UnHack with Drex DeFord

From crippling outages to AI-powered deepfakes, 2025 tested healthcare cybersecurity like never before. This year-end recap explores the moments that mattered most: how teams built resilience during system failures, why users became partners instead of "weak links," how identity became the new perimeter, and what it means when you can't trust your own eyes. Through powerful stories from the front lines, we revisit the lessons learned and the community that kept us standing. Because at the end of the day, cybersecurity is patient safety, and the work you do saves lives.

A critical vulnerability called React to Shell exposed tens of thousands of systems worldwide, triggering immediate exploitation by threat actors—including China-nexus groups—within minutes of disclosure. Drex breaks down how this flaw turns innocent web requests into remote access backdoors, why CloudFlare's emergency response accidentally caused widespread outages, and what this high-stakes race teaches us about rapid response patching in healthcare. When attackers move at internet speed, your playbook needs to be faster than your Slack discussion.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate...

December 15, 2025: What if healthcare's biggest breakthroughs require throwing out the playbook? Joined by Daniel Schubert, CEO and Co-Founder of Revuud, this episode explores how AI is fundamentally reshaping healthcare IT strategy, from deploying countless virtual PhD-level agents across operations to rethinking patient access and workflow automation. Healthcare leaders discuss the challenge of prioritizing AI initiatives amid competing demands, the importance of creating organizational margin for creative problem-solving, and why divergent thinking beats linear logic in digital transformation. The conversation tackles talent deployment, the dangers of "we've always done it this way" mentality, and a critical question every CIO must...

December 12, 2025: When cloud platforms like AWS and Azure experience outages, hospitals across the country feel the impact. But are healthcare organizations truly prepared for these disruptions? Charles Knight, Founder of EHC Consulting, explores the critical gaps in healthcare's cloud resilience strategies. From understanding single points of failure to running actual failover tests, this conversation reveals why documentation and operational readiness matter just as much as technical redundancy.

Key Points:

X: This Week Health

LinkedIn: This Week Health

...

December 10, 2025: Valley Medical Center's CIO and SVP, Brian Jones, faced a critical challenge: transform aging infrastructure while enabling his team to focus on data-driven healthcare delivery. In this candid conversation with Drex DeFord and Rackspace's Global Senior Client Executive, Jason Jones, Brian reveals how he disrupted the status quo through a bold partnership that reduced costs by 30%, eliminated unplanned downtime, and freed his team to innovate. Discover how Valley Medical achieved a complete infrastructure transformation in under 12 months, secured a decade of predictable costs, and empowered staff who initially resisted change to become champions of the new model. This...

December 8, 2025: Healthcare systems are drowning in administrative calls while patients struggle with fragmented portals and coordination nightmares. Will Akers, Chief Strategy Officer from Switchboard, MD, joins Bill Russell, Sarah Richardson, and Drex DeFord to unpack a stunning reality: 25-40% of health system calls are simple scheduling requests that could be automated today. Drawing from his experience having children in both Hong Kong and the US healthcare systems, Will reveals stark efficiency gaps costing patients time and money. The conversation explores why seniors spend three weeks yearly on healthcare logistics, how multiple portals create care coordination chaos, and practical automation...

Drex DeFord explores what he calls the "trust recession"—a era where deepfakes, AI-generated content, and sophisticated social engineering have made it nearly impossible to distinguish real from fake. From synthetic customer service agents to North Korean operatives using AI to pass job interviews at US health systems, the threat landscape has fundamentally shifted. DeFord shares practical strategies for healthcare professionals to protect themselves during the holiday season when cyber criminals are most active, including how to validate information, verify identities, and trust your instincts when something feels off.

Remember, Stay a Little Paranoid 

X: Thi...

December 3, 2025: When Will Houston, Network Security Manager at MDI Hospital, received security alerts at 5 AM on a holiday, he faced every healthcare leader's nightmare. But this story gets personal: among the 32,000 breach notifications he later sent were letters to his wife and two children. Join as Will sits down with Fortified Health Security’s Spencer Bales, VP of Product, and Preston Duren, VP of Threat Services,  to explore how a small hospital in Bar Harbor, Maine, shut down 170 compromised accounts before breakfast, managed a crisis spanning weeks, and learned why healthcare-focused cybersecurity partnerships aren't just about technology—they're about prote...

December 1, 2025: As AI tools rapidly transform healthcare IT workflows, leaders face an unexpected challenge: what happens when your team becomes dramatically more productive? Bill Russell, Drex DeFord, and Sarah Richardson explore the productivity paradox hitting healthcare organizations—when AI enables staff to accomplish in hours what once took weeks, do you need fewer people or different approaches? From closing open positions to managing "cozy" employees who've mastered automation, they debate real strategies for navigating this shift. Whether you're a process-driven leader or innovation-focused builder, this discussion reveals how AI is forcing healthcare IT to rethink staffing, workflow waste, and or...

Drex examines the growing insider threat landscape in healthcare cybersecurity. The episode covers CrowdStrike's recent insider incident where screenshots were leaked to cybercriminals, new research showing 93% of organizations struggle to detect insider threats, and the Geisinger Health/Nuance $5 million settlement over improper data access. Drex also reveals how ransomware groups like Medusa are directly recruiting healthcare employees with financial incentives, highlighting that insider threats aren't just malicious employees—they're also your people being actively targeted through phishing and recruitment offers.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

...

November 25, 2025: What if cybersecurity awareness training could be fun, like mixing bratwurst and flu shots? Shawna Hofer, CISO at St. Luke's Health System, shares how her team transformed security culture by meeting staff where they are—literally. From creating engaging one-minute videos featuring everyday healthcare workers to establishing a groundbreaking IT and cyber resiliency team that breaks down traditional silos, Shawna reveals why the best healthcare CISOs are expert translators and relationship builders. She also tackles the tough questions around AI governance, operational resilience in the wake of major industry incidents, and why cyber preparedness must extend beyond hospital wa...

November 24, 2025: Healthcare organizations are drowning in applications they can't even inventory, especially after mergers and acquisitions. But the real shock comes when they try to access archived data years later. Dave Dyell, Managing Partner at Innovative Consulting Group, reveals why cloud storage fees are forcing health systems to rethink their entire archiving strategy, particularly for medical imaging. With AI initiatives on the horizon, the way you archive data today determines whether you can afford to use it tomorrow. Learn why strategic planning for data archiving isn't optional anymore—it's the difference between controlling costs and watching them spiral out of...

