.st0{fill:#FFFFFF;}

Podcast

More Free Training and New OCR Action – Ep 408 

 May 26, 2023

By  Donna Grindle

Share0
Tweet0
Share0

In the fast-paced world of healthcare, where even your stethoscope can connect to the internet, cybersecurity training for everyone is an absolute must. But fear not, brave healthcare professional! There is free cybersecurity training online! Listen in and we will tell you all about two great cybersecurity training options for workforce members and clinicians.

A 5 star review is all we ask from our listeners.
1x
Apple PodcastsGoogle PodcastPlayer EmbedShare Review Us on Apple PodcastsListen in a New WindowDownloadSoundCloudStitcherSubscribe on AndroidSubscribe via RSSSpotify
Free HIPAA Training
Subscribe to the weekly email update from HMWH

I have read and agreed to your Privacy Policy

In this episode:

More Free Training and New OCR Action – Ep 408

Today’s Episode is brought to you by:

Kardon

and

HIPAA for MSPs with Security First IT

 Subscribe on Apple Podcast. Share us on Social Media. Rate us wherever you find the opportunity. 

Great idea! Share Help Me With HIPAA with one person this week!

Learn about offerings from the Kardon Club

and HIPAA for MSPs!

Thanks to our donors. We appreciate your support!

If you would like to donate to the cause you can do that at HelpMeWithHIPAA.com

Like us and leave a review on our Facebook page: www.Facebook.com/HelpMeWithHIPAA

If you see a couple of numbers on the left side you can click that and go directly to that part of the audio. Get the best of both worlds from the show notes to the audio and back!

Thanks to our donors.

HIPAA Say What!?!

[02:37]

HHS Office for Civil Rights Settles HIPAA Investigation with Arkansas Business Associate MedEvolve Following Unlawful Disclosure of Protected Health Information on an Unsecured Server for $350,000

MedEvolve provides CEs practice management, revenue cycle management and practice analytics software services. A software company BA which is not our most common case for these settlements so far. The investigation into an unsecured FTP server found that they did not do a sufficient SRA nor had they entered into a business associate agreement (BAA) with a subcontractor.

Ensuring that security measures are in place to protect electronic protected health information where it is stored is an integral part of cybersecurity and the protection of patient privacy. HIPAA regulated entities must ensure that they are not leaving patient health information unsecured on network servers available to the public via the internet.<span class="su-quote-cite"><a href="https://www.hhs.gov/about/news/2023/05/16/hhs-office-civil-rights-settles-hipaa-investigation-arkansas-business-associate-medevolve-following-unlawful-disclosure-phi-unsecured-server-350-000.html" target="_blank">OCR Director Melanie Fontes Rainer</a></span>

Get the details of the case and the corrective action plan requirements in the resolution agreement. MedEvolve, Inc. Resolution Agreement and Corrective Action Plan | HHS.gov

405(d) Free Training

[21:38] 405(d) recently released their FREE Knowledge on Demand (KOD) cybersecurity awareness training. It includes training on the 5 threats identified under Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP). It is designed to be interactive with knowledge checks and you can get CEU certificates when you complete the modules. You can do the training online on the KOD site or you can download a SCORM file of the training to use in your organization’s Learning Management system (LMS).

The 5 cybersecurity training modules are:

  1. Social Engineering
  2. Ransomware
  3. Loss or Theft of Equipment and Data
  4. Insider Accidental or Malicious Data Loss
  5. Attacks Against Network Connected Medical Devices

This free training comes with two pieces of collateral:

  • Job Aids – one page documents with key tips and instructional steps related to the topic that can be used as an “on-the-job” resource tool.
  • PowerPoint Presentation – all the slides used in the training videos with speaker notes that you can use for your own in-person or on-site training.

HSCC Free Training

[29:30] Health Sector Coordinating Council (HSCC) Cybersecurity Working Group created cybersecurity training specifically for clinicians. You watch it on demand from the HSCC website or download it to use in an LMS. You can also get 1 hour of CEU/CME credits here too.

Welcome to the “Cybersecurity for the Clinician” Video Training Series.

Direct link to YouTube course playlist

The Cybersecurity for Clinicians course contains 8 episodes:

  1. Introduction
  2. Cyber Safety is Patient Safety
  3. Healthcare is Critical Infrastructure
  4. Impacts and Consequences
  5. How They Do It
  6. Medical Device Cybersecurity
  7. Tips for Protection
  8. After An Attack
  9. Conclusion

This course is specifically designed to talk to a clinician about the importance of cybersecurity. It explains in easy, non-technical language what clinicians and students in the medical profession need to understand about how cyber attacks can affect clinical operations and patient safety, and how to do your part to help keep healthcare data, systems and patients safe from cyber threats.

And you can get it all for FREE!

Go to top

So, there you have it folks. You can’t say that training is too expensive. Here are two free options you have and you can use it however you want. And don’t forget National Cybersecurity Awareness Month is coming up in October that will include even more free training tools you can use.

Remember to follow us and share us on your favorite social media site. Rate us on your podcasting apps, we need your help to keep spreading the word. As always, send in your questions and ideas!

HIPAA is not about compliance,

it’s about patient care.TM

Listener Survey

Special thanks to our sponsors Security First IT and Kardon.

Share 0
Tweet 0
Share 0

HelpMeWithHIPAA.com Is A
Collaborative Project

Created & Sponsored By: