We discuss why we don’t recommend using the same training year after year (and why our system doesn’t allow it); the trainings we typically recommend for year one and why; the trainings we recommend for year two and after and why; and why now is a particularly good time to get started.
Apr 4, 2024
Episode 411: Cybersecurity Performance Goals
We discuss the different categories of goals that are outlined; being proactive so your practice is ready when changes come; the essential goals HHS has outlined and what they mean; the encouraged goals HHS has outlined and what they mean; why these goals make sense; and how the PCT Way can help you meet these cybersecurity goals.
Mar 28, 2024
Episode 410: Upcoming HIPAA Security Rule Changes
We discuss what the focus of these rule changes will be; why the changes are happening; steps you can take to be proactive about HIPAA changes; and PCT’s practical tools to help you get on top of things in a manageable way.
we share ways to be proactive in light of the news that random HIPAA audits are returning.
We discuss why there’s still no HIPAA police; the function of these random audits; where the gaps in compliance have been historically; what auditors will likely be looking for; the importance of risk analyses, risk mitigation plans, and policies & procedures; how many HIPAA covered entities were audited the last time the program was active; and PCT’s resources to help you get started with formal compliance in a shame-free way.
We discuss why smart notebooks are popular; how smart notebooks work and why they’re in HIPAA’s scope; risk exposure; device security and hardening; communicating to clinicians that these devices are not HIPAA compatible; ways to support documentation processes that are HIPAA compatible; and what to do if you find out a clinician has been using a smart notebook.
we discuss the recent Change Healthcare cyber attack and its impact for group practices.
We cover what we know and what we don’t know yet; resources to help you take practical steps; how many people are impacted by this breach; the ongoing investigations; ransomware attacks; who is liable for this incident; maintaining operational continuity; and the importance of being proactive in your security practices.