This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

 Today, on this week in Health it. But remember, our technology was bound to the four walls of the hospital right now as you've journeyed the past 16, 17 years. It's completely different. There is no perimeter for healthcare anymore, and I love it because I see technology as the enabler to change how we deliver patient care and create quality and better outcomes.

We need to think about how we do it a little bit differently.

It is Newsday. My name is Bill Russell. I'm a former CIO for a 16 hospital system and creator of this week in Health IT at channel dedicated to keeping Health IT staff current and engaged. Special thanks to Sirius Healthcare Health Lyrics and Worldwide Technology who are our new state show sponsors for investing in our mission to develop the next generation of health IT leaders.

A common question I get is how do we determine who comes on this week in health it, to be honest, it started organically, it was just me inviting my peer network and after each show I'd ask them, is there anyone else I should talk to? The network group larger and larger, and it helped us to expand our community of thought leaders and practitioners who could just share their, their wisdom and and expertise with the community.

But another way is that we receive emails from you saying, Hey, cover this topic, have this person on the show. And we really appreciate those submissions as well. You can go ahead and shoot an email to hello at this weekend, health it.com. We'll take a look at it and see if there's a good fit to bring their knowledge and wisdom to the community as well.

Alright, it's Newsday and we've got a lot of interesting stories. It is Cybersecurity Awareness Month, so we're gonna do a couple cybersecurity stories and take a look at those. And to kick that off today, we're joined by Chris. The chief Security officer for Cincinnati, formerly Chris was with VMware. I worked a lot with him at VMware, and he's been at various other security positions over the last two decades, two decades in cybersecurity.

And doesn't it look like you have much gray hair at all? Congratulations Justin. My beard now, not in my Wow, not in the top side, . Wow. How do you do that? I mean, literally you've been doing this since the late nineties. You've been in security of some way, shape, or. It's, it's really changed us then. Ha hasn't it?

It ha Well, I started in the Marine Corps, so we were using systems to help the battlefield frontier, right? So it was always about least privilege and understanding who had access to what and protecting the most critical elements of how we were utilizing technology because. Lives mattered in that space.

That was the big push. So it was very, it was very laser focused when I was there. And then when I got out of the military, I went through a couple of different industries. So I was in higher education for a little while, which is like the wild west. I was in banking and finance and I wound up landing in healthcare.

It was kind of the best of both worlds early on. Early two thousands was really just that tipping point of where we were starting to use technology to provide patient care. Security was an afterthought. So when I hit the tip of the spear in that first health system, when I was at Lifespan, we had all the right things to block and tackle.

But remember, our technology was. Bound to the four walls of the hospital right now as you've journeyed the past 16, 17 years, it's completely different. There is no perimeter for healthcare anymore, and I love it because I see technology as the enabler to change how we deliver patient care and create quality and better outcomes.

We need to think about how we do it a little bit differently. There'll be no shortage of opportunity for security practitioners in the healthcare field for many decades to come. So if anybody's looking to get into a field. You want to be a security practitioner, healthcare is probably where you can make your bones and do it in a very, very intuitive and ingenious way.

And so you have, uh, remote patient monitoring is gonna be huge during the pandemic, as is a work from home. Right? And some of these people are going home and they're working from home on their kids' computers. 'cause we as organizations had bought them new computers and sent them home with new computers or set them up with ergonomic desks and that kinda stuff.

Now some of that has been taken care of since. It really is true that the perimeter is, is nebulous at this point, and so it becomes, you need a new set of technologies. It's not just set up the VPN, you know, set up the controls, set up the whatever. You have trusted sources all throughout your community, coming into your health system, depositing data, taking data out.

Now you need much smarter technology to see what's actually . Going on, on that wire and, and just identifying where it's coming from and how it's being used. It, it, it is kind of crazy. Well, we're gonna start with two stories. First one, ransomware impacts patient care. We're gonna talk about the innovation.

We're gonna talk about Best Buy, acquiring Current Health. 'cause I think that's an interesting story. I was talking to somebody yesterday and I was talking about Best Buy Health, and they're like, is that. Best Buy. Best Buy. I am like, yeah, that's Best Buy. Best Buy. And they are very much going after the healthcare space.

And we're gonna close out, so you're gonna wanna hang in there to the end. We're gonna talk about the Business Insider story on Apple's missteps in healthcare. So let's start with ransomware impacts patient care. I think we. We knew this was the case. There was a study that was done. The story is in , which is one of my favorites.