November 21, 2025: What if your organization could reclaim millions of dollars just by rethinking processes you already have in place? Bill Willis, CTO of IDMWORKS, discusses the hidden costs plaguing healthcare IT, from runaway cloud storage bills to the shocking economics of password resets. Discover why identity management isn't just a security issue but a massive financial opportunity, how HR-IT integration is transforming onboarding from a week-long wait to day-one productivity, and why the cybersecurity crisis isn't really about technology at all. With real-world examples showing $2.5M to $5M in annual savings, this episode delivers the business case healthcare leaders...

Cybercriminals are escalating their tactics by deploying AI-enabled malware that adapts in real-time. Google Cloud and Anthropic threat intelligence reports reveal attackers using tools like Prompt Flux malware to contact AI APIs mid-attack, rewriting code to evade detection. Threat actors are bypassing AI safety guardrails through social engineering, tricking models into providing malicious capabilities. The underground cybercrime market now offers sophisticated multifunction tools, lowering barriers for less experienced criminals. Healthcare defenders must prepare for adaptive malware that uses generative AI to persist and survive longer inside target environments.

Remember, Stay a Little Paranoid 

X: This W...

November 19, 2025: Healthcare IT infrastructure has become so complex that teams have lost sight of the actual patient impact. Kurt Telep, Healthcare Field CTO at Nutanix, pulls no punches in this conversation about what's broken and how to fix it. From his personal regret about avoiding Kubernetes when it first emerged to explaining why 95% of healthcare organizations will consume AI rather than build it, Kurt delivers hard-earned wisdom on navigating constant technological change. He reveals why security tools become shelfware, how to reconnect IT decisions to clinical outcomes, and why the future belongs to leaders who embrace simplicity over complexity.<...

November 17, 2025: How does a 25-bed critical access hospital successfully stop a cyberattack when larger health systems fall victim? George Pappas, CEO of Intraprise Health, unpacks the Colorado hospital that shows how security culture beats expensive technology. The conversation reveals why vendor transparency remains elusive despite high-profile breaches, explores the harsh reality of hospitals that know their vulnerabilities but lack resources to fix them, and tackles AI governance challenges that traditional testing methods can't address. From Oracle-Cerner incidents to the frozen HIPAA NPRM, this episode delivers hard truths about healthcare security's funding gaps and the practical strategies that actually work...

CISA 2015's temporary extension buys time until January, but what happens next? Drex breaks down the Oracle E-Business Suite ransomware attack affecting 29 victims—including potential third and fourth-party partners in your supply chain. Plus, Google's $32B Wiz acquisition clears a major hurdle, and Armas' $435M funding round signals where security investment is heading. Keep your threat intel pipelines hot and your radar up.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

November 10, 2025: When AWS experienced a major outage affecting over 500 companies, healthcare IT leaders were reminded that cloud architecture isn't just a technical decision; it's a strategic imperative. Vik Patel, COO from Tido dives into the cascading failures that exposed vulnerabilities in healthcare's cloud dependencies. From Epic instances running on AWS to the emerging challenges of AI data lakes, this conversation reveals why simplicity in architecture might be healthcare IT's most undervalued strategy. Discover how de-identifying data reduces risk, why multi-cloud strategies matter, and whether healthcare organizations have the skills needed to architect their cloud future safely.

Key...

Ernst & Young exposed 4TB of client data on an unsecured database, highlighting data hygiene failures even at major consulting firms. India's cybercrime villages have transformed entire communities from agriculture to organized online fraud operations. New AI browsers from Perplexity and ChatGPT lack critical security controls, creating risks as they access cookies, session tokens, and sensitive files. Healthcare leaders must treat these emerging tools like untrusted interns and supervise everything they touch.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Child...

November 4, 2025: Identity has become the foundation of healthcare security, but managing it is more complex than ever. In part two of this UnHack (the Podcast), Mary Dickerson, Associate VP and CISO of UTHealth Houston & Gordon Groschl, CISO and Director of HTM at Texas Children’s Hospitals, explore how organizations are shifting from prevention to resiliency. They also share candid career advice for aspiring cybersecurity professionals, challenging the industry's unrealistic entry-level requirements and explaining why passion matters more than credentials. From volunteer firefighting to CISO leadership, discover the unconventional paths and practical strategies shaping healthcare security today.

Key Po...

November 3, 2025: What are healthcare IT leaders really concerned about? Fresh from three 229 Project summits across the country, Bill Russell, Sarah Richardson, and Drex DeFord pull back the curtain on the most pressing conversations happening right now. From simplifying AI governance with a two-track vendor approach to rethinking hiring strategies for an agent-driven future, this episode captures the pulse of healthcare leadership in real time. Discover why some organizations are solving hundreds of problems while others struggle with their first five, and learn the one-word qualities leaders are seeking in their next hires to thrive in today's rapidly changing landscape.<...

October 29, 2025: When UNC Health embarked on integrating 14 hospitals and hundreds of clinics across North Carolina, they needed more than just technology—they needed a scalable playbook. Brent Lamm, SVP and CIO at UNC Health, joins Glen Phares, National Director for Healthcare Solution Delivery at Experis Health Solutions, to reveal how UNC Health built repeatable processes for rapid M&A integration. From consolidating nine different payrolls into one ERP system to managing infrastructure migrations that enable innovation. With strategic staffing partner Experis, they've transformed what could be overwhelming growth into a competitive advantage. 

Key Points:

Drex explores how Niantic's Pokemon Go used gameplay to crowdsource geospatial AI training data, including strategically placing Pokemon at hospitals and clinics to map sensitive facilities. Players unknowingly volunteered location data, camera scans, and movement patterns through terms of service agreements most never read. A cautionary tale about digital consent and the hidden costs of "free to play" apps in healthcare settings.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

October 28, 2025: Mary Dickerson, Associate VP and CISO of UTHealth Houston & Gordon Groschl, CISO and Director of HTM at Texas Children’s Hospitals, discuss the current research landscape. Identity has become the ultimate battleground in healthcare security, but most organizations still don't have the fundamentals right. From securing non-human identities to enabling research without compromising compliance, these CISOs share hard-won lessons from the frontlines. 

Key Points:

X: Thi...

