The HIPAA Journal Event List

Free Webinar: How to Stop Phishing Attacks Before They Reach Your Team

Posted by Steve Alder

webinar - how to stop healthcare phishing attacksPhishing has long been a leading cause of healthcare data breaches. Hackers target employees as they are a weak link in the security chain, and many healthcare ransomware attacks start with credentials stolen in phishing attacks.

Phishing attacks are often blamed on the employees who respond to phishing attempts. A survey of healthcare IT leaders found 85% of respondents believe employee negligence is a top email security risk, yet despite that, only 16% of respondents said they train their workforce on how to recognize phishing attempts quarterly or more frequently. The majority of healthcare organizations only provide training to their workforce once a year, and hope that the training sticks and employees will remain vigilant throughout the year, which is seldom the case.

Unfortunately, the risk from phishing is getting worse as AI-generated phishing campaigns are difficult for employees to identify. AI-generated phishing emails are grammatically correct, free of spelling mistakes, and use advanced impersonation techniques. An analysis of phishing emails by KnowBe4 between late 2024 and early 2025 found that 83% of phishing emails were AI-generated.  Not only is AI-generated phishing outpacing training programs, the phishing emails also bypass traditional email spam filters. Further, Paubox research shows that when employees do identify phishing attempts, only 5% of attacks are reported to the security team! If you rely on employee training and a traditional email filter, your organization is at risk.

In this free webinar on April 28, 2026, discover why phishing defenses are failing and how you can improve your security posture and block attacks before they reach your team. The webinar is aimed at IT directors, CISOs, security leaders responsible for email infrastructure, compliance officers managing HIPAA email requirements, healthcare administrators who oversee PHI-handling workflows, and security teams weighing whether current controls match current threats.

Webinar attendees will learn about:

  • The evolution of AI-generated phishing and BEC attacks and why they bypass defenses
  • Why healthcare organizations are targeted
  • The findings of a Paubox analysis of 170 email-related data breaches in 2025 and common authentication gaps
  • How the “training plus spam filter” model leaves measurable security gaps
  • How inbound email security at the technical layer catches what training and traditional filters miss
  • How to assess where your organization’s email security actually stands today

WEBINAR DETAILS

How to Stop Phishing Attacks Before They Reach Your Team

Tuesday, April 28, 2026

10 a.m. PT | 11 a.m. MT | 12 p.m. CT | 1 p.m. ET | 6 p.m. BST

Register for the Webinar

Speaker: Dawn Halpin, Demand Generation Manager, Paubox

Dawn Halpin, Paubox

Dawn Halpin, a Marquette University and University of Wisconsin-Milwaukee graduate, is the Demand Generation Manager at the email security firm Paubox. Paubox is a leader in HIPAA-compliant email security for the healthcare industry and is trusted by more than 8,000 organizations, including Cost Plus Drugs, Rippling, and Covenant Health.

The post Free Webinar: How to Stop Phishing Attacks Before They Reach Your Team appeared first on The HIPAA Journal.

Free Webinar Today: HIPAA Email Security 101: PHI, Encryption, and What’s Required

Posted by Steve Alder

According to the Paubox 2026 Healthcare Email Security Report, in 2025, 170 email-related data breaches were reported to the HHS’ Office for Civil Rights (OCR). While healthcare organizations are getting better at preventing email-related data breaches, an analysis of email security configurations found that in 2025, 41% of healthcare organizations fell into the high-risk category, an increase from the previous year.

On top of those large healthcare data breaches are the thousands of smaller breaches that affect fewer than 500 individuals, a large percentage of which are due to poor email security configurations and errors by healthcare employees. Each email incident erodes trust, can be costly to resolve, and potentially puts the organization at risk of a HIPAA penalty, yet email compliance failures are easily avoided.

On March 31, 2026, the leading healthcare email security company, Paubox, is hosting a webinar to explain HIPAA email security 101. The webinar consists of a practical session covering the fundamentals of HIPAA-compliant email, what constitutes PHI and how to identify the indicators of PHI, as well as the key email security requirements that HIPAA-regulated entities must have in place to ensure that sensitive information is protected and patient privacy is assured. Attendees will also learn about the common compliance errors made by organizations and healthcare employees when communicating via email, and how to avoid them.

Webinar attendees will learn about:

  • The HIPAA requirements for email
  • How encryption works and why it is vital for HIPAA compliance
  • What qualifies as protected health information, and how to identify PHI indicators in day-to-day emails
  • The email security requirements for healthcare organizations
  • Common email compliance mistakes when sending PHI and how to avoid them

Reserve your spot today to learn how HIPAA applies to email and the requirements for HIPAA-compliant email communications. 

Why Attend?

  • Attendees will learn the fundamentals of HIPAA-compliant email communications, what constitutes PHI, and the common compliance mistakes made by healthcare organizations and how to avoid them. This webinar is eligible for 1 self-reported CPE. Attendees will receive a certificate of attendance that may be used as supporting documentation when submitting credits to applicable certifying bodies.

