This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

Welcome to this week Health Community. My name is Bill Russell. I'm a former CIO for a 16 hospital system and creator of this Week Health, A set of channels dedicated to keeping health IT staff current and engaged. Today we have an interview in action from the 2023 fall conferences of Chime in San Antonio and Health in Las Vegas, and we want to thank our show sponsors who are. In our mission to develop the next generation of health leaders and they are Olive, Rubrik, trx, mitigate, and F five. Check them out at this week, health.com, and here we go. All right, here we are. Another interview in action from the Chime fall forum, and today we're joined by Fred Mills, the senior director head of healthcare for Ver.

It's great getting together. Yeah. Finally. I'm glad we had a chance to meet, man. Great place to be doing that too. Look, yeah, this has been, I think it's been a really fantastic conference so far. It has. It's ever since we go back to pre covid, the conferences after have been, everybody wanted to reconnect.

Yeah. And in person before that, we'd all complained about the travel, the length of the meetings. But now it's just great to be back and in person and. Conversations even like in our focus group and the round table yesterday, were just stellar and it's not setting any particular topic, even though you have to select one.

It's the open dialogue about the industry and where their needs are and where they're heading. That joy, the, the great, I don't know if it's equalizer, it's set. The framework is these are challenging financial times in. And it's interesting, it doesn't matter if it's the large academic medical center or the small critical access hospital, they are coalescing around some of that conversation.

They all share a common cybersecurity challenge that they're coalescing around as well. And so a finding, it's really interesting cuz there used to be a differentiation when you put those people in a room and now there's a lot of common challenges that they're facing. Very true. Especially on the cyber insurance side of it, which.

I don't know if you, you want to use the term ransom, but the way that the, the agents are coming to the hospitals and before you could have, here's a document, here's our plan, here's our dr, or here's our system and how we're taking those steps. But that doesn't work. Now you, you, it's gotta be fully implemented dashboard's in place and you have to prove that it's a functioning aspect within the health system to be able to get your, I.

Yeah, so it's, you have to prove that you can detect, you can prevent, you can control the blast radius, but then you also have to prove that, hey, you can come back as as quickly as you possibly can. So what's top of mind for you? You've had a focus group and you've been here for a while, talking to leaders.

Well, we're relaunching Veritas healthcare business, and if you look across the spectrum of the data protection market, we are the only provider that has dedicated healthcare. And what I mean by that is we don't call myself an expert, but expert like myself or Rick Bryant from the cto. The account execs have healthcare backgrounds, and what we're bringing forth is a set of core solutions that are positioned for healthcare.

They're messaged in healthcare and they're enabling the healthcare environment, and it's not just looking at it, it's across the entire ecosystem. General IT and clinical it. So how do you protect your epic environment? How do you protect your medical imaging, which is when you get on the clinical side, a lot of the IT vendors, technology vendors that are in our quadrant, you could say, overlook that when you come back to the efforts to help cost reduce, we don't wanna build silos.

We want to go across the entire ecosystem. Here's a solution that. Protect, provide you resiliency across whether it's in IT or whether it's in clinical it, and then simplify the background from of what the infrastructure is, whether you're on premise or whether you're in the cloud. You're on private or multi.

We, we have that solution set. So you brought up cyber insurance. I had some. CISO's had a meeting recently and we were talking about the changing dynamics of cyber insurance. And even a couple we're toying around with self-insuring, still getting business disruption insurance in a separate approach. And the thing they were saying is that the requirements at this point are, if you meet the requirements, there's, this is how insurance works, right?

There's very little need for, for the insurance itself, which is almost a, an interesting self-correcting thing that's happen. By itself in the industry, which is the insurance has gotten so expensive, their requirements have gotten so high that we are actually cleaning up the whole operation and making sure from, and I'm not saying cleaning up like it was a mess.

I'm saying cleaning up from the standpoint of we're actually looking at that full life cycle down, and that's where you guys play. You have the, what kind of things are you hearing from CIOs that they're looking for you to do with Veritas? Cost reduction, obvious. Comes first to mind. Where do they wanna dry the cost out?

Is it, is it in the storage? Is it in

storage? Certainly when you really look at the infrastructure side, there are so many existing silos that, how can you bring this into one common ground? And for us, obviously we're on the back end. I use the analogy of in the imaging world, you've got the modality into the workstation server, patient facing, but then what happens on the back?

It. And for years, that's been individual silos that continue to build for the storage or for managing those images. Then you throw a VNA in. Now there's another set and you keep proliferating that infrastructure. So can you come to a health system and not affect the application facing the patient, but can you simplify everything on the back end, which is a cost reduction?

It's a cost reduction in support and mainten. Simplifies it. And you can use that, those solutions in other sets of applications, not just dedicated to one specific, let's say modality. So it is certainly a cost of reduction across the board. Training expertise is another area, and we bring that forth. And we have a large project with Tufts where it's, we're part of that move of, uh, epic into aws.

Part of what we're also doing is the bringing the expertise to help support that process versus putting the burden back in on the hospital themselves, which would be added costs. Yeah, and that's the other thing I'm hearing is reduction in staff amongst the IT team. And so they don't have the resources to do as many projects as they once did, so they're looking for solutions that don't require.

