Hey everyone, I'm Drex and this is the 2 Minute Drill brought to you exclusively by ORDR, the Connected Asset Visibility and Security Company. ORDR brings nearly instant visibility to everything on your network with hardly any setup time from your team. Find out more at thisweekhealth. com slash ORDR, that's O R D R, thisweekhealth.

com slash ORDR. On the 2 Minute Drill, we do at least three stories at least two times a week, all part of one great community, the 229 Cyber and Risk community here at This Week Health. Thanks for being on board today. Here's some stuff you might want to know about. Last week I talked about CISA's Ransomware Vulnerability Warning Pilot, and today I saw that nearly a thousand organizations patched systems or took other steps to protect themselves when contacted by CISA about risky software.

The Cyber Hygiene Program is no cost to you as a healthcare organization. And CISA says those involved in the program have reduced their risk exposure up to 40 percent within the first 12 months. And most organizations see significant improvement within 90 days. Check cisa. gov for more details. U. S.

Remember, change healthcare hasn't reported yet. The issue over online tracking code isn't new. It's used to collect information about users online activity with the intention of being able to better serve them information they might need or want. The technologies are usually found on websites and mobile apps.

There also continues to be a significant amount of controversy over this issue. The U. S. Department of Health and Human Services Office of Civil Rights issued guidance a year ago about tracking technologies and why and how this tech can violate HIPAA. And then they updated and clarified the guidance recently after being sued by the American Hospital Association.

My best advice, know what tracking technologies you're using on your websites and your apps. You may be using them or third parties may be using them. So have an inventory and know what they do. And as with most things, ask everyone involved. Do we really need to run this stuff? Or are we just running it because we can?

Second, talk to your general counsel about this. The definitions and the circumstances on how you can get into trouble with this stuff is complicated and vague. Third, just watch for new updates from HHS on tracking technologies. And I'll do my best to keep you posted. There's a story in ARS Technica about Logitech's newly announced mouse.

And while it's just a mouse, so what could be the big deal? It opened up a whole can of worms about artificial intelligence, because the new mouse has a button that launches chat GPT prompt builder. Which, okay, might not be a big deal, but Shana Hofer, the CISO at St. Luke's Boise, touched on this a bit during our recent Unhack the Podcast episode.

It kind of feels like AI is being built into everything we touch these days. I don't want to say it's being shoved down our throats, but it might be on the verge of feeling, you know, a little pushy. I know many of you are writing policy about using AI and directing that it only be used for certain kinds of work and only in certain ways, in an effort to protect privacy and intellectual property, but When a new key has been introduced to Microsoft's keyboards for the first time in years, and the new key launches Copilot, I wonder if we're past the point where we can control this stuff via policy.

So just know that every day the people in your organization are opening applications that they use as part of their work and they're finding new capabilities in drop down menus or in a new toggle on the screen that offers them AI help. And in some cases, They may not even know they're using these new capabilities.

They're just there and they're automatically turned on helping in the background. So I know there's a lot to do, but generative AI is coming up fast. Keep your eye on it. It's great. But as with all things, there's a potential downside. Technology like this isn't inherently good or evil. It's the way it's used or abused that makes us think of it like that.

There's a lot more stories we post in ThisWeekHealth. com. We work with CXOs across the country, like you, who help crowdsource curated healthcare news that's updated regularly. So take a look. at thisweekealth. com slash news. And that's it for the Two Minute Drill. Thanks again to our partner ORDER, the exclusive sponsor of the Two Minute Drill.

And you can see them coming up at RSA. That's really coming up pretty fast. And talk to them about ORDER AI Chasm, which is also available in the AWS Marketplace now. Thanks for your time today. Stay a little paranoid. I'll see you around campus.