WEBINAR DETAILS

HIPAA Email Security 101: PHI, Encryption, and What’s Required

  Date: Tuesday, March 31, 2026
  Time:  18:00 GMT | 13:00 ET | 12:00 CT | 11:00 MT | 10:00 PT
                        Format: Live webinar (Zoom)

 

Speaker: Dawn Halpin, Demand Generation Manager, Paubox

Dawn Halpin, Paubox

Dawn Halpin, a Marquette University and University of Wisconsin-Milwaukee graduate, is the Demand Generation Manager at the email security firm Paubox. Paubox is a leader in HIPAA-compliant email security for the healthcare industry and is trusted by more than 8,000 organizations, including Cost Plus Drugs, Rippling, and Covenant Health.

 

 

The post Free Webinar Today: HIPAA Email Security 101: PHI, Encryption, and What’s Required appeared first on The HIPAA Journal.

FREE Webinar Next Week: 2025 HIPAA Breaches & Fines: What Went Wrong and Your 2026 Action Plan

Posted by Steve Alder

Workforce Compliance

In 2025, hundreds of healthcare data breaches exposed tens of millions of patient records — and the OCR enforcement record shows the same failures surfacing again and again: gaps in employee training, missing or unenforced policies, and inadequate vendor oversight. Whether you run a small practice or a large health system, the patterns are predictable. So are the fixes.

Join Liam Degnan, Healthcare Compliance Expert at Compliancy Group, for this HIPAA Journal exclusive deep dive into 2025’s most instructive breaches, fines, and settlements. You’ll leave with a concrete framework to close the gaps regulators consistently target — before they find you.

Webinar attendees will learn:

  • 2025’s top violation patterns– The compliance failures OCR cited most and why they keep recurring
  • The three highest-risk failure points – The most common HIPAA compliance failure points that lead directly to fines for medical practices
  • How audits actually happen– How OCR and HHS identify weak compliance programs and what triggers enforcement actions
  • Your 2026 compliance playbook – Practical steps to build a defensible, ongoing program, with or without a dedicated team

Why Attend?

This is an exclusive opportunity for readers of the HIPAA Journal to learn from the mistakes other healthcare organizations have made and avoid falling victim to the noncompliance issues that lead to regulatory fines and lawsuits.

Attendees will be provided with the information they need to create an action plan to ensure compliance in 2026 and beyond. Complete the form on this page to register your place, and make a note of the date and time in your diary.

 

WEBINAR DETAILS

2025 HIPAA Breaches & Fines: What Went Wrong and Your 2026 Action Plan

  Date: Tuesday, April 28, 2026

Time: 1:00 p.m. ET | 12:00 p.m. CT | 11:00 a.m. MT | 10:00 a.m. PT

Format: Live webinar

 

 

Speaker: Liam Degnan, Director, Solutions Engineering

Liam Degnan Compliancy GroupLiam Degnan brings more than eight years of experience in risk management, SaaS sales, and healthcare compliance. As Compliancy Group’s Senior Solutions Engineer, he advises healthcare decision-makers, healthcare providers, and medical vendors. He speaks on a variety of platforms and topics, with an emphasis on simplifying HIPAA, OSHA, SOC 2, and other healthcare compliance regulations.

 

 

The post FREE Webinar Next Week: 2025 HIPAA Breaches & Fines: What Went Wrong and Your 2026 Action Plan appeared first on The HIPAA Journal.

Cyber Security for Healthcare: USA Summit

Posted by Ian

The HealthSec: Cyber Security for Healthcare Summit returns for its 2nd edition in Boston, Massachusetts on June 12th – 13th!

As operations in healthcare and life sciences industries are becoming increasingly digitized and internet-connected, the attack surface is expanding and cybersecurity risks are growing.

In the light of this, healthcare security leaders from across the hospitals & healthcare systems, healthcare equipment and services, medical devices, pharma and biotech industries are preparing to gather at the summit to learn how to protect their sensitive data from cyber attacks.

CPD certified event

This CPD certified event is your chance to unite with cybersecurity leaders from the likes of Abbott, GSK, Moderna, Pfizer and Johnson & Johnson through interactive sessions, as well as 6+ hours of networking, including seated lunches and a drinks reception.

Over 2 days, you’ll learn how to build resilience, mitigate risks and strengthen your cybersecurity strategy to combat new and ongoing threats through thought leadership talks, in-depth case-studies, panel discussions and roundtables. See list of speakers

Agenda highlights include:

  • A Culture of Shared Responsibility Between HDOs and MDMs: What It Looks Like, and How to Achieve It
  • How to Effectively Address Third Party Risk Management Pain Points in Healthcare
  • Case Study: Surviving a Ransomware Attack -Lessons Learned from the Healthcare Industry
  • Streamlining Regulatory Compliance in Healthcare: How Do We Get There?

