.st0{fill:#FFFFFF;}

Podcast

PriSec Priorities Q1 2025 – Ep 491 

 January 10, 2025

By  Donna Grindle

Share0
Tweet0
Share0

Ready to kick off 2025 with a bang? We’re diving into the must-dos for your Q1 2025 compliance and cybersecurity checklist, sprinkling in some risk management wisdom, and why Windows 10 is about as fashionable as shoulder pads in the 2020s. Plus, we sprinkle in a hearty dose of snark to keep you entertained while you get your compliance game strong. Oh and if your incident response plan is just “hope for the best,” it’s time to tune in.

A 5 star review is all we ask from our listeners.
1x
Apple PodcastsGoogle PodcastPlayer EmbedShare Review Us on Apple PodcastsListen in a New WindowDownloadSoundCloudStitcherSubscribe on AndroidSubscribe via RSSSpotify
Free HIPAA Training
Subscribe to the weekly email update from HMWH

I have read and agreed to your Privacy Policy

In this episode:

PriSec Priorities Q1 2025 – Ep 491

Today’s Episode is brought to you by:

Kardon

and

HIPAA for MSPs with Security First IT

 Subscribe on Apple Podcast. Share us on Social Media. Rate us wherever you find the opportunity. 

Great idea! Share Help Me With HIPAA with one person this week!

Learn about offerings from the Kardon Club

and HIPAA for MSPs!

Thanks to our donors. We appreciate your support!

If you would like to donate to the cause you can do that at HelpMeWithHIPAA.com

Like us and leave a review on our Facebook page: www.Facebook.com/HelpMeWithHIPAA

If you see a couple of numbers on the left side you can click that and go directly to that part of the audio. Get the best of both worlds from the show notes to the audio and back!

Thanks to our donors.

PriSec Priorities Q1 2025

[04:11]

Boot Camp May 13-16 – 4 full days. Stone Mountain GA. (need to put some promo in above here on new posts.

If you’re a Kardon Club or HIPAA for MSPs member, you’ll get this list along with some additional insights during our monthly Hang Out sessions. We couldn’t record the recent session featuring our OCR investigator’s Q&A (those nuggets of wisdom were exclusive!). The recordings of previous Hang Outs are available anytime for you to review at your convenience. Just another reason to become a member!

[12:01]

Welcome to 2025! As we dive into Q1, it’s time to shake off the holiday fog and get laser-focused on your PriSec priorities. Starting the year strong means tackling those critical to-do items early, so you’re not scrambling when deadlines creep up. From reporting breaches under 500 individuals to planning for Windows 10 End of Life, this episode is your Q1 cybersecurity game plan. Let’s cut through the clutter and make sure you’ve got everything you need to hit the ground running!

1. Breaches Under 500 Individuals: Report Them!

  • Reminder: All breaches under 500 individuals must be reported to OCR within 60 days of the end of the year they occurred.
  • Q1 Priority: Submit as soon as investigations wrap—don’t leave it hanging for December!
  • No worries: OCR doesn’t care if you batch multiple reports at once.

2. Risk Management Plan Review

  • Start Q1 by reviewing your 2024 risk management plan.
  • Update notes with any pending tasks—what’s incomplete, delayed, or needs adjusting for 2025?

3. Identify SRA Needs Based on Current Project Plans

  • List out business plans to determine where you need immediate Security Risk Analyses (SRAs).
  • Hot Topic: Windows 10 EOL on October 14, 2025—start planning now:
    • How will you phase out machines safely?
    • What’s your strategy for decommissioning to avoid introducing vulnerabilities?

    • [26:34]

    4. RecSec and HPH CPG Reviews

    • Assess where your organization stands with HPH Cybersecurity Performance Goals (CPGs).
    • Q1 Focus: Plan for HICP to address RECSEC and meet CPG essentials more efficiently.

    5. Training Plans for 2025

    • Kick off the year with a training roadmap:
      • May Boot Camp: Who’s attending? Register early.
      • Monthly Hangouts: H4M members—last Wednesday, 2 PM. Can’t make it? Watch the recordings.
    • Research 2025 webinars and conferences to prioritize continuing education.

    [35:32]

    6. Technology Plan Quick Dive

    • Start early: Evaluate which hardware needs immediate attention:
      • Windows 10 systems are obvious, but check other devices—like that 4+ year-old UDM I am replacing this year—for replacement planning. (October 14, 2025 is EOL for Windows 10. In case you missed it in the SRA step.)
      • Focus on Q1 assessments to avoid surprises later in the year.

    7. Incident Response Plan Check-Up

    • Schedule a Q1 drill to test and refine processes early.
    • Confirm the contact information for your team and vendors
    • Confirm there have been no changes to your insurance policies

    That’s a wrap on your Q1 PriSec checklist! Taking care of these tasks now will save you headaches later and keep your organization ahead of the curve. Remember, the key to success is planning early, documenting thoroughly, and staying proactive.

    Go to top

    There you have it – your Q1 2025 compliance and cybersecurity survival guide. From the must-handle breaches to gearing up for Windows 10’s farewell tour, we’ve armed you with the tools to own Q1 like a compliance rock star. So go forth, review, report, and replace – because a solid plan today is your best shield against headaches tomorrow. Think of your compliance checklist like a parachute – it’s better to have it ready before you realize you’re free-falling.

    Remember to follow us and share us on your favorite social media site. Rate us on your podcasting apps, we need your help to keep spreading the word. As always, send in your questions and ideas!

    HIPAA is not about compliance,

    it’s about patient care.TM

    Listener Survey

    Special thanks to our sponsors Security First IT and Kardon.

Share 0
Tweet 0
Share 0

HelpMeWithHIPAA.com Is A
Collaborative Project

Created & Sponsored By: