The HIPAA Journal Event List

Free Webinar: How to Stop Phishing Attacks Before They Reach Your Team

Posted by Steve Alder

webinar - how to stop healthcare phishing attacksPhishing has long been a leading cause of healthcare data breaches. Hackers target employees as they are a weak link in the security chain, and many healthcare ransomware attacks start with credentials stolen in phishing attacks.

Phishing attacks are often blamed on the employees who respond to phishing attempts. A survey of healthcare IT leaders found 85% of respondents believe employee negligence is a top email security risk, yet despite that, only 16% of respondents said they train their workforce on how to recognize phishing attempts quarterly or more frequently. The majority of healthcare organizations only provide training to their workforce once a year, and hope that the training sticks and employees will remain vigilant throughout the year, which is seldom the case.

Unfortunately, the risk from phishing is getting worse as AI-generated phishing campaigns are difficult for employees to identify. AI-generated phishing emails are grammatically correct, free of spelling mistakes, and use advanced impersonation techniques. An analysis of phishing emails by KnowBe4 between late 2024 and early 2025 found that 83% of phishing emails were AI-generated.  Not only is AI-generated phishing outpacing training programs, the phishing emails also bypass traditional email spam filters. Further, Paubox research shows that when employees do identify phishing attempts, only 5% of attacks are reported to the security team! If you rely on employee training and a traditional email filter, your organization is at risk.

In this free webinar on April 28, 2026, discover why phishing defenses are failing and how you can improve your security posture and block attacks before they reach your team. The webinar is aimed at IT directors, CISOs, security leaders responsible for email infrastructure, compliance officers managing HIPAA email requirements, healthcare administrators who oversee PHI-handling workflows, and security teams weighing whether current controls match current threats.

Webinar attendees will learn about:

  • The evolution of AI-generated phishing and BEC attacks and why they bypass defenses
  • Why healthcare organizations are targeted
  • The findings of a Paubox analysis of 170 email-related data breaches in 2025 and common authentication gaps
  • How the “training plus spam filter” model leaves measurable security gaps
  • How inbound email security at the technical layer catches what training and traditional filters miss
  • How to assess where your organization’s email security actually stands today

WEBINAR DETAILS

How to Stop Phishing Attacks Before They Reach Your Team

Tuesday, April 28, 2026

10 a.m. PT | 11 a.m. MT | 12 p.m. CT | 1 p.m. ET | 6 p.m. BST

Register for the Webinar

Speaker: Dawn Halpin, Demand Generation Manager, Paubox

Dawn Halpin, Paubox

Dawn Halpin, a Marquette University and University of Wisconsin-Milwaukee graduate, is the Demand Generation Manager at the email security firm Paubox. Paubox is a leader in HIPAA-compliant email security for the healthcare industry and is trusted by more than 8,000 organizations, including Cost Plus Drugs, Rippling, and Covenant Health.

The post Free Webinar: How to Stop Phishing Attacks Before They Reach Your Team appeared first on The HIPAA Journal.

Free Webinar Next Week: HIPAA Email Security 101: PHI, Encryption, and What’s Required

Posted by Steve Alder

According to the Paubox 2026 Healthcare Email Security Report, in 2025, 170 email-related data breaches were reported to the HHS’ Office for Civil Rights (OCR). While healthcare organizations are getting better at preventing email-related data breaches, an analysis of email security configurations found that in 2025, 41% of healthcare organizations fell into the high-risk category, an increase from the previous year.

On top of those large healthcare data breaches are the thousands of smaller breaches that affect fewer than 500 individuals, a large percentage of which are due to poor email security configurations and errors by healthcare employees. Each email incident erodes trust, can be costly to resolve, and potentially puts the organization at risk of a HIPAA penalty, yet email compliance failures are easily avoided.

On May 21, 2026, the leading healthcare email security company, Paubox, is hosting a webinar to explain HIPAA email security 101. The webinar consists of a practical session covering the fundamentals of HIPAA-compliant email, what constitutes PHI, and how to identify the indicators of PHI, as well as the key email security requirements that HIPAA-regulated entities must have in place to ensure that sensitive information is protected and patient privacy is assured. Attendees will also learn about the common compliance errors made by organizations and healthcare employees when communicating via email, and how to avoid them.

Webinar attendees will learn about:

  • The HIPAA requirements for email
  • How encryption works and why it is vital for HIPAA compliance
  • What qualifies as protected health information, and how to identify PHI indicators in day-to-day emails
  • The email security requirements for healthcare organizations
  • Common email compliance mistakes when sending PHI and how to avoid them

Reserve your spot today to learn how HIPAA applies to email and the requirements for HIPAA-compliant email communications. 

Why Attend?

