DMC Law and IT Direct Team Up to Offer a 3-Part HIPAA Security and Cybersecurity Webinar

October is Cybersecurity Awareness Month!  It’s no secret that healthcare entities and the businesses that serve them are a popular target for cybercriminals – costing millions each year and damaging reputations. In fact, hacking and IT incidents are the leading cause of reported HIPAA breaches.  

Healthcare executives need to understand both the risks and the high-level solutions to keep their patients and organizations safer and to avoid expensive enforcement actions.

In this three-part series with privacy and healthcare attorney, Dena M Castricone, Esq, and Sammy De La O, Director of Quality and Compliance at IT Direct, you will learn how to improve your cybersecurity and decrease your cyber-risk through compliance with the HIPAA Security Rule: 

Part I: How to Improve Your Cybersecurity Defenses (Oct. 13th at 12pm)

HIPAA Security Rule compliance significantly reduces the risk that a healthcare entity will suffer a cyber incident. During this session, we will look closely at three key HIPAA Security Rule requirements and examine the processes and technologies that both enable compliance as well as dramatically improve cybersecurity defenses.    

Register for Part I here:

Part II:  A deeper dive into the Risk Analysis (Oct. 21st at 12pm)

One of the most common non-compliance findings by the Office for Civil Rights (the governmental entity that enforces HIPAA) is failure to perform or performing an inadequate risk analysis. In this session, we will dive deeper into the risk analysis requirement and look at the structure of a risk analysis as well as best practices for performing, documenting and addressing  the findings. 

Register for Part II here:

Part III:  Best practices for Telehealth and HIPAA Compliance (Oct. 29th at 12pm)

Telehealth became a mainstream healthcare delivery tool almost overnight during the COVID-19 pandemic.  To facilitate wide-spread and rapid adoption of telehealth, the government announced that it was using enforcement discretion with respect to HIPAA compliance and telehealth delivery. Many believe that telehealth is now here to stay, but it is unlikely that enforcement discretion will last. In this final session in the series, we will look at the HIPAA Security Rule requirements as they relate to telehealth, why compliance is a cybersecurity best practice, and some strategies to meet those requirements. 

Register for Part III here:


Dena M. Castricone, Esq., CIPP/US, CIPM

Dena is a privacy and healthcare attorney with over 17 years of legal experience.  Prior to opening her own law practice, Dena served as the General Counsel and Chief of Privacy at one of the largest federally qualified health centers in the country.  Also, Dena was a partner at the firm of Murtha Cullina LLP.  At Murtha, she was the Chair of the Privacy and Cybersecurity group and a member of the Healthcare group.  With an extensive background in privacy and cybersecurity, Dena advises healthcare providers and other businesses on compliance with various state, federal and international privacy laws and has substantial experience navigating health privacy challenges.

Sammy De La O, Director of Quality and Compliance at IT Direct

Sammy has been working in IT for 20 years, including as an engineer and quality manager. With the last 8 years focused on cybersecurity and compliance Sammy has focused on regulatory requirements for IT in the manufacturing, healthcare, life science and finance industries. Sammy maintains a passion for helping organizations grow stronger and more resilient through consistent and high-quality standards for IT and compliance.