The Healthcare Compliance Step-By-Step Podcast

#133 - A Breach Is More Than an IT Problem: HIPAA, Ransomware, and Patient Trust

38 min · 13. Mai 2026
Episode #133 - A Breach Is More Than an IT Problem: HIPAA, Ransomware, and Patient Trust Cover

Beschreibung

A Breach Is More Than an IT Problem: HIPAA, Ransomware, and Patient Trust highlights the serious compliance and operational risks healthcare organizations face when a ransomware attack exposes patient information or disrupts patient care. In this session, Ray Walters (EPICompliance) and Mr. Jose Delgado (Taino Consultants) discuss the recent Hospital Caribbean Medical Center data breach as a real-world example. The discussion explains why ransomware must be treated as more than an IT issue, since it can affect HIPAA compliance, breach notification, patient trust, documentation, operations, and leadership response. Key Topics: * How ransomware can disrupt patient care and expose protected health information. * Why healthcare organizations must prepare with risk assessments, training, access controls, and incident response planning. * How strong documentation and clear communication can help protect patient trust after a cyber incident. Resources: * Learn more about healthcare compliance systems: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠epicompliance.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://epicompliance.com/] * Explore healthcare compliance training and weekly webinars: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠epicompliance.com/training-in...⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://epicompliance.com/training-information-webinars] Originally Recorded: May 12, 2026.

Kommentare

0

Sei die erste Person, die kommentiert

Melde dich jetzt an und werde Teil der The Healthcare Compliance Step-By-Step Podcast-Community!

Loslegen

2 Monate für 1 €

Dann 4,99 € / Monat · Jederzeit kündbar.

  • Podcasts nur bei Podimo
  • 20 Stunden Hörbücher / Monat
  • Alle kostenlosen Podcasts

Alle Folgen

141 Folgen

Episode #141 - HIPAA Security and HR: Managing Workforce Risk Before It Becomes a Breach Cover

#141 - HIPAA Security and HR: Managing Workforce Risk Before It Becomes a Breach

HIPAA Security and HR: Managing Workforce Risk Before It Becomes a Breach highlights why HIPAA Security is not just an IT issue and why Human Resources plays an important role in protecting electronic protected health information. In this session, Ray Walters (EPICompliance) and Mr. Jose Delgado (Taino Consultants) discuss how HR decisions can affect HIPAA Security compliance, including hiring, onboarding, role changes, training, discipline, terminations, access management, and workforce clearance. Key Topics: * Why HR plays a major role in HIPAA Security compliance. * How workforce changes can create privacy and security risks. * Why the HIPAA Security Officer and HR must work together on access, training, sanctions, and documentation. Resources: * Learn more about healthcare compliance systems: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠epicompliance.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://epicompliance.com/] * Explore healthcare compliance training and weekly webinars: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠epicompliance.com/training-in...⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://epicompliance.com/training-information-webinars] Originally Recorded: July 7, 2026.

9. Juli 202641 min
Episode #140 - OSHA 2026: Connecting SDS Requirements to SOPs and Daily Compliance Cover

#140 - OSHA 2026: Connecting SDS Requirements to SOPs and Daily Compliance

OSHA 2026: Connecting SDS Requirements to SOPs and Daily Compliance highlights why Safety Data Sheets are more than a binder requirement and why healthcare organizations must connect chemical safety information to real workplace procedures, employee training, and daily compliance practices. In this session, Ray Walters (EPICompliance) and Mr. Jose Delgado (Taino Consultants) discuss how SDS requirements support OSHA's Hazard Communication expectations and how healthcare organizations can use SDS records to identify chemical hazards, train employees, follow manufacturer instructions, store products properly, label containers, and respond to exposure or spills. Key Topics: * Why Safety Data Sheets must be part of daily operations, not just stored in a binder. * How SDS requirements connect to SOPs, training, labeling, storage, and exposure response. * How to keep SDS records accessible and ensure staff know how to use them. Resources: * Learn more about healthcare compliance systems: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠epicompliance.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://epicompliance.com/] * Explore healthcare compliance training and weekly webinars: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠epicompliance.com/training-in...⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://epicompliance.com/training-information-webinars] Originally Recorded: June 30, 2026.