October 27, 2025: Bill, Drex, and Sarah discuss the realities of implementing AI agents across organizations. The group tackles uncomfortable questions about workforce displacement, the critical thinking skills being lost to automation, and the massive energy demands threatening AI sustainability. From simplifying complex systems to understanding what innovation really means under constraint, This Week Health explores the practical and philosophical challenges facing healthcare technology leaders today. Key Points: 01:28 Upcoming Summits and Expectations05:22 AI Transparency and Critical Thinking17:20 Economic and Quality of Life with AI21:56 Balancing Innovation and Resource Constraints25:57 The Role of Simplicity in Innovation31:10 Healthcare System Complexities
X: This Week...

The future of AI resilience isn't just about firewalls and backups—it's about ensuring power grids, chip fabrication facilities, and cloud infrastructure can withstand attacks and disruptions. As AI becomes critical infrastructure, the question isn't whether it will change everything, but whether we can power and protect it without creating catastrophic business liabilities.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

Multi-factor authentication isn't the bulletproof security measure it once was. Preston Duren, VP of Threat Services at Fortified Health Security, explores how cybercriminals are outsmarting traditional MFA through sophisticated phishing tactics and MFA bombing. The conversation shifts to the debate over platform consolidation—does fewer mean safer, or are we creating attractive single points of attack? With AI rapidly transforming both offensive and defensive capabilities in cybersecurity, the panel tackles the controversial question of whether human oversight will soon become obsolete. Plus, the evolving landscape of cyber insurance and why some health systems are choosing to self-insure. Key Points: 01:20 The Ro...

Cybercriminals are hijacking employee paychecks by exploiting outdated MFA systems in payroll platforms like Workday. Drex breaks down how attackers use sophisticated phishing techniques—including MFA fatigue attacks and session hijacking—to bypass traditional two-factor authentication. Learn why text-based and push notification MFA are no longer secure, and discover how phishing-resistant authentication methods like FIDO2 keys and passkeys can protect your organization from paycheck theft. CISA and NIST recommend upgrading now—before your team's direct deposits sail off with the pirates.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health <...

October 13, 2025: Healthcare IT leaders are exhausted, CIO positions remain unfilled for months, and the pressure keeps mounting. In this candid conversation, Laura O'Toole, CEO and Founder of SureTest, explores why traditional CIO roles are transforming faster than organizations can define them. They discuss the widening gap between leadership expectations and operational reality, the critical shift from problem-solver to coalition-builder, and why empathy may be the most underrated leadership skill in healthcare technology. From managing burnout to navigating constant organizational change, this episode reveals what it really takes to lead effectively when "busy" has become the new normal and the rulebook...

Drex tackles an urgent emerging threat in healthcare cybersecurity: the explosion of AI-generated synthetic media. With Meta's new Vibes video generator and OpenAI's Sora creating hyper-realistic video content from simple text prompts, healthcare organizations face unprecedented challenges in distinguishing real from fake content.

While watermarks and AI labels exist on these generated videos, they're often small, poorly placed, and easily cropped out by malicious actors. This isn't about banning technology—it's about understanding what's coming and getting ahead of it through synthetic media policies, verification protocols, brand protection strategies, and especially employee training to help teams identify an...

October 8, 2025: Bill Willis, CTO of IDMWORKS, joins Drex DeFord to unpack why healthcare organizations struggle with identity and access management despite having the right tools. Bill reveals how healthcare's seven to eight different user personas create unprecedented complexity compared to other industries, and why most IAM failures stem from data and process issues rather than technology gaps. He explains IDMWORKS' free fireside chat approach to helping organizations visualize their entire identity ecosystem, eliminate password-based authentication vulnerabilities, and recapture help desk resources. Bill also shares his roadmap methodology that prioritizes institutional knowledge and data quality before selecting technology solutions. Key Points: 01:36...

October 6, 2025: New research reveals an expected 18% reduction in hiring over the next two years, but this isn't about downsizing—it's about strategic reallocation. Bill Willis, CTO of IDMWORKS, joins to discuss these new breaking statistics. With 62% of organizations prioritizing AI skills over traditional development experience, the industry faces a critical choice between reducing headcount or upskilling existing talent. Meanwhile, cybersecurity experts warn that the traditional network perimeter has vanished, requiring a fundamental rethink of identity management and password-free authentication. Discover why data governance has never been more crucial for successful AI implementation and how smart leaders are preparing for this se...

Healthcare security takes center stage as Ascension's 5.6 million patient data breach leads to prolonged legal battles, while OneBlood settles after a ransomware attack that rippled through the blood donation supply chain. Meanwhile, a potential government shutdown threatens to furlough 35% of CISA's workforce, and the Cybersecurity Information Sharing Act of 2015 faces expiration, putting critical public-private threat intelligence partnerships at risk. Drex breaks down the operational, financial, reputational, and legal consequences facing healthcare organizations in today's threat landscape.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lem...

September 29, 2025: In this episode of Newsday, Drex is joined by Russell Teague of Fortified Health Security for a candid look at the storm brewing in healthcare IT. From the promises and pitfalls of AI to the growing sophistication of cyber threats, they explore how health systems are balancing innovation with risk. The conversation dives into financial pressures, shifting reimbursement models, and the tough choices CIOs and CISOs are facing as budgets tighten. With insights from the front lines, this discussion sheds light on how leaders can think differently, consolidate wisely, and prepare for the challenges reshaping healthcare cybersecurity.

September 26, 2025: George Pappas, CEO of Intraprise Health by Health Catalyst, joins This Week Health for the News. Together, they unpack the Salesforce breaches that turned cybersecurity companies into victims and the explosion of personal injury lawyers now chasing data breach cases. With class action lawsuits up fivefold and cyber insurance policies being voided for non-compliance, they explore whether Epic's bold new AI platform strategy could be the answer—or create even bigger problems. As state cyber funding expires and critical infrastructure remains vulnerable, George tackles the uncomfortable question: in a world where everything connects to everything else, who's really watching th...

The US Secret Service dismantled a covert communication network in New York City featuring 300+ SIM servers and over 100,000 SIM cards capable of overwhelming cellular networks. Drex explores the implications of this "fake telephone warehouse" discovered near the UN General Assembly, discussing how commodity hardware can create denial of service attacks against cellular infrastructure. Key takeaways include the need for healthcare organizations to develop cellular disruption scenarios in incident response plans, maintain alternative communication channels like landlines and satellite phones, and coordinate with carriers on network anomaly notifications.

