PrivaPlan Associates
@privaplan.bsky.social
We provide end-to-end privacy & security solutions, helping businesses stay safe & compliant. With over 20 years of experience, especially in healthcare, we’re trusted experts who tackle vulnerabilities head-on to protect sensitive information.
Pinned
We just dropped an essential guide for generative AI in health care without compromising #HIPAA Security compliance.
If you are working on #AI or AI Ambient Scribes, this is your playbook for doing it securely!
Learn more here: buff.ly/Ru5GwDq
If you are working on #AI or AI Ambient Scribes, this is your playbook for doing it securely!
Learn more here: buff.ly/Ru5GwDq
Be wary where you shop online! Fake shopping sites are surging ahead of Black Friday as scammers use AI to create look-alike pages to steal your data and dollars.
New data shows that fake Amazon storefronts jumped 232% in one month.
Learn how to spot and avoid these scams here: bit.ly/3KmCqOc.
New data shows that fake Amazon storefronts jumped 232% in one month.
Learn how to spot and avoid these scams here: bit.ly/3KmCqOc.
November 25, 2025 at 4:28 PM
Be wary where you shop online! Fake shopping sites are surging ahead of Black Friday as scammers use AI to create look-alike pages to steal your data and dollars.
New data shows that fake Amazon storefronts jumped 232% in one month.
Learn how to spot and avoid these scams here: bit.ly/3KmCqOc.
New data shows that fake Amazon storefronts jumped 232% in one month.
Learn how to spot and avoid these scams here: bit.ly/3KmCqOc.
Hackers are always looking for vulnerabilities to exploit, and outdated software is an easy target. One of the best ways to protect yourself online is by keeping your software and apps up to date.
We have 5 steps for safe software updates!
#CybersecurityAwarenessMonth #HealthcareSecurity
We have 5 steps for safe software updates!
#CybersecurityAwarenessMonth #HealthcareSecurity
October 27, 2025 at 3:20 PM
Hackers are always looking for vulnerabilities to exploit, and outdated software is an easy target. One of the best ways to protect yourself online is by keeping your software and apps up to date.
We have 5 steps for safe software updates!
#CybersecurityAwarenessMonth #HealthcareSecurity
We have 5 steps for safe software updates!
#CybersecurityAwarenessMonth #HealthcareSecurity
Forgotten service accounts can be weak spots for intruders. Turn them into assets by making them part of your security strategy! Know your vulnerabilities and focus on prevention.
Read our article to learn more! buff.ly/IbP5msy #CyberSecurity #HIPAA
Read our article to learn more! buff.ly/IbP5msy #CyberSecurity #HIPAA
The Hidden Danger of Forgotten Service Accounts | PrivaPlan
Forgotten, out-of-date or orphaned, service accounts refer to accounts whose credentials have expired or are no longer valid.
buff.ly
October 23, 2025 at 5:34 PM
Forgotten service accounts can be weak spots for intruders. Turn them into assets by making them part of your security strategy! Know your vulnerabilities and focus on prevention.
Read our article to learn more! buff.ly/IbP5msy #CyberSecurity #HIPAA
Read our article to learn more! buff.ly/IbP5msy #CyberSecurity #HIPAA
AI-aided attacks are getting more creative. Microsoft just caught a phishing campaign where criminals hid AI-generated code inside an SVG file to slip past traditional defenses.
The takeaway? Layered security + employee awareness are critical.
buff.ly/g1RFcbt
The takeaway? Layered security + employee awareness are critical.
buff.ly/g1RFcbt
AI vs. AI: Detecting an AI-obfuscated phishing campaign | Microsoft Security Blog
Microsoft Threat Intelligence recently detected and blocked a credential phishing campaign that likely used AI-generated code to obfuscate its payload and evade traditional defenses, demonstrating a…
buff.ly
October 9, 2025 at 6:04 PM
AI-aided attacks are getting more creative. Microsoft just caught a phishing campaign where criminals hid AI-generated code inside an SVG file to slip past traditional defenses.