To pick up stories, lemme give you an excerpt. Healthcare delivery organizations are under siege as 67% have been victims of ransomware attacks. One third of those said they experienced two or more, less than half. The respondents completed a risk assessment of their third party security vendor before contracting with them, and more than a third said the assessment conclusions were ignored.

Report found. Gosh, I'm gonna stop there for a second and say, does that surprise you that so few are being assessed and the ones that are being assessed as being ignored? It does surprise me by the way that the findings are being ignored. I think this is the elephant in the room again. So if you go back to think about, I.

So think about this for a second. When we were a pen and paper for healthcare delivery, it was simple. You had somebody push the cart from medical records department, you got that full record. Maybe you could read it, maybe you couldn't. Electronic medical records come to bear right now. I can read the note.

Is it the right note? There is a whole litany of conversation we can have there, but the availability of the system is so damn critical now to ensure that patient's safety. At the end of the day, if I don't have that information, how can I treat that patient if I don't know what their background history is, right?

Their administrative systems. 'cause it was really making the endpoint unavailable. Now it's, it's matured and it's grown because the bad guys have figured out that there's money to be made here. And especially in healthcare, because think about this for one second. If I have to divert patients. What's the impact to the patient?

That's the thing that we're not measuring, and I think that's what the article and the, that research brings to light is we need to start looking at this from a different lens because of the way that technology's so deeply ingrained in how we deliver patient care, I. What are the mortality rates related to?

If the EHR is not available, how do we start to quantify that? So I think it's good now that it's out there. We're having a conversation. I know in, in certain circles that I'm running in, we're starting to have deeper conversations about what ransomware means to mortality rate, because the nature of the availability of the system so critical.

Yep. The numbers I've been talking about. Is the number is public now around the Scripps attack, and that is roughly 110, $115 million is what it costs them over a 30 day outage. And they may not be fully back. Scripps is notoriously close to the vest. You really only hear from their CEO for the most part.

And other organizations have been more open, but no one has spent that magnitude in terms of size that we could measure. But you could look at it, you know, roughly, you know, $3 billion. Healthcare organization outage, electronic health record outage for a month, and you're looking at $110 million. So there's one measure.

We also have the death in Alabama has been directly attributed to a ransomware attack. And so now you literally have mortality. But what you're talking about, and it is referenced in this story, nearly one in four healthcare providers. Reported an increase in mortality rate due to ransomware. The onset of Covid 19 introduced new risk factors to healthcare delivery organizations, including remote work, new systems to support it, staffing challenges, and you name it.

So that creates the framework for this being a challenge. And as you say, the, the research results in an urgent wake up call for healthcare industry to transform its cybersecurity and third party risk programs, or jeopardize patient lives. The research was done by the . Institute a research center focused on data protection, surveyed IT professionals at nearly 600 healthcare organizations defined as entities that provide clinical care and rely on third party security contractors.

These are organizations include health systems, physician groups, and payers. So that's the group they're talking to. Lemme give you one more thing. While the average number of third party tech contractors who services organizations employ is 1,950. Is expected to grow to 25 41. On average over the next year, the analysis forecast, about 43% of those vendors have access to personal health information, putting healthcare delivery organizations at additional risk for both data breaches and ransomware attacks.

The reason it's surprising to me that we're not following up on those assessments of those organizations is because I, I have contracts, uh, I do consulting as well as the content, and I have contracts with healthcare organizations and it's just me. Generally being advisory services. I'm not gonna access any healthcare information whatsoever.

And you'd be surprised the forms they make me fill out and the questions I get and I'm like, look, I, I have executive coaching contracts with CIOs. We're not gonna talk about patient records. I'm not gonna access patient records. It's just, it's a zoom call. It's, it's, you and I are talking about how you're gonna do your budget this year and that kind of stuff.

And I have to fill out. Five pages of stuff on security, and then I get follow up emails and phone calls, . I'm like, uh, I'm like, it. It would appear to me that people are taking this seriously and I wonder if this is a, a case that scale gives people the ability to have better controls and processes in place.

Do you find that to be the case? I think it does, but I think I wanna har, I wanna go back to something that you said. It's understanding your risk too. I think that's one of the things that we've fallen a little bit short on is that we try to lump everything into this high risk category bucket, right?

Because now we're so afraid of what the outcome could become with things like ransomware, other types of attacks. I would consider your contract low risk. There's no reason for you to go through that entire process. I should be focusing if I'm the health system on the high risk. High touch areas and making sure those are sound and rock solid.