Remember, Stay a Little Paranoid 

X: This Week H...

September 23, 2025: Sahan Fernando, CISO at Rady Children's Health San Diego, reveals the split-second decisions that keep pediatric healthcare running while under attack. Navigating the stark reality that children's hospitals face the same sophisticated threats as major health systems but with a fraction of the resources, Sahan unpacks how forcing threat actors into high-visibility channels might be the key to catching them faster. Can Health ISAC bridge the massive gap between well-funded health systems and struggling critical access hospitals when developing cybersecurity standards that actually work? Key Points: 09:10 Challenges and Innovations in Pediatrics 17:24 Data Retention and Security 21:43 Managing Systemic Risks in...

September 22: Today on Newsday Sarah and Drex speak with Jacob Hansen, Chief Product and Technology Officer at AvaSure, about virtual care, AI, and more from the news. Jacob highlights the company's focus on inpatient care, virtual observation, and AI solutions. They address the rising expectation for tangible ROI from EHR AI projects, the importance of pilot studies, and the role of virtual care as critical infrastructure in healthcare. Additionally, the conversation delves into strategic approaches to optimizing existing technology in rural hospitals and the necessity for structured governance and clinical change management in implementing new tech solutions.

<...

Drex breaks down why AI models like ChatGPT sometimes fabricate confident-sounding but false information, calling it "bluffing" rather than hallucinating. He explores OpenAI's research on training gaps, alignment issues, and response pressure that cause this problem. For healthcare professionals, he shares practical strategies including setting explicit context rules, demanding source verification, and maintaining human oversight when using AI for InfoSec policies, alert triage, or patient care guidance.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

September 15, 2025: Patients now walk into doctors' offices armed with AI-generated diagnoses and treatment plans—but what happens when ChatGPT becomes your primary care physician? Ryan Bengtson, CEO and Board member at Panda Health, joins the This Week Health team to dive into this shifting dynamic while confronting an imminent government shutdown that threatens to pull the rug out from under telehealth programs and rural hospitals already hanging by a thread. As Epic makes its calculated move into ambient listening technology, disrupting yet another innovative startup space, the panel asks whether we're witnessing Epic stunt healthcare innovation or if it’s just...

Qantas made headlines by cutting all senior executive bonuses by 15% following a data breach affecting 5.7 million customers. This episode explores why cybersecurity accountability should extend beyond IT teams to the entire C-suite, and examines how this approach could transform healthcare cybersecurity investments. Drex discusses the potential impact of tying executive compensation to cyber performance and challenges healthcare leaders to consider putting "skin in the game" when it comes to security failures.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Child...

September 10, 2025: Terri Couts, Chief Digital Officer at Guthrie Clinic, and Rachel Weissberg, Head of Healthcare Provider Strategy (North America) at Neteera, uncover how a simple ambient monitoring partnership is quietly transforming long-term care. How do you detect when a patient is slowly deteriorating before traditional thresholds are crossed? The conversation explores the delicate balance between implementing frictionless technology and managing the human side of healthcare innovation. Terri and Rachel share insights about learning together, adapting quickly, and discovering that the most meaningful patient data takes time.  Key Points: 00:51 The Collaboration Journey 07:51 Data Insights and Patient Care 15:05 Future Directions and Integrations 16:32 A...

September 8, 2025: Ed Gaudet, CEO and Founder of Censinet, joins the This Week Health team for the news. When SalesLoft's Drift chatbot breach exposes over 700 companies through a single API vulnerability, it raises an unsettling question: are we witnessing a preview of something much larger? The security experts shift seats and play the role of the hackers, answering where they would attack first if they were the bad guys. With critical cybersecurity legislation potentially expiring and government support drying up, can healthcare keep up? Key Points: 02:01 AI and Cybersecurity Threats 06:34 Phishing Attacks and Security Measures 12:57 Legal Hurdles in Cybersecurity 19:02 Managing AI...

September 1, 2025: Cristian Rodriguez, Americas Field CTO at CrowdStrike, joins Drex for the news. What starts as a simple phone call to your help desk could be the beginning of a major security breach—but how do attackers make these voice phishing campaigns so convincing? Then, North Korean operatives successfully infiltrate major western companies as remote employees. How are these fake workers passing interviews, and what happens when their paychecks fund weapons programs while they potentially plant malware in critical systems? As the discussion unfolds, Cristian explains how modern cybercrime groups operate like legitimate businesses, complete with organizational structures and sp...

August 25, 2025: Margaret Ptacek, Vice President of Client Solutions from Experis Health, tackles three critical shifts happening in healthcare today. The conversation explores Hackensack Meridian's statewide hospital-at-home expansion and examines how healthcare systems can deliver acute-level care in patients' homes without compromising safety or quality. When staffing shortages threaten a new hospital's ability to provide basic services, the discussion turns to virtual solutions and workforce resilience strategies. Can technology and strategic partnerships solve healthcare's most pressing operational challenges while maintaining financial sustainability? Margaret shares insights from real-world implementations that are reshaping how care is delivered beyond traditional hospital walls. Key Points: 01:38...

This week's cybersecurity updates cover three critical stories: Workday discloses a data breach connected to ongoing Salesforce compromises by the Shiny Hunters group, CEO impersonation scams using deepfake technology surge past $200 million in Q1 losses, and transcription service Otter AI faces a class action lawsuit over alleged mishandling of sensitive meeting data. Drex emphasizes the importance of security awareness training, multi-factor authentication, and establishing "trust but verify" cultures that protect employees who take extra verification steps.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lem...

August 18, 2025: George Pappas, CEO of Intraprise Health, by Health Catalyst, joins Drex for the news. They tackle the pressing question of how CISOs can evolve from security scorekeepers into business transformation leaders who drive real organizational impact. As the hosts examine a recent White House initiative promising patient-centric healthcare, they question whether lofty proclamations can overcome the business interests maintaining today's fragmented systems. Can artificial intelligence finally deliver true healthcare interoperability, or will technical complexities and competitive pressures derail another promising solution? With $4 trillion at stake in the current healthcare ecosystem, they explore whether the industry has the willpower to...

