This is Carlos Leyva's Typepad Profile.
Join Typepad and start following Carlos Leyva's activity
Join Now!
Already a member? Sign In
Carlos Leyva
I am a knowledge monger, but knowledge without love is a senseless pursuit, pursue what you love to do first.
Interests: music, literature, health care, the law, collaboration and collaborative platforms, writing, politics, basketball, and public education (not necessarily in that order on any given day).
Recent Activity
HIPAA Stuck on Stupid Webinar
Title: Stuck on Stupid: How to Eliminate 95% of HIPAA Liability while being less than Thirty Percent (30%) Compliant. Description: This webinar focuses on providing the C-Suite and compliance officers a strategy for eliminating a significant portion of HIPAA liability... Continue reading
Posted Feb 27, 2019 at Web-Tones
Comment
0
HIPAA Survival Guide August 2018 Newsletter
Register here for the FREE HIPAA Survival Guide Newsletter Does your staff have sufficient HIPAA training? Determining the amount of adequate training is not an easy question because the answer is highly dependent on the individual and the organization. Individuals... Continue reading
Posted Aug 21, 2018 at Web-Tones
Comment
0
HIPAA Education: How much training is enough?
Join us this month for a free webinar about HIPAA training. Description: HIPAA Education: How much training is enough? This webinar will describe How much and what type of HIPAA education is well suited for staff and other workforce members?... Continue reading
Posted Aug 6, 2018 at Web-Tones
Comment
0
HIPAA Handbook Available!
Do you have compliance and regulatory questions that aren't answered easily? Don't have a reference for those unique situations that only apply to your organization? Well look no further. We have educated thousands of stakeholders on the HIPAA Rules ("Rules")... Continue reading
Posted Jun 13, 2018 at Web-Tones
Comment
0
Launching Your GDPR in Ten (10) Steps
Notice that the title does not say 10 "Easy" Steps! There is nothing easy about compliance in general and the GDPR specifically. Far from it. However, these ten (10) steps have been vetted in other compliance regimes (e.g. HIPAA) and... Continue reading
Posted Mar 28, 2018 at Web-Tones
Comment
0
FREE Webinar: Information Governance & HIPAA
Description This webinar discusses why HIPAA & other compliance stakeholders need a governing philosophy that underpins their Information Governance initiatives...the challenge is much broader than HIPAA, with myopic views leading to fragmented compliance silos and initiatives. Date and Time, including... Continue reading
Posted Mar 21, 2018 at Web-Tones
Comment
0
GDPR Survival Guide LinkedIn Group
The purpose of this group is to discuss and share knowledge related to the EU's General Data Protection Regulation ("GDPR"). One way to think about the GDPR is "HIPAA for everyone," especially if you are in the EU OR, more... Continue reading
Posted Jan 2, 2018 at Web-Tones
Comment
0
FREE Webinar: Developing a Breach Response Plan
Title: Developing a Breach Response Plan Description: This webinar discusses the key components necessary to build an effective Breach Response Plan and how said plan interacts with other components of your HIPAA Compliance Initiative ("HCI"). Date and Time, including Time... Continue reading
Posted Sep 14, 2017 at Web-Tones
Comment
0
FREE HIPAA Implementation Detailed Project Plan
This Post contains access to the new HIPAA Implementation Detailed Project Plan. The HIPAA Implementation Project Plan is organized by Chunks/Sprints to support rapid completion your HIPAA Compliance Initiative ("HCI"). High-Level Tracks include: 1. Disseminate Model Policies (Track = "Foundational")... Continue reading
Posted Aug 20, 2017 at Web-Tones
Comment
0
State Laws, Breach Notification & the Protection of Personal Data
At the HIPAA Survival Guide and the Digital Business Law Group we are starting to grapple with the much broader question of when state laws require breach notification. As the NCSL states in their overview on this topic: Forty-eight states,... Continue reading
Posted Aug 13, 2017 at Web-Tones
Comment
0
The NIST Assessment Criticality Model!
The notion of "Criticality Analysis" is NOT foreign to the HIPAA Security Rule ("SR"). The SR addresses (in part) this requirement as part of the implementation specifications for the Contingency Standard in the Administrative Safeguards: 164-308(a)(7)(ii)(E); which states "Assess the... Continue reading
Posted Aug 11, 2017 at Web-Tones
Comment
0
HHS 2017 & 2016 HIPAA CMPs
Image
As promised here are the 2017 & 2016 HHS CMP numbers: Download HHS CMPs. These two years account for over $28M of "revenue" for HHS. Remember that the HITECH Act gave HHS a virtual $$ machine by allowing it to... Continue reading
Posted Jul 26, 2017 at Web-Tones
Comment
0
Healthcare's Cybersecurity Status Quo Shattered!