Even offer some managed services or some services around it to help them get it informed. Bill, what? I heard this the other day, that there's a distinct shortage of IT expertise within the healthcare space, and so I'm not hearing a reduction versus repositioning and retraining for different other activities and expertise within that.

Within the systems. Yeah. What about speed? One of the things that keeps us up at night is we get that call, it's ransom. Somehow it's proliferated around our system and now all of a sudden it's a race, right? And so we're seeing this right now, common spirits coming up on 30 days. I wasn't gonna mention, and that's coming up on 30 days.

Sky Lakes was about 30 days. I think 30 days was around where scripts was. And people are looking to shorten that window of what it takes to get back. And are you getting a lot of, how can we move faster once something happens? Where do you shut it off? And how do you respond? And how fast can you repopulate?

We have ever say never, knock on wood or however you wanna put it, but we have never, there's never been a successful ransomware attack where Barta's solution is running and we run in Common Spirit. Okay? Common Spirit is, uh, combination of a lot of different entities and whatnot, dignity and all the different sites that come into play up, but it's that.

That's, there's no question that's top of mind from that, the hope of protection. But yesterday in our focus group, individual from Stanford Health, we were talking about the imaging environment. And one of the areas that, that they've done a study and they looked at is, can you be attacked through your energy, through your packs environment?

And it caught the rest of the folks off guard cuz they, none of 'em had thought about that. Cause you think. Ransomware attack. It could be through U emr, it could be through general it, but nobody's looked at what happens if it gets into the imaging system. And what came out of that study that they did was vulnerability that they've taken steps to correct.

Now. So when you're, when I think to your earlier comment when folks say that, geez, we're taking all these steps to meet the insurance, Have they really covered all the aspects that are out there and cuz it's, I don't wanna say it's a learning curve, but we're all facing, it's a constantly changing situation of where they're trying to get in on.

📍 📍 All right. We're gonna be doing webinars a little different this year. I've talked to you a little bit about this. We got together with our advisors. They told us, Hey, you gotta do 'em different. They're just not serving the community well. And we said, what do you want? They said, community generated topics. Great contributors. Not product driven. They want a more honest and open discussion. And they said what we want is not no on-demand webinars. We want once and done type webinars on a consistent date and time. So every first Thursday of the month. Our first one being January 5th first Thursday a month, one o'clock Eastern time. We are gonna be doing a webinar. You can count on it. Put it on your calendar every first Thursday of the month at one o'clock Eastern time. We're gonna do a webinar. The topics are gonna be generated by the community, and we would love to have you there. Our first one, January 5th, priorities for 2023. A CIO discussion with Integrated Delivery Networks, February 2nd, we're gonna come back with Academic Medical Center CIOs talking about their priorities. And then we're gonna hit some of the other great topics that they've given us for the year, and we would love to have you join us again this week, health.com, top right hand corner, it'll have our current webinar and our upcoming webinars. You can sign up right there. And if you miss it, it's not on demand anymore, so. We would love to have you there. Make sure somebody from your team is there taking notes and bringing stuff back to your staff. So we hope that this works out. Any feedback? Go ahead and send us a note. We would love to hear about it. 📍 📍 Yeah, it's, it's really interesting as we look at the landscape here, cuz it's changing, cuz it's changing. On the other side, the attack side, the attack vectors, I mean, you talked about packs. We have biomed devices, which we're worried about as well. Plus every hospital system you walk into has a wireless network that they're getting on.

But it's, to me, it's really interesting just to talk through the restore procedure, how to get back online. And one of the things that ransomware really requires is they have to compromise the backup. They have to, because if they don't compromise that backup, they're not gonna. Because it's a business operation, right?

So they wanna make sure that it's a ruthless business operation. If you think it's, but they have to ring the register. And in order to ring the register, you have to be backed against the wall and say, you know what? The Bitcoin should go cuz otherwise we're in trouble. So they have to compromise. What does Veritas do to make sure that the backup doesn't get compromised?

One is the ability to identify where the attack came from and to shut that. From a, in blocking that access. Next steps would be mobility and the copies that are in place, right? That is just part of our solution set. So that allows for that quick restore. We have the ability from an analytical tools to identify where it's coming from, immediately shut it down, and the fact that the systems are, are doing the multiple copies and the immutable backup is right there is so key because we talk about that it's all right, we need a clean environment and we need to.

Clean restores to that environment cuz if they're not clean, you're just exacerbating the problem. And today, if back to something we spoke about earlier, it, it's, there's still app, if you look at these application silos, so in your general IT and your finances, what are you doing for protection? And then what are you doing to protect your emr?

What are you doing to protect your medical imaging? What are you doing your, your er. And each of these could be different. So what we're bringing to market is one set across the board that, again, simplifies the environment, gives 'em protection, gives 'em a restore, and also addresses the cost issue.

Fantastic. Really appreciate your time. It's wonderful. Thank you. Exciting stuff at Veritas.

Another great interview. I wanna thank everybody who spent time with us at the conferences. I love hearing from people on the front lines and it is Phenomen. That they have taken the time to share their wisdom and experience with the community, which is greatly appreciated. We also want to thank our channel sponsors one more time, who invest in our mission to develop the next generation of health leaders. They are Olive, Rubrik, 📍 Trellix, Medigate and F5. Thanks for listening. That's all for now.