Right. I know that we're gonna have a Zoom call at no point in time you ever have access to my network. Right. We're just gonna have a conversation over Zoom. Now, does that create a security problem? Yeah, because there are ways that if I'm using my personal device on my corporate network and I'm not looking at it from that new perimeter perspective, I could get something bad on my device that does get onto my corporate network.

I should have additional controls in place. I think we need to start measuring our risk. By the severity of what that risk could be. And that's something that we need to, in healthcare in general, we need to get better at. I, I think we try to lump everything into one category, which is why nobody's looking at all the vendors.

They're just doing a handful, no tier that risk by who's most important and what's most critical to continue to run, make sure they're doing what they're supposed to do, and then drop that back down. Based upon those layers of risk criticality, we'll get there. It's a maturing process for organizations that understand clinical risk really well.

Right? So healthcare gets clinical risk like nothing else. Their business risk, they get it. Technology is kind of this new frontier. We adopted it to solve problems. Maybe we got pushed into it because of the High Tech Act, so now we need to catch up. We shouldn't have thought about security and risk as an afterthought.

It should have been great at the tip of the spear. So we're not bolting it on, but it's part of the DNA and the fabric of who we are as a culture. We'll get there. It's, it's also part of our DNA, not to spend money on something until it becomes urgent. Unfortunately, we had the one WannaCry attack, but it didn't really, I don't know, wake us up.

If, if you will, but this latest rash of attacks through the pandemic has been a wake up call. And for someone like, like Scripps to go down the way they, that they did. In a very public way, I think has gotten the attention of not, there's two kinds of attention in healthcare. There's the, Hey, we need to pay lip service to this, and the CEO needs to have some talking points around this, and then there's the budgets are gonna increase.

We need to spend more money on it, that kind of stuff. I'm talking to CIOs that's happening. They've gone to the board, they've been asked questions about their cybersecurity posture. They've asked for additional money, and they're getting additional money. So I think that's a, that's a positive step. Lemme take you to the next story.

So adopt this Security Standards Healthcare Leader urges. This is from SC Magazine, from SC Media, and here we go. At a basic level, the healthcare sector is a human focused business with highly advanced technologies and public expectations to drive innovation. Often within stringent resources, despite a tremendous amount of endpoints and advanced technologies, providers must protect themselves using the

Healthcare insurance, hipaa. Essentially the HIPAA rule. The trouble with the rule is it just has 42 controls compared to NIST Cybersecurity framework Standard employed by a vast majority of other industries except in healthcare. NIST has all the controls that an entity might need to consider. And it's kept up to date.

The HIPAA security rule primarily focused on the controls necessary to achieve privacy because that is what HHS was focused on at the time. The original rule and requirements had just 42 elements compared with nist, with 300 controls routinely reviewed by researchers, and while the sector has moved away.

From the checkbox compliance security method, HIPAA remains a bar for security measurements despite its shortcomings. He goes on to talk about how he's recommending that every healthcare organization adopt or even be forced to adopt the NIST framework. I, I assume you're in agreement with this. We adopted NIST back in.

So I'm fully in favor of NIST as the standard. The HIPAA security rule had things that were required. Some that were just recommended. So for , I mean right there, if you think about security controls in general, how can you recommend a control like annual audits are required? Well, is that recommended? No, that's a requirement.

These things should be requirements and it hasn't changed. I think that's the big rub here, is that it had great intentions. But it never continues to grow with the changing landscape. Now, where N comes to bear is that it continuously changes. It's something that gets looked at on an annualized basis by the federal government.

Now, I don't, I don't know if I agree with requiring it again, and this is one of those areas, we've had this conversation before about a number of different things. Can you actually mandate some of those controls within the framework? I think your business. Determines what those controls should be and the level of that control that's implemented.

And a perfect example is, is that if I'm reaching out into the community, maybe there's specific guidelines and controls that say I have to have X. Well, if that limits my ability to take a service and drop it into a patient's home, I. I can't have X, especially if my business model is at home healthcare using technology.

So there has to be a balance here, but I think as a framework, as a starting line, as the foundation for any program that's out there, this is the best starting point. Here's how I would do it. I would do it much the same way we do a requirement to have audited financials. And I would say every healthcare organization has to provide an audit to whatever agency HHS every year.

And maybe that's the wrong agency. I, I, I haven't really thought about it, but you know, they have to provide some level of audit. That audit, by the way, is done against the NIST security framework. Yep. You can adopt it if you want. , but you're going to be audited every year based on the NIST security framework.