Healthcare's cybersecurity status quo has been destroyed by a confluence of factors. We are now 17 years into the 21st century and the healthcare industry writ large has somehow managed to hold on to a minimalist cybersecurity posture that is... Continue reading
Posted Jul 6, 2017 at Web-Tones
Comment
0
HIPAA's Security Rule as a Cybersecurity "Floor!"
There has never been any meaningful distinction between CyberSecurity and HIPAA Security from a technical perspective; however from a legal perspective each regulatory regime must be treated as a unique and distinctive set of regulations. The WannaCry attack made the... Continue reading
Posted Jun 20, 2017 at Web-Tones
Comment
0
What is CyberSecurity?
Image
That question is so broad that it can only be answered succinctly in the abstract. However for our purpose such a definition should work just fine. One such definition follows: "Cybersecurity is the body of technologies, processes and practices designed... Continue reading
Posted Jun 14, 2017 at Web-Tones
Comment
0
What is HIPAA Security?
Image
The answer to this question contains two related but ultimately separate and distinct parts: (1) a set of security controls not all that dissimilar from the CIS top 20; and (2) a coherent regulatory regime that is a set of... Continue reading
Posted Jun 12, 2017 at Web-Tones
Comment
0
Cloud leads to larger and larger data breaches?
Image
This article answers that question in the affirmative. Larger and larger data breaches are now an undeniable trend, which the available data clearly supports. The $$ quote form this article is: Before 2009, the majority of data breaches were the... Continue reading
Posted Jun 11, 2017 at Web-Tones
Comment
0
HHS WannaCry Guidance Summarized!
You can see the full text of the most recent guidance here. The takeaway from HHS' guidance post WannaCry can be summarized as (1) Contingency Plans (see below); and (2) Network Scans. My entity just experienced a cyber-attack! What do... Continue reading
Posted Jun 9, 2017 at Web-Tones
Comment
0
No Network Scanning = Willful Neglect!
Your network is the heartbeat of your organization; without it no emails get sent, no applications are accessed, no third-party resources of any kind are available—in short, to a large extent, no meaningful work of any kind gets done that... Continue reading
Posted Jun 8, 2017 at Web-Tones
Comment
0
FREE Webinar: Phishing, BitCoin & Ransomware: Don't it make you WannaCry?
Description: This webinar will summarize the lessons learned by the healthcare industry from WannaCry & perform a postmortem on WannaCry's impact. Date and Time, including Time Zone June 15, 2017 2:00 EST Register Here for the June Webinar Looking for... Continue reading
Posted May 31, 2017 at Web-Tones
Comment
0
WannaCry: Re-Broadcast of May Webinar
Chris Saah CEO of TecFac (Technology Facilitators) joined Carlos Leyva and the team for a discussion of the recent the ransomware attack and how to prevent ransomware from penetrating your organization in addition to discussing HHS' methodology implications. Download the... Continue reading
Posted May 24, 2017 at Web-Tones
Comment
0
HHS Notification: International Cyber Threat to Healthcare Organizations
Don't believe that the bad guys are targeting healthcare? Read the follow recent HHS announcement: >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> May 12, 2017 Dear HPH Sector Colleagues, HHS is aware of a significant cyber security issue in the UK and other international locations affecting... Continue reading
Posted May 12, 2017 at Web-Tones
Comment
0
The HIPAA Compliance Challenge
Continue reading
Posted May 3, 2017 at Web-Tones
Comment
0
HHS' Methodology Guidance
HHS has once again provided guidance on the importance of having a methodology to develop, implement, and maintain a comprehensive compliance program ("Program"). The objective of your HIPAA compliance initiative ("HCI") should be to build your Program over time, especially... Continue reading
Posted May 3, 2017 at Web-Tones
Comment
0
FREE Webinar: Revisiting the HIPAA Privacy Rule
Description: This webinar revisits the foundation of the HIPAA Privacy Rule in light of the fact that, due mostly to Breach Notification, the Security Rule has taken most of the oxygen out of the room. Thursday, April 20, 2:00 PM... Continue reading
Posted Apr 18, 2017 at Web-Tones
Comment
0
Subscribe to Carlos Leyva’s Recent Activity
The Typepad Team
View all »
SnowyMari
View all »
0 Favorites
Blogs and Sites
Around The Web