Healthcare is complicated. Joe Gellatly, Amanda Hepper, and Alexa Fouch are here to help, guiding us through the biggest issues and updates in healthcare security and compliance. From HIPAA Assessments to the dark web, learn what factors are affecting the
More platforms means more places for PHI to slip through.When tools aren't vetted, tracked, or covered by the right agreements, even routine workflows can create real risk. And without clear access controls, it's hard to know who still has the keys.If you're not sure where your gaps are, this is worth a closer look.Learn more about Medcurity here: https://medcurity.com#Healthcare #Cybersecurity #Compliance #HIPAA #SecurityRiskAnalysis
Readiness in healthcare compliance means more than checking a box once a year. This episode looks at how healthcare organizations can move beyond annual tasks and create routines that hold up under scrutiny. It's a practical look at what regulators are expecting and how to be ready before they come knocking. Learn more about Medcurity here: https://medcurity.com#Healthcare #Cybersecurity #Compliance #HIPAA #SecurityRiskAnalysis
Still relying on antivirus alone? Think HIPAA audits are too rare to matter? These six myths are leaving healthcare organizations exposed.We're unpacking what's false, what's risky, and what you should be doing instead.Learn more about Medcurity here: https://medcurity.com#Healthcare #Cybersecurity #Compliance #HIPAA #SecurityRiskAnalysis #Myths
OCR has been busy—and Security Risk Analyses are front and center. In this episode, we walk through three recent enforcement cases where missing or outdated SRAs led to fines and multi-year corrective action plans.From phishing incidents to system misconfigurations, you'll see exactly what regulators flagged and what steps each organization is now required to take. More importantly, we'll give you a practical checklist to stay ahead and ready for whatever comes next.Learn more about Medcurity here: https://medcurity.com#Healthcare #Cybersecurity #Compliance #HIPAA #SecurityRiskAnalysis #OCR #SRA
In five minutes, we break down what HIPAA really expects from your organization in 2025.From your Security Risk Analysis to employee training, access controls, audit logs, and business associate agreements—this is the real-world checklist regulators are looking for. We'll explain each core requirement, how enforcement is evolving, and offer practical tips to keep your compliance efforts focused and manageable.Learn more about Medcurity here: https://medcurity.com#Healthcare #Cybersecurity #Compliance #HIPAA
In this episode, we're talking about one habit that could have the biggest impact on your organization's security posture—and it's not a new tool or system. With phishing attacks getting more sophisticated and OCR enforcement on the rise, this one behavior can interrupt the pattern attackers rely on. We'll unpack why it matters, how to build it into your team culture, and why behavior—not just technology—is a key part of compliance in 2025.Learn more about Medcurity here: https://medcurity.com#Healthcare #Cybersecurity #Compliance #HIPAA #Phishing
What happens when you bring together proactive AI and healthcare communication? You get smarter outreach, stronger patient engagement, and fewer compliance gaps.In this special episode, we're joined by Dan Fox, Managing Director of Healthcare at Drips. With over 12 years in AI-driven tech, Dan shares how conversational AI is transforming how health plans and providers connect with patients—especially in complex areas like Medicare and Medicaid.We'll explore how leading organizations are using AI to stay compliant while reaching more people, more effectively. If you're thinking about the future of healthcare communication, this one's for you.Connect with Dan at linkedin.com/in/dsweeneyfox Learn more about Drips and Medcurity: https://www.drips.com https://medcurity.com #Healthcare #Cybersecurity #AIinHealthcare #HIPAA #AI #Compliance
The new OCR Acting Director Anthony Archeval said that Security Risk Analyses are not only required but are the first step to limit breaches—with penalties already being issued for non-compliance.In this episode, we break down why SRAs matter more than ever, what can go wrong when they're skipped, and how to make them manageable. With recent OCR settlements making headlines, the stakes are high—but the path to compliance doesn't have to be overwhelming.Get started on your 2025 SRA today! https://medcurity.com/contact-us/Learn more about Medcurity here: https://medcurity.com#Healthcare #Cybersecurity #Compliance #HIPAA #SecurityRiskAnalysis #SRA #OCR
Zero trust changes how healthcare protects patient data by verifying every access, every time. We'll explain what it is, why it's essential for your organization's security, and how to put it in place without extra stress. It's a straightforward way to stay secure and keep up with HIPAA requirements.Tune in to hear how Medcurity can guide you through it!Learn more about Medcurity here: https://medcurity.com#Healthcare #Cybersecurity #Compliance #HIPAA
The HIPAA Right of Access lets patients get their medical records with ease—and we're here to help you make it happen smoothly! This episode covers the rules, from timelines to exceptions, using a recent Oregon case to show what to watch for, and shares clear steps to stay compliant. Join us to keep your processes on track and your patients happy!Learn more about Medcurity here: https://medcurity.com#Healthcare #Cybersecurity #Compliance #HIPAA