So you might as well adopt it, start measuring against it and whatnot, uh, because you're gonna supply that audit. And to start with, I, I don't think there's penalties and those kind of things for the results of the audit, but I think over time you end up with a pretty standard way of looking. At the readiness for health systems, and I think you end up with, you end up with more health systems just adopting it.

And I, I guess the concern, obviously there's a cost associated with that. And I guess the other concern is there's a growing list of things that, that there's have health systems that haves and the have not health systems. And I, I coach CIOs for both and the haves. Or they can go in and say, look, we need more money for security.

And they go, how much do you need? And they say, we need 5 million this year. And they go, here you go. And the have nots go in and go, Hey, we need more money for security. They say, how much do you need? They say, 5 million. And they say, we're gonna give you a hundred thousand. Yeah. And so is this just a too much of a burden on all health systems?

It's the right burden for a certain size health system, but it's too much of a burden on all of them. Well, you're right about the burden. I think this is, here's my opinion on the matter, right? So if we were serious about cybersecurity at the federal level, knowing that healthcare is critical infrastructure.

Why wouldn't the mandates be in place and why wouldn't there be support from the federal government to get that done? So that's great. HHS like what you said, if I we're gonna audit you annually, why shouldn't we be helping those smaller health systems who don't have the means to put these controls in place, ensure that those controls are put in place?

And I think this is where some of the issues where we talked about a few years ago about some stark relaxation to allow security tooling to be . Provided to those smaller health systems. I think this is where as a community, we need to start to work together because it's not that we're all in the same fight.

At the end of the day, Kaiser will get attacked, so won't this mom and pop healthcare clinic down the road if the same people are gonna attack it. One's got deeper pockets than the other. We're all in the same fight. So at the end of the day, we all need to start working together to solve these problems.

It's not about the haves and the haves nots. How can we share that best practice? How can we share those controls? I think that's gonna be critical moving forward to solve the problem. And, and I, I love that answer. I just wanna make sure that money's not going to Kaiser and. Providence and Mayo and Cedars.

I love all those organizations. I think they're all doing great work. I just think when your endowment or your investments get to be measured in the multiple billions, you don't need government money to do security. Right. On the flip side, there's a lot of federally qualified health clinics and and other types of organizations that could use the help in getting that stuff together.

I think, yeah. Alright, let's go to the innovation article. I covered this on today. Today in Health. It there was a panel discussion at the Health Evolution Summit. It was a good panel. Let's see, Sachin Jane, who's the CEO of Scan Group and health plan was the moderator and if I knew nothing else, I would attend just 'cause he was the moderator.

But then they had John Perlin, MD President, head of Clinical Operations and Chief Medical Officer at HCA Healthcare Farzad. Most Ari md, CEO, and founder of Allade and Chris Chen, md, CEO of ChenMed, and my gosh, it's a phenomenal panel. They talked about scaling innovation. Dr. Chen said The biggest challenge to scaling today is not the need or demand for care services, what our barrier is scale.

It's really about how to scale faster and there's a lot of innovation happening. Chen added the question for us is, number one, how do we scale faster? And number two, how do you scale the simple rather than thinking about all the overwhelming amount of complexity? The scaling innovation has always been the challenge number of times.

I've had organizations come in to me when I was CIO and they had phenomenal solutions. I looked at it, I'm like, this is great. And I would say, look, we're at 16 hospital system. We're looking at roughly this. And they'd look at me and say, well, we've never really done it at that size or scale. And some of the scaling stuff, to be honest with you, was on our end, contracting, took months.

Getting them access to data, the correct data, setting up the interoperability, the security, as we talked about earlier, the security framework and going through those things. Sometimes we bring in these startups. And they would, they would be cheering. They got a big one, right? We got a 16 hospital system.

You know, a brand, this is gonna be great. And six months later, they still haven't received a nickel, haven't started the project, haven't get anything off the ground. How do we get past that? How do we scale these things faster? What's gonna be the one or two things that helps us to scale these things better?

Well, culture's gonna matter in this case, say culture, and it's a big bang. Culture. We were a culture. So in academic medicine we were a culture of innovation and there was money behind that innovation. 'cause we wanted to take cutting edge research from the bench to the bedside. You could see what the outcome was, right?

When you get to other areas, contracting, I don't wanna bash the contracting people, but that is a lengthy, long process. Well now we have opportunity to shift contracting, getting to much more robotic process automation to look at what are the terms, what are the conditions. I don't need a human involved in that.

