Hey everyone. I'm Drexon. This is the two minute drill where I cover some of the hottest security stories in healthcare, all part of the 2 29 project, cybersecurity and risk community here at this week. Health. It's great to see you today. Here's some stuff you might want to know about. January 28th is date of privacy day.

In healthcare, we often treat it as a compliance moment. We're reminded to update policies and do training and review checklists, but privacy in healthcare is about way more than rules. It's about responsibility because from the moment a patient walks into a clinic or a hospital, they extend trust almost automatically.

They share things they would never tell an employer or a bank. Or probably even a social media platform, and they do it because they believe doctors and nurses and their teams will do no harm. That promise doesn't stop at the bedside. Today, patient data has become more critical than ever to provide better, faster, cheaper, safer, easier to access care for patients and families.

Their data flows through EHRs and cloud platforms and analytics tools and third party and fourth party systems and AI systems, and most patients will never see that happen, and they'll probably never completely understand why that has to happen. Patients don't follow those pathways. They assume someone responsible is watching those pathways, and that's where the burden really sits.

I totally understand most health systems did not ask to become custodians of massive digital identities. Once you hold the data responsibility comes with it, not just to secure it, but to use it carefully and minimally and with intent. When data is over collected or loosely governed or casually shared, harm doesn't show up as a headline right away.

It shows up when a patient starts to hold back. Because they've seen the breach stories or they've heard about data being used in ways that they never expected and trust that critical element of trust between medical teams and patients trust starts to fracture and communities and patients and families kind of quietly lose their confidence that we are honoring the same do no harm commitment in the digital world that they expect in the exam room.

So this year, data privacy shouldn't be about fines or fear. It should be about ownership. Who decides what we truly need when it comes to data? Who's willing to say no even when the technology makes it really easy? Privacy is part of do no harm and responsibility for that doesn't live in a policy. It lives with leadership all the way at the top of the health system.

You can read more on that story and lots of other stories on healthcare tech and digital innovation and security news at this week, health.com/news. That's it for today's two minute drill. Thanks for being here. Stay a little paranoid and I'll see you around campus. I.