  • Attendees will learn the fundamentals of HIPAA-compliant email communications, what constitutes PHI, and the common compliance mistakes made by healthcare organizations, and how to avoid them. This webinar is eligible for 1 self-reported CPE. Attendees will receive a certificate of attendance that may be used as supporting documentation when submitting credits to applicable certifying bodies.

WEBINAR DETAILS

HIPAA Email Security 101: PHI, Encryption, and What’s Required

Thursday, May 21, 2026

10 a.m. PT | 11 a.m. MT | 12 p.m. CT | 1 p.m. ET | 6 a.m. BST

Register for the Webinar

 

Speaker: Dawn Halpin, HIPAA Evangelist, Paubox

Dawn Halpin, Paubox

Dawn Halpin, a graduate of Marquette University and the University of Wisconsin-Milwaukee, is a HIPAA Evangelist at the email security firm Paubox. Paubox is a leader in HIPAA-compliant email security for the healthcare industry and is trusted by more than 8,000 organizations, including Cost Plus Drugs, Rippling, and Covenant Health.

 

 

The post Free Webinar Next Week: HIPAA Email Security 101: PHI, Encryption, and What’s Required appeared first on The HIPAA Journal.

FREE Webinar: Compliance Best Practices & Live Demo on Tues May 19

Posted by Steve Alder

Workforce Compliance

Healthcare compliance isn’t a checklist, it’s a program. And most organizations are managing it across a tangle of spreadsheets, binders, and disconnected tools.

Join Compliancy Group for a live session designed to cut through the complexity and give you a clearer picture of what an effective compliance program actually looks like and how to build one.

They will walk through industry best practices across the four core areas of compliance, sharing the dos and don’ts that separate defensible programs from costly gaps, and then show you exactly how Compliancy Group’s platform manages each area in one connected system.

What Will be Covered?

  • Risk & Assessment — How to conduct, document, and act on risk assessments the way OIG and OCR expect
  • Workforce Compliance — Training, attestations, and the employee-level accountability that auditors look for
  • Vendor Compliance — Why 70% of 2025 breaches trace back to business associates, and how to manage third-party risk
  • Incident Management & Hotline Reporting — Building a culture of reporting and a process that protects your organization

This isn’t a standard product demo. It’s a practical session built for compliance-responsible leaders who want real guidance and want to see what simplified, visible, and defensible looks like in practice.

 

WEBINAR DETAILS

Compliance Best Practices & Live Demo Session

  Date: Tuesday, May 19th 2026

Time: 1:00 p.m. ET | 12:00 p.m. CT | 11:00 a.m. MT | 10:00 a.m. PT

Format: Live webinar

 

 

Speaker: Liam Degnan, Director, Solutions Engineering

Liam Degnan Compliancy GroupLiam Degnan brings more than eight years of experience in risk management, SaaS sales, and healthcare compliance. As Compliancy Group’s Senior Solutions Engineer, he advises healthcare decision-makers, healthcare providers, and medical vendors. He speaks on a variety of platforms and topics, with an emphasis on simplifying HIPAA, OSHA, SOC 2, and other healthcare compliance regulations.

 

 

The post FREE Webinar: Compliance Best Practices & Live Demo on Tues May 19 appeared first on The HIPAA Journal.

Cyber Security for Healthcare: USA Summit

Posted by Ian

The HealthSec: Cyber Security for Healthcare Summit returns for its 2nd edition in Boston, Massachusetts on June 12th – 13th!

As operations in healthcare and life sciences industries are becoming increasingly digitized and internet-connected, the attack surface is expanding and cybersecurity risks are growing.

In the light of this, healthcare security leaders from across the hospitals & healthcare systems, healthcare equipment and services, medical devices, pharma and biotech industries are preparing to gather at the summit to learn how to protect their sensitive data from cyber attacks.

CPD certified event

This CPD certified event is your chance to unite with cybersecurity leaders from the likes of Abbott, GSK, Moderna, Pfizer and Johnson & Johnson through interactive sessions, as well as 6+ hours of networking, including seated lunches and a drinks reception.

Over 2 days, you’ll learn how to build resilience, mitigate risks and strengthen your cybersecurity strategy to combat new and ongoing threats through thought leadership talks, in-depth case-studies, panel discussions and roundtables. See list of speakers

Agenda highlights include:

  • A Culture of Shared Responsibility Between HDOs and MDMs: What It Looks Like, and How to Achieve It
  • How to Effectively Address Third Party Risk Management Pain Points in Healthcare
  • Case Study: Surviving a Ransomware Attack -Lessons Learned from the Healthcare Industry
  • Streamlining Regulatory Compliance in Healthcare: How Do We Get There?