Right? So I need to change how we're doing some of that work. Work so that we can onboard faster. The innovative companies that are coming to us now in healthcare, they're doing things well beyond the scope and means that we've ever seen before in healthcare, when you talk about like modern application platform stacks, and then I gotta go back and work on my behemoth, EHR, that's running a four tier application server environment, those are not the same language, right?

So now we have an educational divide at the same time because. What are they actually doing in that space? And sadly, the space that they're working in much more, these innovative companies are more secure, more visible. You understand what's happening there more clearly. So I think the culture and the educational aspect of it is one that just has not caught up yet.

I think Covid did some very interesting things to us. It made us scale innovation. At a breakneck speed, which we've never had to do before. If you think about just the whole work from home mentality, how many health systems do you know actually had the flexibility for people to work from home? None. We didn't have, I mean, we had cafeteria type spacing where you can come in and and do collaborative work, but it wasn't

Because you didn't have an office or a desk someplace else. That was just an area. You went to work to share ideas. You then went back to your office. You never worked from home or the cafe down the street or someplace else. Scaling to get just that. In phenomenal event for healthcare, I mean, a lot of people did a lot of work.

I. Now try to bring in all these fancy new technology to solve real critical business issues. We're just not there yet. So we've gotta shift that culture. We've gotta start to learn more about what's taking shape outside the walls of our hospital. I think that's going to be the start. I love the article because it talks about changing financial incentives, which is critically important, right?

So fee for service to quality based outcomes. We've been talking about that for years. The reality is it just hasn't . It hasn't caught fire for some reason. We, I put in the first accountable care organization in the northeast. It still hadn't caught fire 10 years later. How do we get to that point where that starts to really make a difference?

Healthcare policies, again, it's great that we create a policy, but policies, just like anything else are living, breathing documents. They have to be taken off the shelf, a frequent basis, dusted off to understand the implications of it, and we just don't do that well right now at the federal level when it comes to healthcare policy.

So there's a lot of things that have to change for us to get to that point where . We can create agility and actually adopt innovation within healthcare delivery. When I reviewed this article before, the phrase I used is, the future of healthcare is shaped by technology, but moves at the pace of policy, incentives, and culture.

Yeah, that is so true. And we talk about why hasn't value-based care taken over for fee for service and its incentives, right? So I, I was at a health system that was trying to do more value-based care, but at the end of the day, when you do more value-based care, it takes away from your fee for service.

Fee for service was generating more revenue. And so you have to, there's this balancing act of saying, this is where we want to go and get to, but we have to fund that and fund it. Well, so I think what you're seeing is Medicare advantage. Step into a, an interesting space, and then I think that's gonna morph even more.

So it'll be interesting to see. What happens there? So the incentives, the policy, you can't underestimate the impact that policy has on healthcare. I used to joke that a 60% of the CIO's job is regulatory and, and, and it's probably an overstatement and more for effect than anything else. But we had to keep an eye on so many different regulatory requirements reporting.

You name it, uh, a lot of it is spent making sure that we, we meet those regulatory demands. And then the culture, which you talked about. I, I'll tell you, one of the things we did was it's platform thinking, right? So we started to think. Uh, the platform, not only the technology, but the system as a platform.

And we now have, John Alka is the big evangelist for this, but the system as a platform, one of the things I, I started talking to our legal department about that they were not an inviting platform. The ingress and egress out of legal was way too cumbersome. And, and they said, well, we've gotta protect the organization.

I'm like, all right. How about if we work together and. I'm gonna set up a sandbox environment with data that is just dummy data, but it's gonna mirror our systems. And so if I'm doing a contract with a system, they're not getting access to any of our data, but they're getting access to these systems so they can start to.

Program their environment, see how it works, get the things working and those kind of things. What kind of contract do they need? They're like, well, a lot less than what we would need if they were accessing our systems. Great. Let's write that contract. I said, all right, so let's move into step two and step two.

We're getting 'EM access to anonymized data. Can we have like just an addendum to that contract that says, okay, now you're moving to this. They're like, yeah, we probably do that. I said, alright, step three. We're ready to take it to the next level and start testing it in our, in our test environment with live data and that kind of stuff.

They're like, well then we need the full blown contract. I'm like, that's fine. And what we did is we got it down to within 30 days, they're actually working on our systems, working with our teams, actually integrating with the environment. And then we could work on the contract for six months. 'cause quite frankly, that could be how long it took, depending on what kind of information and security controls and stuff that was needed.

But it's thinking about. The whole thing, the whole health system is a platform, right? And how, how do you plug in and how do you bring in these great entrepreneurs and citizen developers and all these great terms, uh, you know, crowdsource and whatnot, but you bring them in in a safe way, and then when you're ready, you can scale it up.