Facing an audit can feel overwhelming, but knowing the 11 key things the government might ask for can keep your healthcare organization prepared. This episode breaks down what those requests—covering security risks and compliance—mean and how to have the right documentation ready. Tune in to get the insights you need to stay ahead of HIPAA requirements.Learn more about Medcurity here: https://medcurity.com#Healthcare #Cybersecurity #Compliance #HIPAA
Credential stuffing could be the silent killer of your healthcare security—imagine hackers slipping in with just one reused password, exposing patient data and triggering massive fines. We break down how these sneaky attacks exploit password habits on the dark web, why they're a goldmine for cybercriminals targeting medical records, and the simple moves you can make to lock them out for good. Learn more about Medcurity here: https://medcurity.com#Healthcare #Cybersecurity #Compliance #HIPAA
Outdated systems are a major security risk—but modern solutions can bridge the gap. In this episode, we explore how legacy tech leaves healthcare organizations vulnerable and what steps you can take to strengthen security without a complete overhaul.Learn more about Medcurity here: https://medcurity.com#Healthcare #Cybersecurity #Compliance #HIPAA
How does HIPAA work when every second counts? Learn how emergency provisions let healthcare providers quickly share the essential patient info they need—using treatment exceptions and the “minimum necessary” rule—while still keeping privacy in check. Learn more about Medcurity here: https://medcurity.com#Healthcare #Cybersecurity #Compliance #HIPAA
Insider threats are a big risk to healthcare security, whether caused by simple mistakes or intentional misuse of access. Patient data can be exposed in ways many organizations don't even realize. Learn how HIPAA addresses these risks and the best strategies to keep sensitive information secure. Learn more about Medcurity here: https://medcurity.com#Healthcare #Cybersecurity #Compliance #HIPAA
AI is here, and with it come big responsibilities. Learn the benefits and risks of this emerging technology and why it's important for the healthcare industry to stay informed. Technology is powerful, but it's how we use it that matters the most. Learn more about Medcurity here: https://medcurity.com#Healthcare #Cybersecurity #Compliance #HIPAA
What does it take to protect patient data, handle ever-changing regulations, and keep your organization audit-ready? In this episode, we break down the day-to-day reality of healthcare compliance. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA
Artificial intelligence is reshaping healthcare, and the new HHS AI Strategic Plan hopes to pave the way for safer, smarter innovation. This framework focuses on fostering trust, promoting equity, and empowering healthcare teams to responsibly integrate AI into their work. Curious about how AI is set to transform patient care and public health? Tune in to learn what this plan could mean for the future of healthcare. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA #ArtificialIntelligence
Proposed HIPAA updates could redefine how healthcare handles cybersecurity. From mandatory encryption to multi-factor authentication, these changes aim to tackle modern threats head-on. In this episode, we're breaking down what's changing and what it means for compliance in 2025. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA
The new year is here, but cybersecurity threats and compliance challenges never take a holiday. This week, we're talking about the risks of leaving your systems unprotected during downtime and the steps you can take to ensure everything is up to date and secure. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA
There's a new HIPAA Rule that went into effect on Monday, and it's something every healthcare professional needs to know. In this episode, we're talking about new restrictions on sharing patient data, the introduction of an attestation requirement, and what these changes mean for healthcare organizations. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA
HIPAA compliance isn't always where you expect it. Online forms, patient reviews, and digital apps can all create potential risks for HIPAA incidents. In this episode, we're uncovering hidden compliance pitfalls and giving you practical tips to safeguard patient data in these overlooked areas. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA
Your employees are your first line of defense against cybersecurity threats and HIPAA violations. In this episode, we're talking about practical ways to train your staff, create a compliance-first mindset, and keep patient data secure. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA
Healthcare organizations are facing increased scrutiny as the government ramps up enforcement of Security Risk Analyses (SRAs). Many are still using inadequate methods, leaving gaps in compliance and exposing themselves to penalties. Completing a detailed, comprehensive SRA is critical—watch the video to learn how to protect your organization and stay compliant. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA
Healthcare organizations face growing pressure to strengthen security measures, as highlighted in the recent HHS and NIST conference. What does this mean for your organization, and what steps should you take now? Get the latest insights and practical tips in the newest Medcurity Podcast. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA
With the end of the year approaching, now's the time to take a close look at any potential vulnerabilities within your organization. An annual Security Risk Analysis demonstrates your commitment to data and system protection, while also reassuring customers and meeting compliance standards. Tune in to the latest episode of The Medcurity Podcast to learn more about why now is the time to complete your SRA. Need assistance with this task? Reach out to our team here: https://medcurity.com/contact-us/ #Healthcare #Cybersecurity #Compliance #HIPAA #SecurityRiskAnalysis
Securing your vendor relationships is necessary for protecting patient data under HIPAA. Third-party services can introduce vulnerabilities into your system. In this episode, we'll show you how to close those gaps. Ready to safeguard your network and secure patient trust? Hit play and let's get started. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA
As we wrap up Cybersecurity Awareness Month, we are looking to the future. What lies beyond 2024 and how can you stay ahead? Tune in to learn more! Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA
For Cybersecurity Awareness Month, we're focusing on tactics commonly used by hackers today. Train your staff on phishing, quishing, vishing, and more to stay safe in today's digital world. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA
Your organization's biggest risk may come from within. In this episode, we discuss how insider breaches—whether malicious or accidental—can be just as devastating as external attacks, because insiders already have access to critical systems. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA
What is Zero Trust in cybersecurity? For this Cybersecurity Awareness Month, we'll be going over several key elements of a good cybersecurity strategy, and today's topic covers the Zero Trust method. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA
In this episode of The Medcurity Podcast, we're talking about building an Incident Response Plan, why it matters, and how often you should review it to stay ahead of threats. Plus, we share practical tips to make sure your plan is ready when you need it most. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA
How should Protected Health Information (PHI) be disposed of? In order to avoid stolen data and/or HIPAA violations, learn how to properly dispose of PHI, follow regulations, and keep your staff updated on effective disposal methods. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA
What happens when a device with sensitive information is lost or stolen? In this episode, we break down how HIPAA factors in, what steps to take if it happens, and how to stay ahead with preventive measures to protect your data and stay compliant. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA
In this episode of The Medcurity Podcast, we take a closer look at the HIPAA Omnibus Rule - what it means, why it's important, and how it impacts your practice. Gain valuable insights, expand your knowledge, and stay ahead in the world of compliance. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA
Is your social media activity HIPAA compliant? What can / can't you post / respond to? Learn about social media standards when it comes to HIPAA compliance, and steps to take to make sure your activity on these platforms is not violating any HIPAA rules. Learn more about Medcurity here: https://medcurity.com #Healthcare #Cybersecurity #Compliance #HIPAA
Cybersecurity can save your organization from a costly attack. In this episode, we explore how the right protections will help you save money in the long run by preventing costly incidents and keeping your practice compliant. Find out why cybersecurity is one of the smartest financial moves you can make. Learn more about Medcurity here: https://medcurity.com #Healthcare #PhysicalSecurity #Compliance #HIPAA #Cybersecurity
While cybersecurity grabs all the headlines, it's easy to forget how important physical security is. In this episode of the Medcurity podcast, we focus on the tangible measures—access controls, surveillance systems, visitor management, and secure storage—that protect your facility's most sensitive areas. Learn how to strengthen your physical defenses and prevent costly breaches before they happen. Learn more about Medcurity here: https://medcurity.com
OCR audits are ramping up in 2024, and healthcare organizations need to be ready. In this episode of the Medcurity podcast, we discuss what these audits will focus on, including risk analysis, technology protections, and third-party management. We also share actionable steps to strengthen your compliance efforts and ensure you're prepared for the heightened scrutiny. Discover how to stay ahead of the game and keep patient data secure with expert tips and advice. Learn more about Medcurity here: https://medcurity.com
AI is being used to target your data. In this episode of the Medcurity podcast, we talk about the latest AI scams hitting the healthcare world. Discover how cybercriminals are using artificial intelligence to hack systems and steal sensitive info, and get practical tips to protect yourself. Learn more about Medcurity here: https://medcurity.com
