Help Me With Hipaa


Sinopsis is a collaboration between Kardon Compliance founder, Donna Grindle, and founder, David Sims. Our mission is to share our Privacy and Security knowledge with those who are required to understand, implement, and manage the complex Privacy and Security requirements of HIPAA compliance.Our work with CEs and BAs inspired us to launch the service to provide information about the complex requirements of HIPAA in a relaxed manner without using too much legalese or geek speak. As the podcasts programs progress we will cover topics about that include sorting through the requirements as well as real world examples of the procedures used, both good and bad.Join us as we do our best to create a show where HIPAA and humor collide!


  • Evaluating MSPs - Ep 252

    Evaluating MSPs - Ep 252

    01/05/2020 Duración: 01h01min

    Before things went all COVID on us this episode was planned out. It may be even more worthy of an episode now. Have you been evaluating your MSPs response to your current state of business? We knew there were some MSP issues in 2019 but now, in 2020, you must have a reliable trusted MSP partner more than ever. What kinds of things do you need to know about your tech needs, your MSP and where you both plan for the future? More at

  • Coronavirus Scams Galore - Ep 251

    Coronavirus Scams Galore - Ep 251

    24/04/2020 Duración: 53min

    So many scams and so little time to keep up with them.  Yes, that is what it feels like these days.  There are so many coronavirus scams we have to take some time to update you guys.  There have been cybercrime alerts and stupid people stories galore.  Here are the coronavirus scams and crimes we have on our radar this week.   More at

  • 3 Cyber stories we are watching - Ep 250

    3 Cyber stories we are watching - Ep 250

    17/04/2020 Duración: 01h02min

    With the national crisis still in play, cybersecurity is essential to operating businesses which are now online more than ever before. Small businesses without any apps before are going online to survive. Telehealth, remote learning, telework are all standard right now.  With so much going on we are trying to keep our eye on cyber stories to prepare ourselves and our clients for what is happening out there. Today let’s discuss 3 cyber stories we are watching right now. More at

  • Crisis HIPAA Updates - Ep 249

    Crisis HIPAA Updates - Ep 249

    10/04/2020 Duración: 54min

    There is a lot of confusion along the way as there always will be in a crisis like this one. We are going to share some of the good information and do our best to clear up some of the misinformation. No matter what, though, it could all change in the two short weeks between when we record this and when we publish it for you guys. Our plan is to provide as much solid information that we know to be true and accurate today. More at

  • How do we reboot our business? - Ep 248

    How do we reboot our business? - Ep 248

    03/04/2020 Duración: 56min

    We are all doing our best to focus on what we can do during this national crisis.  It is certain that we will bounce back at some point and be able to get back to business.  When we do this national reboot, what kinds of things will we need to do? Spend time now planning for the coming business reboot.  More at

  • HIC SCRiM Should Wake Up Vendors - Ep 247

    HIC SCRiM Should Wake Up Vendors - Ep 247

    27/03/2020 Duración: 01h10min

    In Oct 2019 another document was released by the Health Sector Coordinating Council Joint Cybersecurity Working Group.  Health Industry Cybersecurity Supply Chain Risk Management Guide or HIC SCRiM for short is aimed at helping small and medium sized healthcare organizations manage their supply chain vendors. If you haven’t had a chance to check it out, we are reviewing it for you today.  If you do review it you will see why we think that HIC SCRiM should wake up vendors. More info at

  • No SRA First 2020 OCR Enforcement - Ep 246

    No SRA First 2020 OCR Enforcement - Ep 246

    20/03/2020 Duración: 52min

    Opening the 2020 enforcement list for OCR is a doctor’s office who reported a breach due to a business associate issue and then did nothing.  The settlement wasn’t due to the BA but because the office had no SRA in place. Let’s break down the settlement with Steven A. Porter, M.D., P.C. a sole gastroenterologist practice in Ogden, UT. Time to learn from their mistakes. More at

  • Privacy, Security, and COVID-19 - Ep 245

    Privacy, Security, and COVID-19 - Ep 245

    13/03/2020 Duración: 56min

    Does your SRA include something like COVID-19?  Your business continuity plans include it? Do you need an SRA that includes virus outbreaks? Yes, you do.  If your risk analysis didn’t include these kinds of things you should revisit your method for doing an SRA. What should you do about this risk and what else is missing from your SRA? Let’s talk about privacy, security and COVID-19. More info at