All right? Next story Best Buy acquires current health. I wanna leave some time for this Apple story 'cause it just, it more cracks me up than anything. And so Best Buy to acquire current health. It shouldn't crack me up, but it, it, it does crack me up. So Best Buy is signed an agreement to acquire current health.

Bringing quality healthcare into the home has become an increasingly important part of the healthcare system, often allowing patients better access, quality of life. The future of consumer technology is directly connected to the future of healthcare. This is from the president of Best Buy Health, Debra De Sanzo, and then you have this over the coming decades, significantly more healthcare can be delivered in the home.

We started current health to make that. Exciting transition, radically easier for healthcare providers to achieve, said Christopher McCann, CEO of current health. Lemme go to another article that I have, fierce Healthcare article because I think this is the part I want to drive home to people is Best Buy has really made a move.

So during an earnings call back in March, best Buy CEO, Carrie Barry. Outlined that the company's health strategy focuses on three areas based on its strength in retail, with an eye toward connecting patients and physicians beyond consumer health. The retailer also is focused on active aging with emergency response devices and services for seniors and virtual health to connect patients and physicians, including remote patient monitoring.

Best Buy is in the healthcare business, and what they're banking on is. Health systems aren't going to be expanding the number of beds they have on campus. They're gonna be expanding the number of beds they service a across the community. And they're gonna be my bed and your bed with, uh, remote patient monitoring in place type devices with, pardon this, they're probably have to do a branding thing here, but essentially, geek Squad come into our home and set up these

Medical devices to, to essentially monitor us in, in whatever state we happen to be in. Connect that back up to the health system and, and away we go. This is, we keep hearing about this. We saw that remote patient MO monitoring took off during the pandemic. Where does this go and what implications does it have on healthcare?

I love this. I, I think this plays on the strength of what Best Buy's been able to do the past few years. 'cause they've reinvented themselves as an organization at the same time. Remember when it was just brick and mortar? You'd walk in, you'd buy a tv, they'd throw it in the back of your car and off to the, the wind you went and you.

Got stuck setting it up at home. They realized as technology increased in, in its complexity and its pervasiveness, people weren't able to do it. That's where the Geek Squad came to play. So they've created a supply chain of services to send them into your home, high touch service in the home to solve those consumer issues.

Like I want the new TV for the Super Bowl. Here's the Geek Squad, throwing it up on my wall and setting up my soundbar, my . Surround system and everything else that goes into it. Now, home health, I mean, this is something we've been talking about for a long time. The changing dynamics of healthcare was is that you went to the hospital because it was the center of your community, right?

Community-based hospitals. I went there because it just happened to be a mile away from my home, and that's where I got my care. That's where I went to die. That's where most of my family went to die. Times changed. Nobody now wants to go to the community hospital to pass away. They wanna be surrounded by their family.

When I go for care services, I'm now a consumer of those healthcare services, and I'm shopping for the best price and the best quality. I love this idea because I. Care is coming into the home and it's coming into places that have never had it before, to a population that's going to need that help to get it set up that senior population's the target here, because they wanna stay in their homes longer.

We wanna serve them in their homes longer. The Geek Squad's gonna come and set all that stuff up for you, and they're gonna walk you through it. If this is a genius idea for Best Buy, and I love the fact that as long as they keep it within the confines of the supply chain that they built and the services that they're providing, it's going to work for them because we see the

That people want those care services, wherever they may be in the home is where they're actually going to be. So kudos to these guys for, for, for taking this leap into this pool, right? Because as when we'll talk about this in the Apple story, it's not an easy pond to jump into . The, uh, the last thing I would say about this story is don't under underestimate the power of the Geek Squad.

We did, uh, some remote patient monitoring pilots. Back in the day at St. Joe's and when you send someone into the home, there's a whole new set of training of liability of, I don't know. It's, it is very challenging environment and I'll, I'll spare you the stories, but there's a lot of really. So you could put your employees in a bad situation if you are not good and really thought through how you're sending people into the home to set up this, these devices and whatnot.

And this is one of those cases where I'm a firm proponent of partner. Don't try to build out an organization that is going to troubleshoot all these devices and all these homes. If somebody can provide it for you, by all means, and if Best Buy ends up being that partner, by all means make it Best Buy.

'cause they're in every community. They have people in cars that can go out to homes and help fix things. They have a support desk, they have all that stuff. Don't underestimate how hard that is to do or set up. I, that's one of the areas I would absolutely partner in, I think. You ready to talk about the apple missteps?

