ep…

Ben Carr will lead us in a discussion about the origins of the role of CISO, roles/responsibilities, and what it's like to be a CISO. We'll touch on qualifications, organizational structure, its place in security and compliance, what it's like to be hero or scapegoat. All this and more! Visit https://www.securityweekly.com/scw for all the latest ep…

There’s something happening here – and what it is ain’t exactly clear to O.G hackers like John Threat or our own Mr. Jeff Man. We’re going to devote an episode talking about how things used to be back in the day from a hacker/penetration perspective and discuss how things are today. Are things better? Worse? Depends on your attack vector, perhaps? …

There’s something happening here – and what it is ain’t exactly clear to O.G hackers like John Threat or our own Mr. Jeff Man. We’re going to devote an episode talking about how things used to be back in the day from a hacker/penetration perspective and discuss how things are today. Are things better? Worse? Depends on your attack vector, perhaps? …

There’s something happening here – and what it is ain’t exactly clear to O.G hackers like John Threat or our own Mr. Jeff Man. We’re going to devote an episode talking about how things used to be back in the day from a hacker/penetration perspective and discuss how things are today. Are things better? Worse? Depends on your attack vector, perhaps? …

In the early days of PCI there was an online column called StorefrontBacktalk which focused on retail and technology issues. The column provided valuable insights from various specialists on the interpretation and application of many of the more challenging security requirements found in PCI DSS which was reflected in its tag line, “Techniques, Too…

In the early days of PCI there was an online column called StorefrontBacktalk which focused on retail and technology issues. The column provided valuable insights from various specialists on the interpretation and application of many of the more challenging security requirements found in PCI DSS which was reflected in its tag line, “Techniques, Too…

In the early days of PCI there was an online column called StorefrontBacktalk which focused on retail and technology issues. The column provided valuable insights from various specialists on the interpretation and application of many of the more challenging security requirements found in PCI DSS which was reflected in its tag line, “Techniques, Too…

CISA recently published guidance for how managed service providers (MSPs) should approach security for their operations based on the premise that cyber threat actors are known to target MSPs to reach their customers. MSPs provide remote management of customer IT and end-user systems and generally have direct access to their customers’ networks and …

CISA recently published guidance for how managed service providers (MSPs) should approach security for their operations based on the premise that cyber threat actors are known to target MSPs to reach their customers. MSPs provide remote management of customer IT and end-user systems and generally have direct access to their customers’ networks and …

CISA recently published guidance for how managed service providers (MSPs) should approach security for their operations based on the premise that cyber threat actors are known to target MSPs to reach their customers. MSPs provide remote management of customer IT and end-user systems and generally have direct access to their customers’ networks and …

Join us on this episode of SCW for a general discussion about how to do this whole security/compliance thing better; how compliance really needs to come first; how it's all risk-based or should be RGC not GRC; legal and privacy issues/focus - and how they help or hinder the cause; other factors like burnout/gatekeeping/etc. that all contribute to o…