The takeaway? Layered security + employee awareness are critical.
buff.ly/g1RFcbt
The takeaway? Layered security + employee awareness are critical.
buff.ly/g1RFcbt
Smarter, Faster, Sneakier. AI-Aided phishing scams are on the rise. Scammers are now using AI to craft emails so convincing they look like they’re from your boss, IT team, or even your customers. #CybersecurityAwarenessMonth #HealthcareSecurity
October 7, 2025 at 3:20 PM
Smarter, Faster, Sneakier. AI-Aided phishing scams are on the rise. Scammers are now using AI to craft emails so convincing they look like they’re from your boss, IT team, or even your customers. #CybersecurityAwarenessMonth #HealthcareSecurity
It's time to go passwordless! Weak or stolen passwords cause 80% of breaches. Passkeys are more secure and easier to use.
• No passwords to remember
• Sign in with your face, fingerprint, or PIN
• Built into most phones, computers, and browsers
#cybersecurityawareness #passwordless
• No passwords to remember
• Sign in with your face, fingerprint, or PIN
• Built into most phones, computers, and browsers
#cybersecurityawareness #passwordless
October 6, 2025 at 3:20 PM
It's time to go passwordless! Weak or stolen passwords cause 80% of breaches. Passkeys are more secure and easier to use.
• No passwords to remember
• Sign in with your face, fingerprint, or PIN
• Built into most phones, computers, and browsers
#cybersecurityawareness #passwordless
• No passwords to remember
• Sign in with your face, fingerprint, or PIN
• Built into most phones, computers, and browsers
#cybersecurityawareness #passwordless
Healthcare organizations using web tracking technologies are starting to are face fines
The risks aren’t just financial. They’re legal. Regulatory. Reputational. When patient trust is at stake, the stakes are always higher. Learn more in our new article.
The risks aren’t just financial. They’re legal. Regulatory. Reputational. When patient trust is at stake, the stakes are always higher. Learn more in our new article.
Mount Sinai Settles Web Trackers Privacy Claim for $5.3M | PrivaPlan
Healthcare organizations are learning that they must be aware of web trackers and have a clear understanding of what data is being collected.
buff.ly
October 3, 2025 at 9:07 PM
Healthcare organizations using web tracking technologies are starting to are face fines
The risks aren’t just financial. They’re legal. Regulatory. Reputational. When patient trust is at stake, the stakes are always higher. Learn more in our new article.
The risks aren’t just financial. They’re legal. Regulatory. Reputational. When patient trust is at stake, the stakes are always higher. Learn more in our new article.
Why Passwords Won’t Survive the AI Era
Hackers don’t need to guess anymore. Armed with AI and billions of leaked credentials, they can break through weak or reused passwords faster than ever.
#CyberSecurityAwarenessMonth
Hackers don’t need to guess anymore. Armed with AI and billions of leaked credentials, they can break through weak or reused passwords faster than ever.
#CyberSecurityAwarenessMonth
October 3, 2025 at 3:20 PM
Why Passwords Won’t Survive the AI Era
Hackers don’t need to guess anymore. Armed with AI and billions of leaked credentials, they can break through weak or reused passwords faster than ever.
#CyberSecurityAwarenessMonth
Hackers don’t need to guess anymore. Armed with AI and billions of leaked credentials, they can break through weak or reused passwords faster than ever.
#CyberSecurityAwarenessMonth
Are You Ready to Go Passwordless?
Weak or stolen passwords cause 80% of breaches. There’s a safer, easier way: passkeys.
No passwords to remember - Your info is stored securely on your device, so even if hackers breach a website, your account stays protected. #CybersecurityAwarenessMonth
Weak or stolen passwords cause 80% of breaches. There’s a safer, easier way: passkeys.
No passwords to remember - Your info is stored securely on your device, so even if hackers breach a website, your account stays protected. #CybersecurityAwarenessMonth
October 1, 2025 at 6:31 PM
Are You Ready to Go Passwordless?
Weak or stolen passwords cause 80% of breaches. There’s a safer, easier way: passkeys.
No passwords to remember - Your info is stored securely on your device, so even if hackers breach a website, your account stays protected. #CybersecurityAwarenessMonth
Weak or stolen passwords cause 80% of breaches. There’s a safer, easier way: passkeys.
No passwords to remember - Your info is stored securely on your device, so even if hackers breach a website, your account stays protected. #CybersecurityAwarenessMonth
The Joint Commission and the Coalition for Health AI released new guidance on the responsible use of AI in healthcare.
Get details in our latest article, plus learn how to ensure HIPAA compliance when using AI in healthcare. #AIhealthcare #HIPAA #AI #healthcare
privaplan.com/joint-commis...
Get details in our latest article, plus learn how to ensure HIPAA compliance when using AI in healthcare. #AIhealthcare #HIPAA #AI #healthcare
privaplan.com/joint-commis...
September 24, 2025 at 9:05 PM
The Joint Commission and the Coalition for Health AI released new guidance on the responsible use of AI in healthcare.
Get details in our latest article, plus learn how to ensure HIPAA compliance when using AI in healthcare. #AIhealthcare #HIPAA #AI #healthcare
privaplan.com/joint-commis...
Get details in our latest article, plus learn how to ensure HIPAA compliance when using AI in healthcare. #AIhealthcare #HIPAA #AI #healthcare
privaplan.com/joint-commis...
Michigan Medicine sent postcards this summer that potentially exposed patient health data. This incident highlights the importance of staying HIPAA compliant with all mail pieces. Get the details in our latest article.
Postcard Error May Have Exposed PHI at Michigan Medicine | PrivaPlan
A postcard sent without an envelope possibly exposed patient health information, highlighting the importance of staying HIPAA compliant with all mail pieces.
privaplan.com
August 19, 2025 at 1:40 PM
Michigan Medicine sent postcards this summer that potentially exposed patient health data. This incident highlights the importance of staying HIPAA compliant with all mail pieces. Get the details in our latest article.
AI in healthcare security works in seconds. Your HIPAA compliance plan? It might take months. That gap creates risk.
Our new article breaks down:
✅ The biggest AI compliance hurdles healthcare orgs face right now
✅ Practical steps to align with the #HIPAA Security Rule
Our new article breaks down:
✅ The biggest AI compliance hurdles healthcare orgs face right now
✅ Practical steps to align with the #HIPAA Security Rule
The AI Security Surge: Why Compliance with the HIPAA Security Rule Can’t Wait | PrivaPlan
In this article, we explore why HIPAA compliance is more important in the era of AI and how organizations can effectively apply the HIPAA Security Rule to...
buff.ly
August 12, 2025 at 8:11 PM
AI in healthcare security works in seconds. Your HIPAA compliance plan? It might take months. That gap creates risk.
Our new article breaks down:
✅ The biggest AI compliance hurdles healthcare orgs face right now
✅ Practical steps to align with the #HIPAA Security Rule
Our new article breaks down:
✅ The biggest AI compliance hurdles healthcare orgs face right now
✅ Practical steps to align with the #HIPAA Security Rule
Is your organization adequately protecting ePHI? A New York surgery center faces a $250,000 fine and a two-year corrective action plan after OCR identified gaps in risk analysis and timely breach reporting. Discover what went wrong and what HIPAA entities should do: buff.ly/rzRBXzt #HIPAA #ePHI
Syracuse ASC Pays $250K Fine for Alleged HIPAA Violations | PrivaPlan
A New York surgery center has agreed to pay a $250,000 penalty for potential violations of the HIPAA Security and Breach Notification Rules.
buff.ly
July 25, 2025 at 6:02 PM
Is your organization adequately protecting ePHI? A New York surgery center faces a $250,000 fine and a two-year corrective action plan after OCR identified gaps in risk analysis and timely breach reporting. Discover what went wrong and what HIPAA entities should do: buff.ly/rzRBXzt #HIPAA #ePHI
Federal agencies are warning of potential cyber risks from Iranian-affiliated groups targeting key U.S. infrastructure, including healthcare, ahead of July 4th. Cyberattacks often occur during holidays due to distractions and reduced staffing. Learn more in our latest article:
Health Care Sector Urged to be Cyber Vigilant Ahead of July 4th | PrivaPlan
Leading up to Independence Day, health care organizations are advised to brace for potential cyberattacks from Iranian state-sponsored or affiliated actors.
buff.ly
July 2, 2025 at 9:47 PM
Federal agencies are warning of potential cyber risks from Iranian-affiliated groups targeting key U.S. infrastructure, including healthcare, ahead of July 4th. Cyberattacks often occur during holidays due to distractions and reduced staffing. Learn more in our latest article:
Two remote workers using false identities may have accessed patient data at Virginia-based Sentara Health from January to April 10, 2025. The breach was discovered when a manager noticed the two workers participating in virtual meetings did not match their hiring photos. Get the details here.
Remote Workers Access Patient Data Using False Identities
Sentara Health has confirmed that two remote workers using false identities may have accessed sensitive patient information from January to April 10, 2025.
buff.ly
June 18, 2025 at 7:29 PM
Two remote workers using false identities may have accessed patient data at Virginia-based Sentara Health from January to April 10, 2025. The breach was discovered when a manager noticed the two workers participating in virtual meetings did not match their hiring photos. Get the details here.