The Department of Health and Human Services and the FBI have issued a joint advisory warning healthcare providers about a targeted social engineering campaign. We break down what this means and how you can protect your organization in our latest episode of The Medcurity Podcast. Learn more about Medcurity here: https://medcurity.com
What is a Security Risk Analysis, why is it important, and how should you effectively conduct one? We address all of these questions in our latest episode of The Medcurity Podcast. Learn more about Medcurity here: https://medcurity.com
Join us for an engaging episode where Joe Gellatly, CEO of Medcurity, and Daniel Schwartz, President and Founder of Design I.T. Solutions, dive into the pressing topic of cybersecurity in the healthcare sector. They discuss: AI in Cybersecurity: How artificial intelligence is transforming cybersecurity practices and what it means for your organization. Layers of Security: Why a multi-layered security framework is essential and practical steps to implement it effectively. Real-World Examples: A look into recent cybersecurity breaches, including the Change Healthcare and Ascension incidents, and what we can learn from them. Staying Secure: Real-world tips and strategies to keep your data and systems safe from emerging threats. Don't miss out on this and future conversations with expert knowledge and practical advice to help you navigate the evolving landscape of cybersecurity. Learn more about Medcurity here: https://medcurity.com #Cybersecurity #AI #Healthcare #Ransomware #ITSecurity
Get ready for our latest episode where we're discussing the alarming 74 percent rise in ransomware attacks in 2023, with sectors like healthcare being particularly hard hit. We'll share essential strategies for protecting your organization, including enhancing infrastructure, conducting security audits, and developing a robust incident response plan. Don't miss out on practical tips to keep your organization safe. Learn more about Medcurity here: https://medcurity.com
DDoS attacks are a growing threat to organizations of all sizes. What are they and what impact do they have on you? Tune in to find out. In this episode, we'er covering: Understanding DDoS Attacks: What DDoS attacks are and how they work to disrupt your services. Immediate Impact: The potential damage to business operations, financial losses, and customer trust. DDoS Prevention Essentials: Practical steps and tools every organization should use to safeguard against DDoS attacks. Learn more about Medcurity here: https://medcurity.com
The Ascension breach has rocked the healthcare sector, and we're breaking down what happened. In this episode, we cover: - The Ascension Breach: How the Black Basta group managed to breach one of the largest healthcare associations. - Immediate Impact: Delays in patient care, administrative chaos, and over 1.2 million patient records exposed. - Key Takeaways: The vulnerabilities exposed, the challenges of recovery, and the importance of maintaining patient trust. - Cybersecurity Essentials: Steps every healthcare organization should take to enhance their cybersecurity posture. Learn about effective defenses against breaches and protect your organization. Learn more about Medcurity here: https://medcurity.com
How are phishing attacks evolving, and what can healthcare organizations do to defend against them? In this episode, we share the latest phishing tactics targeting the healthcare sector - from spear phishing to vishing and smishing. Discover how cybercriminals are becoming more sophisticated and the devastating impacts these attacks can have on healthcare organizations. Learn about the most effective defenses and protect your organization with expert insights and practical strategies. Learn more about Medcurity here: https://medcurity.com
How do you decide between in-house backups and cloud-based backups for your healthcare data? In this episode, HIPAA Risk Assessment Specialist Margaret LaDuke discusses the key differences, advantages, and drawbacks of each approach. Learn how to make informed decisions that ensure HIPAA compliance and protect patient data effectively. Stay tuned for expert insights and practical tips on backup strategies. Learn more about Medcurity here: https://medcurity.com
Artificial intelligence is revolutionizing healthcare, but what does this mean for patient privacy? In this episode, Sean explores the intersection of AI and healthcare privacy, discussing the benefits and risks of using AI in healthcare, and sharing insights on how to mitigate potential privacy concerns. Keep informed and stay ahead of the curve to protect patient data! Learn more about Medcurity here: https://medcurity.com
Do you ever feel overwhelmed by HIPAA audits? In this episode, Sean breaks down the complexities of HIPAA audits and shares practical tips on how to simplify the process. From understanding HIPAA requirements to identifying potential risks and developing effective compliance strategies, we've got you covered. Tune in to learn how to approach HIPAA audits with confidence and ensure patient data protection. Learn more about Medcurity here: https://medcurity.com
HIPAA has added a new rule to Substance Use Disorder (SUD) privacy. Are you up-to-date on the latest changes? In this episode, Sean dives into the recent updates and what they mean for healthcare providers. From consent forms to breach notification requirements, he covers the essential changes you need to know to ensure compliance. Tune in to stay informed and confident in your SUD privacy practices! Learn more about Medcurity here: https://medcurity.com