  • 10 Cybersecurity Misconceptions - Ep 244

    10 Cybersecurity Misconceptions - Ep 244

    06/03/2020 Duración: 01h05min

    Cybersecurity misconceptions are pretty common both in personal life and business.  There are definitely enough cases of misinformation coming through our offices on a regular basis to make it obvious just how confused people can be about what should be done.  We have pointed out many times that the government has been releasing information for years to assist both businesses and individuals. You can find a lot of information that is very helpful at  Today we are going to discuss one directed at SMBs explaining several cybersecurity misconceptions. More at

  • Images Exposed - Ep 243

    Images Exposed - Ep 243

    28/02/2020 Duración: 37min

    This story has been going around since September 2019. Images exposed on the internet from PACS systems around the world available to anyone that wanted to see them.  Images exposed included x-rays, MRI scans and more. It still hasn’t been locked down after all these months. That means it’s time to talk about it instead of keeping it quiet. More info at

  • Insider Issues 2020 - Ep 242

    Insider Issues 2020 - Ep 242

    21/02/2020 Duración: 55min

    Another report comes out that says insiders are a huge problem.  You have to worry about the people, people. We have been saying this for years.  The lastest news on that front is in the 2020 Cost Of Insider Threats Global Report released by the Ponemon Institute and sponsored by ObserveIT and IBM.  It does tell us a lot of things we already knew but the details including those about how it is growing are important to note. More info at

  • Wearables Plus More HIPAA Questions - Ep 241

    Wearables Plus More HIPAA Questions - Ep 241

    14/02/2020 Duración: 52min

    Wearables, medical devices and HIPAA are just some of the questions we have gotten recently.  Today’s episode is privacy and security news plus listener questions. More at

  • HIPAA Ambiguous? Really? - Ep 240

    HIPAA Ambiguous? Really? - Ep 240

    07/02/2020 Duración: 56min

    Is HIPAA ambiguous? That is the way many people refer to anything that has to do with HIPAA regulations. It comes from doctors, nurses, lawyers, managers, supervisors, even compliance officers. But, is it really the way we should refer to the law? Should we say it is flexible or reasonable instead? More at

  • Why Security Patching Matters - Ep 239

    Why Security Patching Matters - Ep 239

    31/01/2020 Duración: 55min

    There have been a lot of headlines lately about Windows 7 end of life and Windows 10 security patches.  Let’s discuss why supported software and security patching matters in general. Then, we can talk about why it matters under HIPAA.   More at

  • Ransomware Warnings Everywhere - Ep 238

    Ransomware Warnings Everywhere - Ep 238

    24/01/2020 Duración: 01h06min

    We have mentioned ransomware warnings over and over on HMWH.  To the point ransomware shows up in a search on 56 different episodes before this one.  That means we’ve talked about ransomware warnings in 24% of our episodes. Guess what - clearly we need to talk about it again! More info at

  • Ambulance Company Settlement - Ep 237

    Ambulance Company Settlement - Ep 237

    17/01/2020 Duración: 55min

    As we anticipated there was one more OCR settlement announcement before the end of 2019.  This one popped in at the end of December and was yet another one in our backyard. The ambulance company settlement seemed simple at first but once we read the details there is a lot to unpack in the CAP.  Let’s get to it then! More info at

  • 2020 Predictions Sortof - Ep 236

    2020 Predictions Sortof - Ep 236

    10/01/2020 Duración: 01h11min

    We need to get on the record with our 2020 predictions even if we both agree we have no freaking idea what is going to happen in 2020.  If anyone out there says they honestly believe they have a true beat on it, check them out. We do have a few 2020 predictions that we feel sure enough about to say it outloud to you guys. More info at

  • Costly PHI Mistakes - EP 235

    Costly PHI Mistakes - EP 235

    03/01/2020 Duración: 46min

    Here we go with two more OCR enforcement settlements.  As we expected, the end of the year included a flurry of enforcement announcements from OCR.  Just as this was about to be recorded they announced the second patient access settlement. So we can we get both done in one episode!  Both of these cases are related to some costly PHI mistakes so let’s get down to business. More info at

  • 2019 Predictions Recap - Ep 234

    2019 Predictions Recap - Ep 234

    27/12/2019 Duración: 01h01min

    We have made it most of the way through 2019.  Now is the time to see how we did when we released our HIPAA privacy and security predictions for 2019 in episode 186 way back on Jan 11.  There were so many things that transpired this year just when thinking about the threat landscape much less all of our HIPAA discussions it feels long ago in a galaxy far, far away.  For more info

  • 2019 Holiday Blooper Show

    2019 Holiday Blooper Show

    20/12/2019 Duración: 11min

    Enjoy Bojan's 2019 version of our annual blooper show.  Yes, some things really are as crazy behind the scenes as it seems. Thanks for all your support in 2019.  Enjoy whatever holiday you celebrate this time of year to the fullest!

página 1 de 14