Among rising global threats, President Trump signed an Executive Order June 6 that amends and updates cybersecurity policies from the Obama and Biden eras. It narrows the focus to foreign cyberattacks and prioritizes quantum-ready encryption and AI vulnerability detection. Read our latest article.
New Executive Order to Strengthen Cybersecurity Defenses | PrivaPlan
President Donald Trump signed a new executive order to update and consolidate U.S. cybersecurity policy in response to increasing global cyber threats.
buff.ly
June 11, 2025 at 8:18 PM
Among rising global threats, President Trump signed an Executive Order June 6 that amends and updates cybersecurity policies from the Obama and Biden eras. It narrows the focus to foreign cyberattacks and prioritizes quantum-ready encryption and AI vulnerability detection. Read our latest article.
What are your biggest compliance challenges right now?
We want to know the pressures businesses are face balancing compliance with limited resources.
Drop it in the comments or DM us if you'd rather keep it private.
Let's talk about it because your work is critical & we're here to support it!
We want to know the pressures businesses are face balancing compliance with limited resources.
Drop it in the comments or DM us if you'd rather keep it private.
Let's talk about it because your work is critical & we're here to support it!
June 4, 2025 at 4:14 PM
What are your biggest compliance challenges right now?
We want to know the pressures businesses are face balancing compliance with limited resources.
Drop it in the comments or DM us if you'd rather keep it private.
Let's talk about it because your work is critical & we're here to support it!
We want to know the pressures businesses are face balancing compliance with limited resources.
Drop it in the comments or DM us if you'd rather keep it private.
Let's talk about it because your work is critical & we're here to support it!
To actually make a difference to a health care clinic, AI Scribes need:
🔐 Data governance
♻️ Data lifecycle
🚨 Disaster recovery plans
👋 If you're exploring AI Scribes for your clinic & need help with policy development or compliance planning we're here to help! Reach out today!
🔐 Data governance
♻️ Data lifecycle
🚨 Disaster recovery plans
👋 If you're exploring AI Scribes for your clinic & need help with policy development or compliance planning we're here to help! Reach out today!
May 28, 2025 at 4:22 PM
To actually make a difference to a health care clinic, AI Scribes need:
🔐 Data governance
♻️ Data lifecycle
🚨 Disaster recovery plans
👋 If you're exploring AI Scribes for your clinic & need help with policy development or compliance planning we're here to help! Reach out today!
🔐 Data governance
♻️ Data lifecycle
🚨 Disaster recovery plans
👋 If you're exploring AI Scribes for your clinic & need help with policy development or compliance planning we're here to help! Reach out today!
A new study shows hacking drives most health care data breaches, and the May 20 Kettering Health ransomware attack proves the threat is far from over.
The study's 14-year analysis of ransomware and data breaches of HIPAA-covered entities reveals alarming cyberattack trends. Read to learn more.
The study's 14-year analysis of ransomware and data breaches of HIPAA-covered entities reveals alarming cyberattack trends. Read to learn more.
Study Finds Hacking Behind 88% of Patient Record Breaches | PrivaPlan
A new study shows hacking drives most health care data breaches. The recent Kettering Health ransomware attack proves the threat is far from over.
buff.ly
May 22, 2025 at 4:17 PM
A new study shows hacking drives most health care data breaches, and the May 20 Kettering Health ransomware attack proves the threat is far from over.
The study's 14-year analysis of ransomware and data breaches of HIPAA-covered entities reveals alarming cyberattack trends. Read to learn more.
The study's 14-year analysis of ransomware and data breaches of HIPAA-covered entities reveals alarming cyberattack trends. Read to learn more.
AI Scribes are the future of medical documentation, but is your health care clinic ready to integrate this tool? Our latest article examines how clinics can prep for a smooth and successful integration with our new guide
Take a moment to read it today! buff.ly/UrJGpB3
Take a moment to read it today! buff.ly/UrJGpB3
AI Ambient Scribes: Is Your Health Care Clinic Ready? | PrivaPlan
Learn about AI Ambient Scribes what they are, their benefits, and how your clinic can prepare for a seamless and successful integration.
privaplan.com
May 20, 2025 at 5:30 PM
AI Scribes are the future of medical documentation, but is your health care clinic ready to integrate this tool? Our latest article examines how clinics can prep for a smooth and successful integration with our new guide
Take a moment to read it today! buff.ly/UrJGpB3
Take a moment to read it today! buff.ly/UrJGpB3
Protecting ePHI (electronic Protected Health Information) isn’t a “nice to have.” It’s essential. It’s the difference between trust and disaster.