Drex covers three critical cybersecurity trends: companies swapping full-time security staff for platform subscriptions (requiring premium salaries for contract managers), the rise of AI agents in both cyber defense and attacks, and voice phishing campaigns targeting CRM systems like Salesforce that have compromised major brands including Adidas and Victoria's Secret. Healthcare organizations face unique risks from PHI exposure and must balance automation with human oversight while training staff on voice-based social engineering attacks.

August 11, 2025: Josh Howell, Healthcare CTO from Rubrik, joins Drex for the news. They examine the spike of healthcare organization breaches in summer 2025, with threat actors now moving from breach to data exfiltration in minutes rather than weeks. Josh reveals research showing ransomware attacks trigger a 20-40% decline in patient volumes within the first week, but what happens when notification costs exceed settlement amounts? They challenge conventional disaster recovery thinking, questioning whether traditional DR measures address the real problem of rebuilding trust through isolated recovery environments. The discussion also tackles a critical industry issue—how can healthcare organizations break through legal ba...

This episode covers three critical cybersecurity developments affecting healthcare organizations. First, FBI warnings about Scattered Spider ransomware group targeting employees through Slack and Microsoft Teams, including their alarming tactic of creating fake identities to join incident response calls and monitor remediation efforts. Second, leaked chat logs from the Conti ransomware group reveal these criminal organizations operate like structured tech startups with HR policies, management layers, and performance reviews - highlighting the sophisticated nature of modern cyber threats. Finally, CrowdStrike intelligence reveals over 900 North Korean operatives have quietly embedded themselves in US companies using deepfakes and fake identities, wiring paychecks...

August 4, 2025: Colin Banas, MD, CMO of DrFirst, joins Bill for the news. With recent legislation expanding telehealth coverage before deductibles are applied, they examine how healthcare delivery boundaries are dissolving and what this means for the future of patient care. Drawing on fresh insights from the AMDIS conference, the conversation shifts to AI implementation done right, examining Ochsner Health's physician-led approach that delivers measurable results while other systems struggle with governance.  Key Points: 03:39 Major US Health Insurers' New Pledge 08:59 Telehealth Coverage Expansion 14:05 AI in Healthcare: Ochsner Health's Approach 17:38 The Future of AI and Healthcare
News Articles:  Ochsner Health provides th...

Drex covers three critical cybersecurity threats impacting healthcare and beyond: North Korean operatives using deepfakes and stolen identities to infiltrate US companies as remote workers, the Allianz life insurance breach affecting 1.4 million customers through social engineering attacks, and the TTEA dating app's massive data exposure that compromised women's safety information. Essential insights on vetting remote employees, defending against social engineering, and app security risks.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

July 28, 2025: Jacob Hansen, Chief Product and Technology Officer at AvaSure, examines how healthcare is shifting from siloed departments to cross-functional journey teams. How are these collaborative approaches finally breaking through traditional barriers that have slowed healthcare innovation? The conversation explores the emerging world of agentic AI while grappling with where automation enhances care versus where the human touch remains irreplaceable. As ambient clinical documentation technology gains traction and physician acceptance, Jacob shares insights from AvaSure's virtual care maturity model and reflects on what patients actually want from healthcare technology. Can incremental implementation build the trust needed for widespread adoption, and...

This week's cybersecurity roundup covers three critical healthcare security developments. Microsoft patched an actively exploited SharePoint zero-day vulnerability (CVE-2024-38023) that allows attackers with basic permissions to execute remote code and pivot through networks. Two major dermatology practice breaches - Mount Laurel Dermatology and Anne Arundel Dermatology - exposed over 1.9 million patient records through third-party vendor compromises, highlighting the risks of business associate agreements. Plus, cybersecurity expert Paul Conley challenges the healthcare industry's reliance on annual training and phishing simulations, advocating for personalized, continuous human risk management approaches that build actual cyber culture rather than just checking compliance boxes.<...

This episode explores AI-generated music and cybersecurity through the story of The Velvet Sundown, a completely synthetic band that fooled millions on Spotify. Drex examines how AI-generated music, voices, and images can deceive audiences, YouTube's new monetization policies for AI content, and the growing challenge of distinguishing authentic from synthetic media.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

July 21, 2025: Josh Tacey, Enterprise Architect at Omnissa, joins Bill for the news. They discuss all things HIPAA security-related as the refinement process continues to advance. The conversation centers on the controversial 72-hour business continuity requirement—can health systems really restore operations within three days when current ransomware recoveries take weeks? Josh explores whether mandated network segmentation actually helps attackers by providing a standard blueprint, and why Active Directory remains every hacker's primary target.  Key Points: 01:46 HIPAA Security Rule Issues 07:52 Challenges in Network Segmentation 10:58 Access Control and Vulnerability Patching 18:20 Architectural Practices in Healthcare
News Articles:  HIPAA Security Rule
X: This...

In this episode, Drex covers three critical healthcare cybersecurity developments. Cyber attackers are shifting focus from hospitals to smaller physician practices and specialty groups that lack robust defenses, with attacks now directly targeting EHRs and patient portals at the point of care. The May 2025 breach report shows 45 healthcare providers reported breaches in a single month, primarily through network server attacks and unauthorized email access. Finally, healthcare organizations are rushing into AI implementation without proper data governance, creating amplified risks when pulling in massive datasets without understanding ownership and consent structures.

Remember, Stay a Little Paranoid 

X...

July 14, 2025: Kevin Day, CTO at Rhapsody, joins Drex for the news. While 96% of healthcare executives say they're ready for digital health solutions, two-thirds still battle interoperability challenges that create real patient care problems. Kevin and Drex bring up an alarming trend: 28 healthcare breaches affecting over 5 million people in June 2025, with attack vectors evolving from phishing emails to unpatched third-party software. Kevin discusses how AI might solve duplicate patient record problems while revealing why the soft underbelly of healthcare cybersecurity may not be where most organizations think it is. Key Points: 03:59 The Impact of Duplicate Records 06:00 AI and Data Management Solutions 08:14...

Drex covers three major cybersecurity developments impacting healthcare: the expanding North Korean remote worker infiltration scheme targeting US companies with stolen identities and deepfakes, a cyberattack on medical device manufacturer Monic that disrupted critical supply chains, and the suspicious shutdown of Hunter's International ransomware group offering free decryption tools. Essential insights for healthcare organizations on hiring security, supply chain vulnerabilities, and evolving ransomware tactics.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

July 7, 2025: Mick Coady, CTO at Armis, joins Drex for the news. This episode examines a sobering milestone: the first confirmed patient death directly attributed to a ransomware attack on London's blood distribution system. The conversation explores how a single cyber incident creates cascading effects across entire healthcare networks, flooding neighboring hospitals with redirected patients and overwhelming emergency departments. With 28 healthcare security incidents reported in June alone—many involving third-party vendors—the discussion questions whether the industry fully understands how interconnected systems create compounding vulnerabilities. From agricultural equipment with satellite connectivity to medical devices running outdated firmware, every connected endpoint represents a po...