1. Juli 202645 min
Episode #139 - HIPAA 2026: Small Business Adjustments Healthcare Practices Need to Make Now Cover

#139 - HIPAA 2026: Small Business Adjustments Healthcare Practices Need to Make Now

HIPAA 2026: Small Business Adjustments Healthcare Practices Need to Make Now highlights why small healthcare organizations should prepare for anticipated changes to the HIPAA Security Rule and stronger cybersecurity expectations. The session focuses on practical safeguards such as asset inventories, ePHI data mapping, multifactor authentication, encryption, vulnerability management, contingency planning, access control, and vendor oversight. In this session, Jose Delgado (Taino Consultants) sits down with Mr. Jose Carbia, owner and president of TeamLogic IT, to discuss what small healthcare businesses should be doing now for HIPAA 2026. The conversation translates technical and regulatory expectations into practical steps that owners, administrators, compliance officers, office managers, and healthcare leaders can understand and begin implementing. Key Topics: * Why small healthcare organizations should begin preparing for HIPAA 2026 now. * How expected HIPAA Security Rule updates may affect daily operations. * Why asset inventories, ePHI data mapping, MFA, encryption, and access controls matter. Resources: * Learn more about healthcare compliance systems: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠epicompliance.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://epicompliance.com/] * Explore healthcare compliance training and weekly webinars: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠epicompliance.com/training-in...⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://epicompliance.com/training-information-webinars] Originally Recorded: June 23, 2026.

30. Juni 202652 min
Episode #138 - Microsoft’s 2026 Phishing Warning: Why Healthcare Organizations Remain a Prime Target Cover

#138 - Microsoft’s 2026 Phishing Warning: Why Healthcare Organizations Remain a Prime Target

Microsoft’s 2026 Phishing Warning: Why Healthcare Organizations Remain a Prime Target highlights why healthcare continues to be one of the most targeted industries for cyberattacks and why phishing remains a major threat to patient data, systems, and organizational security. In this session, Ray Walters (EPICompliance) and Mr. Jose Delgado (Taino Consultants) discuss Microsoft's 2026 phishing warning, the campaign that reached more than 35,000 users across 13,000 organizations, and why healthcare organizations must stay alert to modern phishing tactics, credential theft, and token compromise. Key Topics: * Why healthcare remains a prime target for phishing attacks. * How modern phishing has evolved beyond simple fake emails. * How adversary-in-the-middle attacks can bypass traditional multifactor authentication. Resources: * Learn more about healthcare compliance systems: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠epicompliance.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://epicompliance.com/] * Explore healthcare compliance training and weekly webinars: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠epicompliance.com/training-in...⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://epicompliance.com/training-information-webinars] Originally Recorded: June 16, 2026.

17. Juni 202646 min
Episode #137 - HIPAA or FERPA? Understanding Which Privacy Rule Applies Cover

#137 - HIPAA or FERPA? Understanding Which Privacy Rule Applies

HIPAA or FERPA? Understanding Which Privacy Rule Applies highlights the important differences between two major privacy laws and why organizations must understand which rule applies before handling student, medical, counseling, athletic, or academic records. In this session, Ray Walters (EPICompliance) and Mr. Jose Delgado (Taino Consultants) discuss how HIPAA and FERPA apply in different settings, where confusion often occurs, and why proper record handling is essential for healthcare organizations, schools, colleges, universities, and organizations that work at the intersection of healthcare and education. Key Topics: * How HIPAA and FERPA differ and why the distinction matters. * When HIPAA applies to medical and healthcare records. * When FERPA applies to student education, academic, and certain student health records. Resources: * Learn more about healthcare compliance systems: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠epicompliance.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://epicompliance.com/] * Explore healthcare compliance training and weekly webinars: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠epicompliance.com/training-in...⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ [https://epicompliance.com/training-information-webinars] Originally Recorded: June 9, 2026.

10. Juni 202644 min