This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.
Hey everyone, I'm Drex, and this is The Two Minute Drill, where we do at least three stories, at least two times a week, all part of one great community, the 229 Cyber and Risk community, here at This Week Health. Order is the exclusive sponsor of The Two Minute Drill. Their latest product, Chasm, is available now in the AWS Marketplace.
It's a great way to find and eliminate blind spots. Find out more at thisweekhealth. com slash order. ORDR this week, health.com/order. And by the way, I do two other podcasts here at this week, health and in an odd twist of fate, like weird cyber planets lining up both those shows. Release new episodes this week.
The first one is called UNH Hack the News. It's where we dive into some of the latest security stories and issues. The new issue was with Christian Rodriguez from CrowdStrike. And he rocks the program. And the second show is called Unhack the Podcast. And there's a bunch of great guests on that one. Dee Young from UNC Health and Jesse Fasolo from St.
Joseph's, just to name a couple. There's a whole list of great folks. And in that episode, we talk about CISOs and CTO relationships and how to make them better. So check those out. Just look up This Week Health, wherever you get your podcasts. Okay, here we go. Thanks for joining me today. I'll Here's some other stuff you might want to know about.
By now we all know cyber attacks on health systems can be dangerous for patients and families, but a story on NPR really lays out some frightening details about the near misses that have been reported by clinical staff during the recent Ascension hack. Those close calls include a number of medication administration issues, delays of treatment because of lost lab tests, and a lack of routine safety checks that had been built into EHRs.
But the EHR was offline after the attack. Doctors and nurses interviewed for the article restated what a lot of us already know. Taking care of patients without the EHR is Dangerous for patients, but it's also incredibly stressful for providers. They're afraid they'll make mistakes and harm or kill patients and lose their medical licenses as a result.
Hospitals usually say they're prepared for this kind of disruption. And I think that's probably true in the short term, but when the outages extend into workarounds are not extendable in a safe way. As one smart CISO explained it to me yesterday, An extended downtime plan is not just a short term downtime plan, just longer.
Long term outages demand a different kind of business continuity plan. You can't fake it. Sticky notes and whiteboards and spreadsheets and extra pizza delivery won't cut it. If you've not read this story, you should. It's posted at ThisWeekHealth. com slash news right now. Change Healthcare is ready to tell connected providers what data was taken in the February breach that massively impacted care and caused a financial crisis for many healthcare organizations.
That data could include health insurance policy numbers, diagnosis and test results, payment card information and account numbers, medicines, images, care and treatment information, social security numbers, and more. Passport numbers, driver's license information, and Medicare and Medicaid numbers. Remember too, if you're a healthcare provider, HHS says that you can allow Change Healthcare to contact your patients to let them know their data has been put in jeopardy.
That's up to you. Up to a third of the U. S. population may have had data stolen, making the Change Healthcare cyber attack one of the largest in history. Please authentication. And finally, if you're a Google Pixel user, There's an update you really need to apply to your phone. Among other things, there's a patch in there for a zero day exploit that's being leveraged by the bad guys right now.
Thanks always to our partner Order, the exclusive sponsor of the 2 Minute Drill. Order can help with security hygiene by identifying assets with vulnerabilities, missing critical security controls, or out of date software. Check out ThisWeekHealth. com slash order for more information. That's it for today's two minute drill.
I appreciate you being here. Stay a little paranoid. I'll see you around campus.