Drex covers three critical cybersecurity developments: Expo's groundbreaking AI-powered penetration testing system dominates HackerOne with over 1,000 vulnerabilities found, Microsoft redesigns the iconic Blue Screen of Death after 40 years, and the Scattered Spider ransomware group pivots from insurance to airline industry attacks using advanced social engineering and deepfakes.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

June 30, 2025: George Pappas, CEO of Intraprise Health by Health Catalyst, joins Drex for the news. They discuss a new H-ISAC white paper and the North Korean catfish issues, speculating on how you can verify identity in a world of AI. Can AI solve the very problems it creates? The most revealing discussion centers on a startling industry survey: nearly half of security leaders now spend more time babysitting their tools than actually defending their organizations. Join the discussion around whether our approach to cybersecurity has become counterproductive. Key Points: 01:29 AI and Digital Identity in Cybersecurity 10:56 Nationwide Recovery Services Breach 17:36 Survey...

Drex covers three critical cybersecurity developments: Scattered Spider's shift to targeting insurance companies including Erie Insurance, Philadelphia Insurance, and Aflac using advanced social engineering tactics; escalating Iran-related cyber threats to US critical infrastructure amid Middle East tensions; and a massive dark web leak exposing 1.6 billion login credentials. Don't miss these actionable security recommendations including reviewing password reset processes, implementing strong authentication measures, and preparing for potential nation-state attacks on healthcare infrastructure.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Child...

June 23, 2025: Samme Diaz, Vice President of Advisory Services at Healthlink Advisors, joins Sarah for the news. How can healthcare organizations address the persistent challenge of EHR-driven nurse burnout when clunky interfaces and poor workflow integration continue to hinder their progress? And as Emory Healthcare pioneers the nation's first Apple-powered hospital environment, what possibilities emerge when consumer technology meets clinical care? Beyond the technology itself, Sarah and Samme draw from their CIO experience to examine the often-overlooked human elements of digital transformation. Key Points: 01:43 Nurses and EHR Burnout 06:52 Emory’s Apple-Powered Hospital 14:34 Challenges and Opportunities
News Articles:  Nurses Continue to Nam...

June 20, 2025: Drex dives deep into a chilling case study of AI-powered financial fraud. Learn how cybercriminals used deepfake technology to steal $5 million through a fake CEO video call, and discover why 90% of internet content could be AI-generated by 2026. Learn what to look for and where the threats are evolving in this episode of UnFake.

NotebookLM podcast sourced from Eric O’Neill | Speaker, Cybersecurity Expert, Legendary Spy Hunter

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

Drex breaks down three critical cybersecurity developments healthcare organizations need to monitor. First, escalating geopolitical tensions suggest increased cyber attacks from Iran and allied nations targeting U.S. critical infrastructure, including healthcare systems. Second, Vanderbilt University Medical Center reports sophisticated Microsoft Teams impersonation attacks where scammers pose as supervisors to request urgent actions like software installation or payments. Finally, deepfake fraud attempts skyrocketed 1300% in 2024, with new "spoofing as a service" platforms making AI-powered voice and video scams more accessible to cybercriminals. Healthcare IT leaders should prepare defenses against these evolving threats and educate staff on verification protocols for suspicious...

After a HIMSS conference presentation on North Korean hackers posing as remote employees led him down an unexpected rabbit hole, Drex unveils his new intermittent series "UnFake". Dive into a world of digital deception and synthetic media, as Drex sets out to help you the listener stay protected and discern fact from fiction in the increasingly complicated field of cybersecurity.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Ale...

June 16, 2025: Philipp von Gilsa, CEO of Kontakt.io, joins Bill Russell for the news. What happens when America's hospitals reach dangerous occupancy thresholds that could make them unable to function properly? And as workplace violence against healthcare workers spikes, what combination of technology and process can effectively protect staff? The conversation delves into the tension between technology capabilities and practical healthcare applications, questioning whether approaches to new innovations like AI are simply recycling the same discussions we've had about cloud and IoT in previous years. As healthcare leaders face these converging challenges, how can they remain focused on core priorities? ...

Drex covers three critical cybersecurity incidents: dual cyber attacks affecting healthcare systems in Lewiston, Maine; an AT&T database breach exposing 86 million records with decrypted sensitive data; and concerning backup management issues at login.gov that could impact government service access. The episode concludes with a practical reminder to test backup systems regularly.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

June 9, 2025: Healthcare organizations face an unprecedented challenge as potential Medicaid cuts threaten heavy IT staff reductions, but what if the real solution lies hidden in plain sight within their own systems? Jason Rose, CEO of Clearsense, discusses how "zombie applications" - applications that are neither fully alive nor completely dead - are silently draining millions from healthcare budgets. The conversation delves into the harsh realities of crisis governance models, the hidden costs of transition service agreements, and whether healthcare leaders are prepared to make the difficult operational decisions required in the days ahead. Enjoyed the Discussion? Dive Deeper with “How Ap...

Drex covers four major healthcare cybersecurity developments: Kettering Health's Epic systems recovery following their May 20th cyber attack, with core components now operational while inbound calling systems remain down. Covenant Health faces a new cybersecurity incident affecting three hospitals in Maine and New Hampshire. Seattle's Fred Hutch Cancer Center agreed to a $52 million class action settlement after criminals from their 2023 breach directly threatened patients with data exposure. Plus, a mysterious whistleblower called "Gang Exposed" has leaked thousands of chat logs and documents exposing key figures in the Conti and TrickBot ransomware operations, potentially providing crucial evidence against Russian cybercriminals.<...