Let's do it . All right. I'm not gonna do excerpts from this. Here's the main points from the story. Business Insider has a tendency to go the TMZ route when reporting on big tech, and they literally solicit information from disgruntled employees and then they develop a story and run with it. And that's the case here.

And here's what I gleaned from the story. Apple has bold plans. So Tim Cook said, I believe if you zoom out into the future and you look back and ask the question, what was Apple's greatest contribution to mankind, it will be about health. Cook told Kramer on mad money. He also reiterated something to that effect, I believe, on stage.

So there are aspirations of not being a healthcare company, but having a legacy. That is defined by what they've done in health. Employees paint a picture that they are struggling and here's some of the things they're struggling with. First culture there is pressure to inflate accomplishments. Negative talk is often frowned upon, and in some cases it leads you to be banished from future meetings because they don't want your negativity in the room.

The other thing is vision. There's no grand vision for healthcare. Just a bunch of little visions that at times compete with one another and there's, there's nothing that's really unifying it and bringing it all together. There's no like grand person in charge of the healthcare vision, if you will. And then finally, business model and.

I, I just come back to this Tim's statement, doesn't mean that Apple's going to be a healthcare company. They're not gonna be opening clinics, they're not gonna be providing telehealth. That is not the nature of the, the company they are. Although some people think that's the direction they're going. If you read this article, some of the people who are.

Disen franchisor or just not happy with the direction. Feel like, oh, we could be doing more in healthcare, not recognizing what Apple is. And Apple is a product company first and foremost. Now they have a big services arm, but that services arm is built around their. Product ecosystem, right? They deliver digital content, they do digital storage and that kinda stuff.

And the story obviously paints the picture that this follows Google's reorganization of its health unit and Haven's demise, Amazon, Berkshire, and JP Morgan. Let's just start with what do you take away from the story? Strategy's important, and I'm not akin this to if Apple's sitting in a boat that wants to get into healthcare, but everybody's going their own direction.

Everybody has an or. All you're gonna do is spin in a circle. 'cause we got one guy rowing forward, one guy rowing backwards, a couple of gals rolling to the side. You can't get anywhere if you're just spinning in circles. So focus, they had to have focus on what they wanted to be in healthcare and they should have used their strengths, right.

Apple watch is great. Well, I think about this for one hot minute. I see Apple watch as preventative medicine in action, right? It's helping me do things that I normally wouldn't do to prevent disease or take care of conditions. That should have been the name of the game. Go knock that out of the park and grow from there.

You can't, when you're an octopus with eight tentacles hanging out there, which way do we go? Well, when everybody's pointing in different directions, you can't go any way but down. You're just gonna fail at first and foremost. Uh, culture. I'm a big proponent of everybody's got dirty laundry. It shouldn't be aired out there in the public sphere.

Those are conversations that are best left inside to sort those problems out. When you bring it to the outside world, now you're just focusing attention there and they're gonna make some bold moves to readjust that may not fit the culture of that organization. That could be some part of their demise also at some point in time, and at the end of the people didn't know what they were doing.

Again, goes back to the strategy. I like the idea of clinics, major corporations like Apple, setting up a clinic for preventative medicine to control the cost of healthcare. I think that's one area where we kind of overlook, and I think Amazon's really . Starting to hit the, the head of the nail on that one.

So that could have been a part of an incubation process for them, but they should have been more clear about it, right? They should have been much more clear about how that's being done. So many flaws here, but again, Apple's a revolutionary company. They're big thinkers. They've changed industry a couple different times and a couple different points.

So it's no shocker to me that they want to be the change for healthcare, but. They probably should have reeled it back in just a bit and set some hyper focus right out of the gate and supposed to the shotgun blast that they put up. It's interesting, the, the watch really got them going in the wrong direction, in the right direction, in the wrong direction.

It, it's good at identifying things, so it's really good for healthy people. I. I mean, this has been my experience of, of trying to get the data in front of clinicians and whatnot. They're like, look, I, I just don't care. All the information you have is just, it's not helping me. Yeah. And I'm like, okay, explain to me why it's not helping me.

Well, it is gonna tell me their weight over time. I don't need to see that. I mean, they're gonna tell me when they come in, I put on 10 pounds and put on 15 pounds, what? Whatever it is. But if I'm watching that happen over a period of time, do I call them if they put on two pounds? Do I call them? If they put on four pounds, do I call them?