For 15% discount on passes, register now using the code “HIPPA” at registration online here.

The post Cyber Security for Healthcare: USA Summit appeared first on HIPAA Journal.

Virtual 43rd National HIPAA Summit – April 7-10, 2026

Posted by HIPAA Journal

The National HIPAA Summit, a leading forum on healthcare EDI, privacy, cybersecurity, and HIPAA compliance, will be hosting the Virtual 43rd National HIPAA Summit on April 7, 2026, through April 10, 2026, with professional certification and HIPAA Summit Workforce Training sessions running before the event.

There is an early bird discount to readers of The HIPAA Journal who sign up for the event before December 12, 2025.

HIPAA Summit 2026

The event provides a tremendous opportunity for learning through HIPAA workforce training sessions and keynote speeches from top government officials and leading industry professionals. Attendees will gain valuable insights into health information privacy, healthcare cybersecurity, HIPAA enforcement, and a wealth of information to help them maintain HIPAA compliance and take healthcare data privacy and security to the next level.

The HIPAA Summit runs from Tuesday, April 7, 2026, through Friday, April 10, 2026, and includes a preconference training program with an expanded curriculum. The training program kicks off on March 11, 2026, with AI Cyber Risk Professional (aiCRP) Training and the Professional Certification Exam with Uday Pabrai, MSEE, CMMC.

Training sessions will be held on the three Wednesdays before the event:

  • HIPAA Workforce Basic Privacy Training on March 18, 2026, with Adam Greene, JD
  • HIPAA Workforce Basic Security/Breach Training on March 26, 2026, with Illiana Peters, JD
  • HIPAA Summit Workforce Training: HIPAA transactions, Operating Rules, and Critical Healthcare Data Exchange Issues with Nancy W. Spector, BSN, MSc.

Employers will be able to assign specific video sessions from these training events to allow members of the workforce to complete the training over time.

HIPAA Summit Co-Chairs

  • Erik Decker, MS – Vice President and Chief Information Security Officer, Intermountain Healthcare; Former Chair, Cybersecurity Working Group, Chicago, IL
  • Adam Greene, JD, MPH – Partner and Co-chair, Health Information & HIPAA Practice, Davis Wright Tremaine LLP, HIPAA Summit Distinguished Service Award Winner, Former Senior Health Information Technology and Privacy Specialist, Office for Civil Rights, HHS, Washington, DC
  • Kirk J. Nahra, JD – Partner and Co-chair of the Privacy and Cybersecurity Practice, Wilmer Hale, Adjunct Professor, American University Washington College of Law, Washington, DC
  • Iliana Peters, JD, LLM – Shareholder, Polsinelli, Former Acting Deputy Director, Health Information Privacy, Office for Civil Rights, US Department of Health and Human Services, Washington, DC
  • Nancy W. Spector, BSN, MSc – Senior Director of Federal Affairs, Workgroup for Electronic Data Interchange (WEDI); Former Coding and HIT Advocacy Director, American Medical Association, Harrisburg, PA

 Keynote Speakers

  • Michael Cimmino, MPH – Director, National Standards Group, Office of Healthcare Experience and Interoperability, Centers for Medicare & Medicaid Services, Washington, DC
  • Gregory T. Garcia – Executive Director, Cybersecurity Working Group, Health Sector Coordinating Council; Former Assistant Secretary for Cybersecurity, US Department of Homeland Security, Washington, DC
  • Samantha Jacques, PhD, FACHE, AAMIF – Vice President, Clinical Engineering, McLaren Health Care; Vice Chair, Health Sector Coordinating Council, Cybersecurity, Detroit, MI
  • Deven McGraw, JD, MPH, LLM – Chief Regulatory & Privacy Officer, Citizen Health; Cofounder and Lead, Data Stewardship & Data Sharing, Invitae; Former Deputy Director, Health Information Privacy, HHS Office for Civil Rights; Former Director, Health Privacy Project, Center for Democracy & Technology, Redwood City, CA
  • Jules Polonetsky, JD – Chief Executive Officer, Future of Privacy Forum; Former Chief Privacy Officer, SVP Consumer Advocacy, AOL; Former Chief Privacy Officer, DoubleClick; Former Commissioner, New York City Department of Consumer and Worker Protection; Former Member, New York State, Potomac, MD
  • Daniel J. Solove, JD  – John Marshall Harlan Research Professor of Law, George Washington University Law School; Founder, TeachPrivacy; Author, The Digital Person: Technology and Privacy in the Information Age, Washington, DC

Click Here to Register for the Event

Early Bird Discount for Registrations Before December 12, 2025

The post Virtual 43rd National HIPAA Summit – April 7-10, 2026 appeared first on The HIPAA Journal.