Let’s talk about 3 moves every organization should make to keep ePHI secure. (Thread)
#Cybersecurity #ePHI #DataPrivacy
Let’s talk about 3 moves every organization should make to keep ePHI secure. (Thread)
#Cybersecurity #ePHI #DataPrivacy
May 15, 2025 at 7:02 PM
Protecting ePHI (electronic Protected Health Information) isn’t a “nice to have.” It’s essential. It’s the difference between trust and disaster.
Let’s talk about 3 moves every organization should make to keep ePHI secure. (Thread)
#Cybersecurity #ePHI #DataPrivacy
Let’s talk about 3 moves every organization should make to keep ePHI secure. (Thread)
#Cybersecurity #ePHI #DataPrivacy
Invisible tracking pixels embedded in sites and emails silently gather data like clicks, scrolls, and page time. This data is invaluable for businesses, but consumers are losing trust. As awareness increases, so do legal actions and hefty fines. Learn more: buff.ly/mDCVMQG #TrackingPixels
The Hidden Cost of Undisclosed Tracking Pixels: Lost Trust, Big Fines | PrivaPlan
Regulators and consumers are responding to companies that don't disclose the use of tracking pixels on their websites with lawsuits and costly fines.
buff.ly
May 14, 2025 at 2:13 PM
Invisible tracking pixels embedded in sites and emails silently gather data like clicks, scrolls, and page time. This data is invaluable for businesses, but consumers are losing trust. As awareness increases, so do legal actions and hefty fines. Learn more: buff.ly/mDCVMQG #TrackingPixels
Verizon's 2025 Data Breach Investigations Report reveals key shifts in the security landscape:
🔹 Human error remains a factor in 60% of breaches
🔹 Third-party risk has doubled to 30% of incidents
🔹 Ransomware has increased from 37% to 44% of breaches
Learn more!
🔹 Human error remains a factor in 60% of breaches
🔹 Third-party risk has doubled to 30% of incidents
🔹 Ransomware has increased from 37% to 44% of breaches
Learn more!
Verizon 2025 Report: Ransomware and Third-Party Breaches Rise | PrivaPlan
Verizon’s newly released 2025 Data Breach Investigations Report (DBIR) reveals several unsettling trends in cybersecurity.
buff.ly
May 7, 2025 at 4:02 PM
Verizon's 2025 Data Breach Investigations Report reveals key shifts in the security landscape:
🔹 Human error remains a factor in 60% of breaches
🔹 Third-party risk has doubled to 30% of incidents
🔹 Ransomware has increased from 37% to 44% of breaches
Learn more!
🔹 Human error remains a factor in 60% of breaches
🔹 Third-party risk has doubled to 30% of incidents
🔹 Ransomware has increased from 37% to 44% of breaches
Learn more!
This is a reminder that we have an exciting presentation this morning for the Colorado Rural Health Center Conference! Come learn about "Promoting Interoperability- It Is Still With Us! Don't Lose Money!" Presented by our bright associates, Lil Sonntag, David Ginsberg & Randy Steinle from CorePLUS
April 18, 2025 at 1:01 PM
This is a reminder that we have an exciting presentation this morning for the Colorado Rural Health Center Conference! Come learn about "Promoting Interoperability- It Is Still With Us! Don't Lose Money!" Presented by our bright associates, Lil Sonntag, David Ginsberg & Randy Steinle from CorePLUS
We're excited to participate in the Colorado Rural Healthcare Conference this week in Broomfield, CO. Our President, David Ginsberg, is joined by Ron Bebus, CIO, Lil Sonntag, Senior Consultant, and Randy Steinle, Executive VP of CorePlus, to inspire solutions for rural health care challenges.
April 17, 2025 at 9:42 PM
We're excited to participate in the Colorado Rural Healthcare Conference this week in Broomfield, CO. Our President, David Ginsberg, is joined by Ron Bebus, CIO, Lil Sonntag, Senior Consultant, and Randy Steinle, Executive VP of CorePlus, to inspire solutions for rural health care challenges.