Drex covers Kettering Health's week-long cyber attack recovery with radiation oncology back online, the mass exodus of CISA leadership amid federal downsizing, and the growing frustration over lack of comprehensive federal cybersecurity strategy for healthcare. Discussion includes regional coordination during cyber incidents and the reality that hospitals are fighting nation-state actors without adequate government support.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

June 2, 2025: Chris Jenkins, EVP of Digital Strategy and Enterprise Imaging for Healthlink Advisors, joins Bill for the news. As the industry appears to shift focus from cybersecurity to AI adoption, they explore whether this transition is happening too quickly. Then, what does it mean when four major health systems make strategic investments in companies like Rad AI? The conversation also covers Emory Healthcare's decision to deploy the first fully Apple-powered hospital, raising questions about whether this represents a meaningful shift away from traditional Microsoft-dominated environments or simply an expensive experiment.   Key Points: 05:00 AI Imaging Expansion 09:05 Google I/O and Use Ca...

Drex explores two critical cybersecurity threats facing healthcare: the rise of "vibe coding" where non-programmers use AI like Anthropic's Claude to create functional code, creating potential operational risks from undocumented projects, and increasingly sophisticated AI deepfakes from tools like Google's VO3 that cybercriminals are weaponizing for phishing attacks. He emphasizes the need for healthcare leaders to inventory AI coding projects and prepare defenses against deepfake-based social engineering, while previewing his upcoming discussion on North Korean cyber operations targeting Western companies.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

May 26, 2025: Ryan Pfeffer, Head of Engineering at Notable, joins Sarah for the news. How are healthcare CIOs navigating the overwhelming influx of AI vendors in a market projected to exceed $500 billion by 2032? The conversation explores the practical challenges of integration, testing processes, and the importance of transparent, explainable features. How is natural language processing transforming healthcare communication and documentation? Ryan shares compelling success stories of staff freed from mundane administrative tasks, from managing faxes to streamlining prior authorizations. As AI literacy becomes what Shopify's CEO called "essential for workforce survival," what is the right balance between automation and human...

Drex covers in-depth look at the ongoing ransomware attack on Kettering Health, attributed to the Interlock gang known for double extortion tactics - stealing data before encrypting systems. The health system demonstrates exemplary crisis communication while maintaining operations and warning patients about related scams. Next, the Scattered Spider cybercriminal group shifts focus to European retail, using social engineering tactics and freelancer networks to target help desks and employees for credential theft. Finally, a massive data scraping incident exposes 1.2 billion Facebook records on dark web marketplaces, including names, emails, birthdays, and phone numbers. Essential updates for healthcare security professionals navigating today's...

Drex covers three critical cybersecurity stories in healthcare: Kettering Health Network's ransomware crisis affecting 14 hospitals with patient data at risk, a landmark $700,000 civil penalty against Breach Forums founder Connor Fitzpatrick, and the release of Have I Been Pwned (HIBP) 2.0 with enhanced breach monitoring capabilities. Stay informed on the latest healthcare security threats and solutions.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

May 26, 2025: Amy Oliver, VP of Marketing at Panda Health, joins Sarah for the news. What does World Health Day 2025's focus on maternal health reveal about global disparities, and how can digital solutions bridge these gaps? The conversation delves into alarming statistics showing the United States has the highest maternal mortality rate among developed nations, with 80% of these deaths being preventable. How are states addressing social determinants of health for pregnant Medicaid beneficiaries, and what role does technology play in connecting clinical care with social services? Sarah and Amy examine the Commonwealth Fund's 2024 State Scorecard, highlighting dramatic geographic disparities in...

Learn about a new VMware Tools vulnerability allowing privilege escalation, Microsoft's Patch Tuesday releasing fixes for 70 vulnerabilities including 5 actively exploited zero-days, and Apple's comprehensive OS updates. The episode highlights the importance of patching industrial control systems from Siemens, Schneider Electric, and Phoenix Contact that may be present in healthcare facility automation, EV charging, and data center power systems.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

In this episode, Drex covers three key security stories: the HSCC's "On the Edge" report on rural healthcare cybersecurity vulnerabilities, Mossimo's security breach affecting their manufacturing operations, and the hacking of LockBit ransomware gang which exposed Bitcoin wallets and negotiation messages. Drex also mentions his panel at HIMSS Southern California on healthcare cybersecurity.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

May 12, 2025: Drex DeFord and Sarah Richardson join Bill for the news. How do you prioritize when everything seems urgent? The group shares stories of impossible expectations and political realities while debating the true cost of innovation in healthcare. Bill, Drex, and Sarah discuss the rising number of CXOs who are shifting to new jobs throughout the industry. With insider insights, this discussion pulls back the curtain on what it really takes to lead technology in an industry where lives, not just dollars, hang in the balance. Key Points: 02:57 Governance Expectations Rising 15:55 Mass CIO Job Shifts 17:59 The Importance of Networking and...

In this episode, Drex highlights former HCA CSO Paul Connolly's practical cyber insurance guidance, introduces OpenAI's new "Operator" AI agent that can independently perform web tasks, and examines the emerging organizational risks of "shadow AI" as employees implement unauthorized AI solutions in their workflows without proper oversight.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

Drex DeFord covers critical security updates affecting healthcare organizations. Ascension Health is notifying hundreds of thousands of patients about security incidents involving third-party partners. UnitedHealth Group has deployed thousands of AI applications across their operations. A new study reveals alarming password practices, with 8-character passwords and common words still widely used. Microsoft is making all new accounts passwordless by default to combat these vulnerabilities.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

May 5, 2025: Christian Boucher, Head of Healthcare Strategy and Solutions at Island, joins Drex for the news. They discuss the recent VMware price shock situation, diving into a deeper industry-wide issue: what happens when healthcare becomes overly dependent on specific technology pillars? Are health systems flexible enough to pivot when market forces dramatically shift the technology landscape? Throughout their discussion, Christian emphasizes the value of community collaboration in solving these complex problems, suggesting the future lies in healthcare organizations working together to test emerging technologies rather than each institution going it alone.   Key Points: 06:41 A Vital Community 07:47 VMware and Price Shock 11:05 A...