For 15% discount on passes, register now using the code “HIPPA” at registration online here.

The post Cyber Security for Healthcare: USA Summit appeared first on HIPAA Journal.

Virtual 43rd National HIPAA Summit – April 7-10, 2026

Posted by HIPAA Journal

The National HIPAA Summit, a leading forum on healthcare EDI, privacy, cybersecurity, and HIPAA compliance, will be hosting the Virtual 43rd National HIPAA Summit on April 7, 2026, through April 10, 2026, with professional certification and HIPAA Summit Workforce Training sessions running before the event.

There is an early bird discount to readers of The HIPAA Journal who sign up for the event before December 12, 2025.

HIPAA Summit 2026

The event provides a tremendous opportunity for learning through HIPAA workforce training sessions and keynote speeches from top government officials and leading industry professionals. Attendees will gain valuable insights into health information privacy, healthcare cybersecurity, HIPAA enforcement, and a wealth of information to help them maintain HIPAA compliance and take healthcare data privacy and security to the next level.

The HIPAA Summit runs from Tuesday, April 7, 2026, through Friday, April 10, 2026, and includes a preconference training program with an expanded curriculum. The training program kicks off on March 11, 2026, with AI Cyber Risk Professional (aiCRP) Training and the Professional Certification Exam with Uday Pabrai, MSEE, CMMC.

Training sessions will be held on the three Wednesdays before the event:

  • HIPAA Workforce Basic Privacy Training on March 18, 2026, with Adam Greene, JD
  • HIPAA Workforce Basic Security/Breach Training on March 26, 2026, with Illiana Peters, JD
  • HIPAA Summit Workforce Training: HIPAA transactions, Operating Rules, and Critical Healthcare Data Exchange Issues with Nancy W. Spector, BSN, MSc.

Employers will be able to assign specific video sessions from these training events to allow members of the workforce to complete the training over time.

HIPAA Summit Co-Chairs

  • Erik Decker, MS – Vice President and Chief Information Security Officer, Intermountain Healthcare; Former Chair, Cybersecurity Working Group, Chicago, IL
  • Adam Greene, JD, MPH – Partner and Co-chair, Health Information & HIPAA Practice, Davis Wright Tremaine LLP, HIPAA Summit Distinguished Service Award Winner, Former Senior Health Information Technology and Privacy Specialist, Office for Civil Rights, HHS, Washington, DC
  • Kirk J. Nahra, JD – Partner and Co-chair of the Privacy and Cybersecurity Practice, Wilmer Hale, Adjunct Professor, American University Washington College of Law, Washington, DC
  • Iliana Peters, JD, LLM – Shareholder, Polsinelli, Former Acting Deputy Director, Health Information Privacy, Office for Civil Rights, US Department of Health and Human Services, Washington, DC
  • Nancy W. Spector, BSN, MSc – Senior Director of Federal Affairs, Workgroup for Electronic Data Interchange (WEDI); Former Coding and HIT Advocacy Director, American Medical Association, Harrisburg, PA

 Keynote Speakers

  • Michael Cimmino, MPH – Director, National Standards Group, Office of Healthcare Experience and Interoperability, Centers for Medicare & Medicaid Services, Washington, DC
  • Gregory T. Garcia – Executive Director, Cybersecurity Working Group, Health Sector Coordinating Council; Former Assistant Secretary for Cybersecurity, US Department of Homeland Security, Washington, DC
  • Samantha Jacques, PhD, FACHE, AAMIF – Vice President, Clinical Engineering, McLaren Health Care; Vice Chair, Health Sector Coordinating Council, Cybersecurity, Detroit, MI
  • Deven McGraw, JD, MPH, LLM – Chief Regulatory & Privacy Officer, Citizen Health; Cofounder and Lead, Data Stewardship & Data Sharing, Invitae; Former Deputy Director, Health Information Privacy, HHS Office for Civil Rights; Former Director, Health Privacy Project, Center for Democracy & Technology, Redwood City, CA
  • Jules Polonetsky, JD – Chief Executive Officer, Future of Privacy Forum; Former Chief Privacy Officer, SVP Consumer Advocacy, AOL; Former Chief Privacy Officer, DoubleClick; Former Commissioner, New York City Department of Consumer and Worker Protection; Former Member, New York State, Potomac, MD
  • Daniel J. Solove, JD  – John Marshall Harlan Research Professor of Law, George Washington University Law School; Founder, TeachPrivacy; Author, The Digital Person: Technology and Privacy in the Information Age, Washington, DC

Click Here to Register for the Event

Early Bird Discount for Registrations Before December 12, 2025

The post Virtual 43rd National HIPAA Summit – April 7-10, 2026 appeared first on The HIPAA Journal.