Healthcare is not a health company. Healthcare is a fee for service. As we talked about. It's a, if you have a problem, come in and we'll fix your car. We'll fix your body, we'll fix you. And so this is where they get into trouble. They're a health company, not a healthcare company. And so that's the first distinction I would make.

The second is they're a product company. First and foremost, they're not opening clinics. They are, let's say, supporting payers. They're supporting healthcare companies. If there's a use case that is identified, not by Apple, but by them, by healthcare companies, they know what the technology is, they know what it can do, and they can keep putting sensors in there and updating the sensors.

It's not good for chronic conditions at this point, but understanding that it's a product company, I would say to the clinicians who have joined there, understand. You just joined a product company. You didn't join a healthcare company. Yeah. You joined a health and wellness company at best, and a product company I know is gonna really make people disillusioned, but that's what you joined as a product company.

And at the end of the day, what you do has to sell more products. Otherwise the shareholders aren't gonna be happy. I'm not gonna be happy. And I I, I floated this use case and I'm gonna float it by you just to get your thoughts. The one area where I think they've had some success is the Apple Health record.

Being able to connect up with all those locations, all those EHRs around the country and actually pull in some of that data and, and build that record, I think is, is significant. I. I think the next step in that was to really help to streamline the intake process at every hospital across the country.

Right? So you have a fair amount of information about me, not only in my Apple Wallet, which has a bunch of information about me, but also in my Apple Health record has a bunch of information about me. Can you work with these health systems to say, we want to create, we have this in in education, we have the common app, right?

Can we come up with the. Elements of a common app that is common for the intake process that Apple can then aggregate all this information. And when I walk in to a health system, I just, whatever, whatever Apple does, to transfer it over to the health system and they go, okay. We have 85% of your information.

Now, let me just ask you the remaining 10 questions and then, and it's invariably this happens. I go from one department to another department and they ask me questions again, and I, again, I'd like Apple to sort of help that process of, if they can't figure out how to take it from the information from where I was seeing one physician in the health system to another place in the health system, which does exist because they could be on different EHRs, they could be on different processes.

You name it. I want Apple to do that. Because again, they're becoming a conduit. I could bring it down to my phone, I can give it back to the health system, and then I can overlook the fact that the health system hasn't baked all their integration together and that kind of stuff. 'cause when they ask me for it again, again, I just show them the QR code, they scan it, and all the information that is in front of them.

I think that's, I think that's a valid use case and I think it sells a lot of phones. That's my 2 cents. It does more than that. It becomes a patient satisfier, because that's the biggest, me as a consumer of healthcare services, that's my, one of my biggest complaints is that why don't you have this information?

Literally, I go to see my primary care doc, and then I go down the hall, the same building to see the specialist, and they don't have my information in both places. Why is that still the case, right? And so that throughput issue is huge. Apple has the mechanism to solve that problem. I think that's a glorious idea.

And I think one other thing, it does sell more phones, but it also puts me in charge of my healthcare information, which is something that's a critical lacking. And that's Apple's brand, right? They're empowering the creative. They're, that was their original thing, but now they're empowering the patient.

They're putting the power in the patient's hand. Yes, I, I love it. I could do a whole campaign on that. Plus, I think their security, I, I like their security position much more than Google's, because Google sells information and access to information, whereas Apple is not making money that way, and so I think they have a stronger case to be made.

Around healthcare, and this is gonna be, I think, a primary distinction. The solution I'm talking about would, I would rather do that with an Apple phone than a Google phone. 'cause if I give all that information, my insurance information, all that other stuff to Google, I, I don't know that the next time I do a search, I'm not gonna see information on better insurance plans or, or that kind of stuff, because that's the business Google is in.

It's still like 90 some odd percent of their revenue, even though they have all these other things that they're trying to do. Chris, thank you for your time. Hope we can do this again. Anytime you need me, I'm here for you, buddy. Sounds good. Take care. What a great discussion. If you know of someone that might benefit from our channel, from these kinds of discussions, please forward them a note.

Perhaps your team, your staff. I know if I were ACIO today, I would have every one of my team members listening to this show. It's it's conference level value every week. They can subscribe on our website this week, health.com, or they can go wherever you listen to podcasts. Apple, Google. Overcast, which is what I use, uh, Spotify, Stitcher, you name it.

We're out there. They can find us. Go ahead, subscribe today. Send a note to someone and have them subscribe as well. We want to thank our channel sponsors who are investing in our mission to develop the next generation of health IT leaders. Those are VMware, Hillrom, Starbridge advisors, Aruba and McAfee.

Thanks for listening. That's all for now.