Drex covers essential cybersecurity reports including the HIMSS Survey, Cincinnati's Healthcare Cybersecurity Benchmarking Study, CrowdStrike's 2025 Global Threat Report, and Verizon's DBIR. Also highlighted: an Oracle engineering error affecting 45 hospitals' EHRs, Yale New Haven's breach impacting 5.5 million patients, and Blue Shield of California's Google Analytics configuration mistake exposing 4.7 million patients' data.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

Drex covers three critical cybersecurity stories: The FBI's annual Internet Crime Complaints Center report revealing a 9% increase in ransomware attacks and 67 new ransomware variants; JP Morgan Chase's CISO's open letter on third-party supply chain vulnerabilities; and a major data breach at Work Composer exposing 21 million employee screenshots stored in an unsecured Amazon S3 bucket. Key lesson: properly secure your cloud storage configurations.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

April 28, 2025: Laura O'Toole, CEO of SureTest, joins Sarah for the news. What strategies can healthcare leaders implement to demonstrate measurable ROI while addressing staff burnout and retention issues? The conversation delves into the delicate balance between innovation and change management, revealing how automation can empower healthcare professionals to focus on true, meaningful work. Laura shares valuable insights on building trust during digital transformation, emphasizing that leadership and connection remain at the heart of successful implementation strategies that create sustainable efficiency gains. Key Points: 02:08 A New Perspective on Chasing ROI 07:26 Case Studies and Real-World Examples 11:23 Cybersecurity and Virtual Healthcare 18:54 Navigating Workforce...

Drex covers three urgent cybersecurity threats: a cybersecurity CEO caught installing malware on hospital computers in Oklahoma, government systems shutdown in Abilene following a cyber attack, and a dangerous malware campaign targeting Cisco WebEx users. Learn how employee vigilance stopped the hospital breach, how Texas is responding to reduced federal cybersecurity support, and critical steps to protect your organization from the WebEx vulnerability.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

Drex covers three key security stories: Secretary of Defense Pete Hegseth's alleged sharing of classified information via Signal, resulting in a 13% increase in Signal usage; CISA recommendations following two Oracle breaches affecting healthcare customers and Cloud login data; and crosswalk buttons being hacked to play AI-spoofed voices of tech executives due to unchanged default passwords.

X: This Week Health

LinkedIn: This Week Health

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

April 21, 2025: Nikhil Buduma, Co-Founder and Chief Scientist of Ambience Healthcare, discusses healthcare's past and how AI is shifting its future. As Nikhil reflects on 25 years of hospital operations evolution they contemplate whether the administrative burden placed on clinicians was an unintended consequence of digitization. What could healthcare look like in the next decade if AI becomes the steward of continuous patient care, allowing physicians to practice at the top of their license while focusing on meaningful human connection?    Key Points: 03:02 Reducing Clinician Burden with AI 08:39 Evolution of Hospital Operations 14:35 Future of Healthcare: 2030 and Beyond 19:20 Cloud Computing in Healthcare
  News Art...

Drex covers three critical security stories: the government's reversal of its decision to defund Mitre's Common Vulnerability and Exposure (CVE) program, a ransomware attack on DaVita's 3,100+ dialysis facilities across 14 countries, and former CISA Assistant Director Chris Krebs' resignation from Sentinel One following an executive order targeting him.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

Drex discusses significant disruptions in federal cybersecurity leadership, including the investigation of former CISA Director Chris Krebs, government officials withdrawing from the RSA Security Conference, and potential 40% personnel cuts at CISA. Drex emphasizes that healthcare organizations should not expect federal cybersecurity assistance and must instead build their own community of security partners and resources.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

April 14, 2025: George Pappas, CEO of Intraprise Health, joins Drex DeFord for the news. The conversation explores Chris Hughes' insights on how machine-readable security controls and dynamic monitoring could revolutionize cybersecurity frameworks. How are rural hospitals surviving in a landscape where financial constraints clash with escalating security demands? The discussion takes a critical look at the regulatory environment, where HIPAA audits have been sparse since 2017 despite record-breaking breaches. George illuminates the complex intersection of healthcare economics, regulatory oversight, and cybersecurity imperatives that organizations must navigate.   Key Points: 02:09 Discussion on GRC and Cybersecurity 08:14 Microsoft's Rural Hospital Program 13:37 Upcoming HIPAA Audits and Challenges Duration: 00:18:28

Excited to share with you our new direction.

Drex examines The alarming rise of intimate deepfakes targeting primarily women and children, with 18 states currently offering no legal protection against these digital sex crimes. Various state legislative efforts including Montana's focus on combating political deepfakes, particularly within 60 days of elections; and OpenAI's first investment in cybersecurity through a $43 million funding round for Adaptive Security, a company specializing in training organizations to recognize deepfake attacks and phishing threats.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand...

Kate Gamble and Sarah Richardson explore Apple's reported development of an AI-powered health coach, potentially branded as "Quartz." They discuss how this technology would leverage Apple Watch and iPhone data to provide personalized health advice on sleep, activity, stress, and mental wellbeing. The hosts examine the implications for healthcare IT leaders, including privacy considerations with on-device AI processing, integration challenges with clinical workflows, and changing patient expectations.

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

April 10, 2025: Sarah Richardson and Kate Gamble examine the proposed merger of the Agency for Healthcare Research and Quality (AHRQ) with the Assistant Secretary for Planning and Evaluation to create the new Office of Strategy. They explore expert concerns about potential reductions in safety research and disruptions to quality initiatives, including AHRQ's goal to reduce patient and workforce harm by 50% by 2026.

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

Drex covers three critical cybersecurity stories: Oracle's evolving response to two separate breaches affecting healthcare customers, with the company gradually changing its stance from denial to downplaying the significance of compromised data. Next Arizona-based Simon Med imaging practice facing multiple federal class action lawsuits after the Medusa cyber gang stole sensitive information from over 132,000 patients across seven states. Ukraine's innovative cyber warfare tactic of planting malware on drones that are captured by Russian forces, creating a cybersecurity trap when Russians attempt to study or reprogram the devices.

Remember, Stay a Little Paranoid 

Duration: 00:04:13

April 9, 2025: Kate Gamble and Sarah Richardson discuss a class action lawsuit filed against Penn Medicine regarding its exclusive contract with Independence Blue Cross. The hosts explore how this exclusivity affects patient choice, healthcare access, and market competition in the Philadelphia region. The conversation highlights the growing national scrutiny of healthcare consolidation and encourages IT leaders to evaluate whether their partnerships and systems enhance or restrict patient choice.

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

April 8. 2025: Sarah Richardson and Kate Gamble discuss critical strategies to address emergency department boarding, a significant patient safety concern. They explore key recommendations from the AHRQ summit, including public reporting standards, real-time regional bed tracking systems, payment incentives, and alternatives for psychiatric patients.

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer