Advancing Health Podcast

00:00:00:00 - 00:00:18:25
Tom Haederle
Welcome to Advancing Health. Pediatric care is often especially hard to come by in rural areas. In this first of a two part conversation, learn how to Georgia care providers have partnered to chart some innovative solutions to a longstanding problem.

00:00:18:27 - 00:00:46:22
Elisa Arespacochaga
Hi, I'm Elisa Arespacochaga from the American Hospital Association. I'm really excited to be here today with my two guests who are going to talk about how they're addressing some of the demographic challenges that are facing our workforce across the country, but especially in rural areas. We all know with the aging of the baby boom generation and the smaller generations that are following, making sure we have enough clinicians to care for all of those who need the care, it's going to be a challenge for years to come.

00:00:46:22 - 00:01:17:01
Elisa Arespacochaga
So I'm excited to welcome Dr. Jean Sumner, dean of Mercer University School of Medicine, and Marc Welsh, vice president of child advocacy at Children's Health Care of Atlanta, to share their sustainable solution for the children in their community and across their state, which is just a great model for others. So I'm going to start with you, Marc, to tell me a little bit about what your role is and how you work with your colleagues, and particularly Dr. Sumner in advancing this work.

00:01:17:03 - 00:01:46:16
Marc Welsh
Well, thank you so much for having us here. So I'm the vice president of child advocacy here at Children's or what we are now referring to as Community Impact. And my focus through all my work is really to think about how do we do work outside of the walls of the hospital to improve health outcomes for kids? And that is inclusive of this work that we're doing and we're so excited to do, which is really saying, how do you build pediatric capacity across the state to ensure that kids across communities in Georgia have access to quality pediatric care?

00:01:46:18 - 00:02:03:19
Marc Welsh
And so for us, as we endeavor on this, it was important for us to find a collaborator who knew rural communities and who was able to really say, here is what it's like in communities across the state. And for us, there was no better partner than the Mercer School of Medicine and the Rural Health Innovation Center, which is housed at Mercer.

00:02:03:21 - 00:02:20:27
Marc Welsh
They provided not only the platform to do this amazing work, but really the expertise and understanding and lived experience of what it means to live, learn, play in a rural community and it provided an opportunity for us to say, well, how do we make a difference in these communities?

00:02:21:00 - 00:02:27:26
Elisa Arespacochaga
Wonderful. Doctor Sumner, tell us a little bit about Mercer and your role there, and especially with the Rural Center.

00:02:27:28 - 00:03:02:24
Jean Sumner, M.D.
Well, thank you again, as Mark said for having us. We're excited about this effort, and it truly is exciting to be able to talk about it on a larger stage. Mercer is a school that was created in a private public partnership with the state of Georgia. The university itself has been in Georgia since 1833, but the medical school was started in 1982 for the mission of improving health in rural Georgia and educating physicians and other health professionals who would work in Georgia to address the huge burden of chronic disease and to prevent disease in those areas.

00:03:02:26 - 00:03:27:08
Jean Sumner, M.D.
One of the most underserved areas in our states is pediatrics. And we knew that. And we needed guidance from experts. But we had connections. We do a lot of rural work, we know the communities. We have students who are largely from rural Georgia. We are a school that focuses on our rural nation. Georgia has 159 counties.

00:03:27:10 - 00:03:54:21
Jean Sumner, M.D.
120 of those counties are rural. Geographically, it's large, and of the hundred and 20 counties, there are about 63 to 65 that do not have a pediatrician. And then even those that do may have one. Family medicine plays a major role in caring for children in Georgia with many - we have a number of counties with no physician at all. And our counties are geographically large so that is very hard to access the care you need for a young family.

00:03:54:23 - 00:04:09:15
Jean Sumner, M.D.
So we were looking for an alliance to help educate us and then help us educate them, to put them in the community. And we found Children's Healthcare of Atlanta. And I think what's happening is really transformational.

00:04:09:18 - 00:04:27:24
Elisa Arespacochaga
Well, it sounds like you found just the right partners. Now, we all know  - at least those of us on the line - that pediatric care isn't caring for little adults, right? This is not just they're just not smaller versions of the adult care that many are ready to deliver. I love the work, and I would love to have you tell me a little bit more.

00:04:27:24 - 00:04:50:24
Elisa Arespacochaga
And again, Mark, I'll start with you...to really ensure not only that you are making sure that that next generation of pediatricians is ready to be in those communities through your partnership. But what you're doing to help those smaller, more rural hospitals be ready because kids still live there, how do they make sure that they're ready to treat those kids who might come to their front doors looking for care?

00:04:50:26 - 00:05:18:12
Marc Welsh
No, absolutely. I think, you know, one of the things for us at Children's Health Care of Atlanta that is core to this is we wake up every day thinking about kids. And what you said about the fact that kids are not little adults is core to how we operate and how we think here. And so as we looked across the state, we wanted to make sure that we were providing that expertise to organizations across the state that are doing tremendous work in our rural hospitals, but are typically adult focused and needed that support.

00:05:18:14 - 00:05:47:10
Marc Welsh
And so at the beginning, we really sat down with Dr. Sumner and Dr. Sumner, brought folks from the community to really share insights on what do our rural communities need. And we landed on four core initiatives. The first really centered around exactly what we're talking about, which was building capacity in these facilities to treat kids. These are in large part adult facilities, but we wanted to ensure that when a child comes through the doors that those wonderful folks knew and were equipped on how do we best serve those kids?

00:05:47:12 - 00:06:05:04
Marc Welsh
And so that means do they have the right equipment? Do they have the right training? Are protocols in place to ensure that they can meet the needs of those families? Because we know that the best care can be offered when a child is able to remain in their community. We are going to be here in Atlanta and will continue to be here to support families across our state.

00:06:05:06 - 00:06:23:07
Marc Welsh
But first and foremost, we want to know that they're able to get care closest to home. And so that was part of this work. And we've done work with almost 30 hospitals focused on building that capacity within their facilities. The second bucket was there are amazing pediatricians across our state, and they are doing wonderful work in rural communities.

00:06:23:10 - 00:06:39:26
Marc Welsh
But what we heard from those pediatricians was they often feel isolated and they don't feel connected in the same way that pediatricians feel in Atlanta. There's not a colleague down the hall that you can run something by to say, hey, what do you think about what I'm seeing here? And also there's a lack of subspecialists around our state.

00:06:39:26 - 00:07:01:02
Marc Welsh
We know that we have that crunch across the country. But certainly as you look in rural communities. And so we wanted to make sure that we were creating a network of connection amongst those rural pediatricians, but also an anchor back to experts here in Atlanta that could provide the guidance around, you know, what should you be looking for in this particular case and access to subspecialty care

00:07:01:02 - 00:07:23:15
Marc Welsh
through telehealth. So really making sure that those bridges existed. The third area was mental and behavioral health. And we know that that's a huge concern across our nation, across our state, but especially in rural communities where access to cares remains limited. But also there's huge stigma that that remains. And so we wanted to make sure that there were programs that focus on screening, but more importantly, connection to services.

00:07:23:18 - 00:07:41:25
Marc Welsh
And the last was building the workforce. And so we'll talk, I'm sure, a little bit more about the workforce across the state, but ensuring that we are creating a platform where we were allowing young people to not have to worry about how med school would be paid for. And in exchange they were committing to returning to rural communities to serve kids.

00:07:41:28 - 00:08:04:28
Elisa Arespacochaga
Absolutely. Dr. Sumner, one of the things that I know we talk about a lot here at AHA and is the challenge whereby in medical school, traditionally and in residency, much of the training is done at a place where you've got, you know, 26 specialties on speed dial, right? You just you can page whatever you need at whatever subspecialty level to help you with what you're doing.

00:08:04:28 - 00:08:24:24
Elisa Arespacochaga
And yet in some of these rural communities, it is you. And then whatever network you have to be able to reach out. So how are you doing that work in training and in preparing those students to be ready to build this network and work through programs like what you've set up with Children's of Atlanta.

00:08:24:27 - 00:08:55:14
Jean Sumner, M.D.
That's an excellent question because I get the question all the time. How do you make these young people go back to rural Georgia? I don't make them do anything. We pick the right students. If you look across America, 4.3%. -according to the double AAMC - 4.3% of students in M.D. programs grew up in a small town. At Mercer, we are about 50%, so we're 70% outside of metropolitan Atlanta, and 80% of Georgia lives in metropolitan Atlanta.

00:08:55:16 - 00:09:15:25
Jean Sumner, M.D.
We value our Atlanta colleagues, obviously, and they will certainly have a chance to get in. But we're looking for young people who love where they grew up and want to serve. We know, and I say this cautiously, because I have a lot of friends in cities and I'm sitting in a city. I laughingly tell them that nobody's a bad doctor in a small town because everybody knows what happens.

00:09:15:25 - 00:09:37:23
Jean Sumner, M.D.
It's very close communities, generally. We focus on first selecting the right student. We were the first in the country to do problem-based learning, which is starting with cases. And it really does help the way a physician thinks through their life. To really go down to the basic science, take a data case, take it to the basic scinece and bring it back up to the clinical arena.

00:09:37:25 - 00:10:03:03
Jean Sumner, M.D.
We also focus on excellence in clinical skills. The ability to talk to patients, the ability to get a comprehensive history, a comprehensive physical exam because you often don't have the latest or greatest MRI or CTE. So you need to do it the other way and actually talk to the patient and examine and then use the diagnostic tools that you have.

00:10:03:06 - 00:10:26:05
Jean Sumner, M.D.
So our students are well prepared to go into the clinical arena. But during their four years here, first we have an accelerated track, which is three years, but both tracks our students spend a lot of time in a rural community in Georgia. With physicians that we carefully select, we're great role models with excellent skills and enjoy their work.

00:10:26:07 - 00:10:50:02
Jean Sumner, M.D.
So we give them that opportunity to get out there and see the amazing transformation that somebody can make in the community if they're embedded in that community, live there and then go back home or go to a neighboring community. Really good medicine is practiced in small towns. And, rural hospitals are valued partners in this continuum. They don't do everything.

00:10:50:04 - 00:11:17:15
Jean Sumner, M.D.
But what they do, they do well. The problem with pediatrics is they don't have large volumes. And everybody in health care knows if you don't do something regularly, your skills get rusty. So we focus on making sure those skills at home are good, our students rotating with the best of the best out there. Then, thanks to Children's Healthcare of Atlanta, we have we have scholarships for any young person who wants to be a pediatrician and go back to a rural community.

00:11:17:18 - 00:11:39:21
Elisa Arespacochaga
I love that you've really partnered to make sure that the care is available where it needs to be available, but also you have that that backup, that way to keep up their skills. As the grandchild of a very small town doctor, I can tell you there are people in that town who remember him. You know, 40 and 50 years after he passed away, just, you know, and with gratefulness.

00:11:39:21 - 00:11:58:18
Elisa Arespacochaga
And I know the impact that he made on that community. So I can just imagine in your communities the impact your students are able to make. I want to expand a little bit on that work on behavioral health and Dr. Sumner, I'll start with you on this one. That is one of the areas where I know primary care in particular feels challenged.

00:11:58:18 - 00:12:19:18
Elisa Arespacochaga
They sometimes don't feel like they have enough experience or enough training or enough learning time in that behavioral health space to really be able to support the care needs of their patients. So how are you thinking about making sure that you're integrating the mental health with the physical health from the very beginning.

00:12:19:20 - 00:12:44:20
Jean Sumner, M.D.
Mental health is physical health, and it has to be closely integrated into every case. If it's but the stress of learning you have diabetes. But really moving along, every student rotates in psychiatry. They work with therapists and people hear in school, but they also we have a very close relationship with Georgia's Department of Behavioral Health and Developmental Disabilities.

00:12:44:22 - 00:13:06:27
Jean Sumner, M.D.
We're also we believe, the first school in the country we recently started an accelerated track in psychiatry. And so it's a three year track with a scholarship. And then you have a commitment to going back to rural Georgia. What Mark didn't mention is Children's also funds scholarships for our marriage and family therapists who agree to live and work,

00:13:06:27 - 00:13:19:16
Jean Sumner, M.D.
and we expect these scholarship recipients to live and work in their community and become part of those communities. But we see mental health is part of that physical health and we do a lot of training in that area.

00:13:19:18 - 00:13:23:27
Elisa Arespacochaga
Mark, can you expand a little on your marriage and family therapy program then?

00:13:24:00 - 00:13:40:08
Marc Welsh
Yeah, I mean, I think it's a perfect example of how this collaboration has worked. You know, we started with the pediatricians and we learned and said this is working amazingly well. How do we extend this to other areas of concern across the state? And mental health is you know, top of that list. And we wanted to do more there.

00:13:40:10 - 00:14:07:27
Marc Welsh
And so we said, well, what would it look like to help build that workforce and scholarships for our MST scholars was an important piece. And the reality that we can get them into community much quicker, allows us an avenue to say in these communities where we're beginning to do screening, ensuring that we actually are getting those kids into care, because you can screen all you want. If you don't have the care on the other end of the screening, then the screening is for naught and actually probably causes more harm than good.

00:14:08:00 - 00:14:18:29
Marc Welsh
And so for us, it was important that these things are combined. And so as we start to do work in schools around screening, we need to be able to also say we have the workforce that actually can provide the care needed.

00:14:19:01 - 00:14:35:19
Elisa Arespacochaga
Absolutely. I always say don't ask the question if you're not going to do something with the answer. So I love that you are building that capacity and building that capacity not just at the physician level, but all the way through the team. Well, Mark and Dr. Sumner, we have a lot more to talk about it in your great partnership.

00:14:35:24 - 00:14:43:00
Elisa Arespacochaga
So we're going to turn this into a two-part session. So stay tuned for more to come. And thank you again for all you do.

00:14:43:03 - 00:14:51:14
Tom Haederle
Thanks for listening to Advancing Health. Please subscribe and rate us five stars on Apple Podcasts, Spotify, or wherever you get your podcasts.

00:00:00:02 - 00:00:17:10
Tom Haederle
Welcome to Advancing Health. When a heart attack strikes, every minute counts. Today we hear about a new cutting edge communication platform that sends patient to EKGs directly from the ambulance to the cardiologist in real time.

00:00:17:12 - 00:00:40:09
Tom Haederle
I'm Tom Haederle, senior communications specialist with the American Hospital Association. Glad you can join us. And I'm also really pleased that Josh Neff could join us. Josh is president of Mercy Hospital in Durango, Colorado, an area of the state known as the Four Corners region, and is here today to talk about how Mercy is using a cutting edge communications tool called Pulsara to assist patients who are dealing with cardiac issues.

00:00:40:12 - 00:00:44:12
Tom Haederle
Josh, thank you so much for joining me on Advancing Health today. Really appreciate you being here.

00:00:44:14 - 00:00:50:14
Josh Neff
Yeah Tom it's a pleasure. It's a it's a great opportunity to talk about some really great things we're doing in southern Colorado for cardiac care.

00:00:50:16 - 00:00:54:27
Tom Haederle
Well let's start with the basics. What is Pulsara? And how is Mercy Hospital using it?

00:00:54:29 - 00:01:32:27
Josh Neff
So Pulsara is ultimately a field to hospital communication tool. And we've got a large and remote area. And sometimes our response times are lengthy in southern Colorado, especially in the Four Corners area we've got a lot of mountain passes. When it's snowy, it creates some really delayed times getting critical patients to the hospital. And so Pulsara is really a way for us to connect and communicate with our pre-hospital providers across our seven counties that we serve in southern Colorado and northern New Mexico, where for patients who are having chest pain and cardiac related issues, EMS has progressed over the last decade or two, and we've now got paramedics and other folks that

00:01:32:27 - 00:01:58:07
Josh Neff
are doing 12 lead EKGs in the field as soon as they arrive at the patient. And that's a really important thing for us to know and understand. How do we get that EKG to a cardiologist that's in a hospital, 20 or 30 miles away, or maybe more? And so, Pulsara really bridges that gap for us. It allows those pre-hospital teams to transmit that EKG and a HIPAA compliant manner directly to the cardiologist on call.

00:01:58:09 - 00:02:20:29
Josh Neff
And that cardiologist then is able to help the pre-hospital team manage that patient clinically. It also allows us to be more prepared if that patient is actually having a STEMI or a heart attack. It allows us to have our teams ready and prepared so that that patient goes directly to the cath lab and undergoes cardiac treatment, in a shorter period of time.

00:02:21:01 - 00:02:39:13
Tom Haederle
Take us inside the ambulance itself if you would for a minute. So you've got a patient in there who's having a cardiac issue enroute to the hospital. Could be a long drive ahead. What is happening in the ambulance itself and how EKG and other vital signs - how is that all being monitored and transmitted? How does that happen?

00:02:39:16 - 00:03:06:05
Josh Neff
There's both Bluetooth and direct wire technology and capability between. Basically it's transmitted over cell service. And even in the remote areas where cell service is a little bit patchy, the Pulsara system is accumulating this data in the background. And then as soon as it hits a signal, it automatically transmits which allows that pre-hospital team, that those paramedics and EMTs to be focused on working on that patient and providing care. As a former pre-hospital guy -

00:03:06:05 - 00:03:22:14
Josh Neff
so as a ground paramedic and a flight paramedic way back in the day - we didn't have this technology and and it's it's really comforting for the team to be able to know that they've got, a group of specialists just, at their fingertips that can help us and help them care for that patient. And so basically, they get the machines hooked up.

00:03:22:14 - 00:03:38:20
Josh Neff
Pulsara can connect directly to their cardiac monitors. And so it feeds through that system and and electronically can transmit a wide amount of data to us and to our caregivers that are at Mercy Hospital ready and waiting for that patient to come in.

00:03:38:22 - 00:03:44:06
Tom Haederle
And so what do they do with that information, once it is transmitted? That helps with treatment plans.

00:03:44:06 - 00:04:01:10
Josh Neff
It does. So during the day, we've got our cath lab. We have two cath labs at Mercy Hospital. We're the only cath lab program in the southern part of the state and serving northern New Mexico. And so we've got folks on call or in the department every day. However, if it's after 5 or 6:00 at night, we've got an on-call team.

00:04:01:13 - 00:04:21:17
Josh Neff
The goal is really with this to reduce the amount of time from first medical contact to device. And device is kind of that reperfusion or the treatment time that's tracked by all of the accrediting agencies. We know that the earlier we perfuse an artery, it leads to better outcomes. And that's both in-hospital mortality as well as long term recovery.

00:04:21:17 - 00:04:55:15
Josh Neff
And so what it allows us to do specifically at Mercy - before implementing Pulsara, we had about 130 minutes from first medical contact to reperfusion times. I mean, our cardiology team has worked with Los Pinos CMS, Pagosa Springs Hospital, Upper Piney EMS, all Durango Fire Department, and a number of other agencies. This year, since we've implemented Pulsara, we've been able to reduce that time from first medical contact to perfusion from 130 minutes to 84 minutes.

00:04:55:15 - 00:05:23:18
Josh Neff
So we've seen a 35% decrease in time Because typically what would happen is that patient would come to the ER, they'd have a repeat EKG, yes, you're having a STEMI. We should have the cardiac team here. You need to go to the cath lab. They'd have to, you know, drive in from where they were. And so what this has allowed us to do is our cardiologist directly receives this EKG on a cell phone, is able to interpret the EKG, and he or she makes the call in real time.

00:05:23:21 - 00:05:33:23
Josh Neff
This patient's having a STEMI. Hits the button, alerts our cardiac teams. And so that patient can come directly to the cath lab and undergo treatment immediately.

00:05:33:26 - 00:05:45:03
Tom Haederle
That's remarkable. And being able to shave that much time off from the older way of doing things prior to Pulsara, what kind of results has that yielded so far in terms of patient outcomes?

00:05:45:05 - 00:06:05:03
Josh Neff
So we know that that time is tissue. We are in the process of tracking the official data. What I can tell you anecdotally is we're seeing patients with shorter hospital stays getting back home and back to work and back to play in a shorter amount of time. And we're seeing better outcomes clinically for them as well.

00:06:05:11 - 00:06:17:10
Tom Haederle
That's just amazing. What kind of training is involved in using the Pulsara system, both for Mercy Hospital, ambulance employees, EMS people...is it a complicated thing to get the hang of, or not really?

00:06:17:12 - 00:06:37:25
Josh Neff
It is not. If you can operate your social media apps on your cell phone, you can understand and operate Pulsara. It is that simple. It's intuitive. It knows how to store the information, what to send. And so when those pre-hospital folks hit that send button, it just automatically alerts the team that's on the receiving end of it.

00:06:37:26 - 00:06:50:14
Josh Neff
Those folks who have the same Pulsara on their communication devices. They get an alert, they can go right in and tap the picture, look at the EKG. They can look at vital signs, a number of different things. So it is very easy to use.

00:06:50:21 - 00:06:57:00
Tom Haederle
What about the cost involved? Is that something that is within the budget, would you say, of many hospitals or health systems?

00:06:57:02 - 00:07:12:12
Josh Neff
Yeah, it is, it is not an overtly expensive investment. And it's an investment in clinical care and quality outcomes. So it made all the sense in the world for us to do it. We know that if we can save one life over the course of a period of time, then those investments are well worth it.

00:07:12:12 - 00:07:22:05
Josh Neff
But, I would say to any hospital CEO as well as the EMS programs are out there, it is an affordable program that you can and you can easily integrate.

00:07:22:07 - 00:07:30:27
Tom Haederle
Would it be as helpful, do you think, for hospitals in more urban areas that really aren't looking at the same transport times, you know, with that patient in the ambulance?

00:07:30:29 - 00:07:48:06
Josh Neff
I think it could be used widely across all markets. I mean, I was in on the Denver Front Range before I moved to Durango. And, you know, it may take you 45 minutes to go 6 or 7 miles if you hit traffic wrong or there's a wreck. And so time is still tissue, and it's still important for those patients to receive timely care as well.

00:07:48:06 - 00:08:06:00
Josh Neff
And so it extends our ability for our cardiac specialists to have eyes and ears in the field, in the ambulance and understand what's going on with the patient. It allows our clinical teams to be thinking about, you know, what kind of STEMI does this look like? What should we be prepared for when this patient comes in the door?

00:08:06:02 - 00:08:31:27
Josh Neff
You can have a heart attack and still have pretty stable vital signs. You can also have a heart attack and be really, really sick with unstable vital signs. And so being able to communicate that to our team just allows them to mentally prepare for what's about to come through the door. You know, listen, I was doing pre-hospital care in the early and mid 90s, and we didn't have this technology and we serviced some real markets. And, this would have been a game changer back then.

00:08:31:27 - 00:08:52:23
Josh Neff
I know for sure that this technology is saving lives and impacting the people who live and work in my community, and that's important to me. That's why I'm passionate about being the CEO of this hospital. That's our role in this world, is to make sure that we're taking great care of our community in a way that's meaningful, and this is just another tool in our toolbox that allows us to do that.

00:08:52:25 - 00:09:02:29
Tom Haederle
Well, thank you so much for your description of what it offers and how you're putting it to use. And,thank you for the great care that you're offering your patients every single day. Really appreciate you being on Advancing Health today.

00:09:03:01 - 00:09:06:21
Josh Neff
Yeah, it's a pleasure. Thanks for asking us to talk about this.

00:09:06:23 - 00:09:15:05
Tom Haederle
Thanks for listening to Advancing Health. Please subscribe and rate us five stars on Apple Podcasts, Spotify, or wherever you get your podcasts.

00:00:00:03 - 00:00:17:05
Tom Haederle
Welcome to Advancing Health. Today we hear about how one health system has adapted elements of the National Hospitals Against Violence initiative to achieve a safer environment for both its workforce and for patients and families.

00:00:17:07 - 00:00:37:23
Jordan Steiger
Welcome to Advancing Health. My name is Jordan Steiger, and I'm the director of behavioral health and violence prevention at the AHA. I'm joined today by Tom Ahr, the senior vice president and chief human resources officer at Hospital Sisters Health System. And he is a member of the AHA’s Hospitals Against Violence Advisory Group as of this year. So, Tom, welcome.

00:00:38:04 - 00:00:38:21
Thomas Ahr
Thank you.

00:00:38:23 - 00:01:12:07
Jordan Steiger
Tom and his organization have been really instrumental in advancing safety and preventing workplace violence across the entire system. He and his team have done some incredible work, especially over the last few years, that the AHA has been privileged to kind of learn about and see grow. And we thought this was a great opportunity today to share this with our membership, because I think there's a lot of really, really good lessons learned, especially around things about coordinating violence prevention efforts across an entire system, improving outcomes for the workforce, and then, of course, for patients and families.

00:01:12:13 - 00:01:19:13
Jordan Steiger
So, Tom, to get us started today, can you just tell us a little bit about Hospital Sisters Health System and your role in the organization?

00:01:19:15 - 00:01:43:18
Thomas Ahr
Thank you Jordan. Hospital Sisters Health System is a Catholic health care organization. We're based in Springfield, Illinois. We have three primary locations. One is on the Illinois side of Saint Louis, one is in the greater central Illinois area. And then we also have hospitals and other care delivery settings in the Green Bay, Wisconsin area. We have 13 hospitals, and I am the chief human resources officer, HSHS.

00:01:43:20 - 00:02:05:22
Jordan Steiger
Great. And I think coming at this problem of workplace violence from that chief human resources officer position really positions you well to make impact across the entire system. And a lot of times we see clinicians taking on that role. And I think, you know, having you especially come on to our Advisory Group as a CHRO is really, we're really excited about that.

00:02:06:00 - 00:02:34:09
Thomas Ahr
I tell you, first, I'm very glad to be on the Advisory Group, but it's really interesting to see all the different roles and expertises that are involved in this really complex topic. And I think it speaks to the complexity of the issue at hand. As an HR professional for my career, we spend a great deal of time looking at what the experience of our employees and colleagues are and how we can optimize that. And what we recognize as of many organizations, in particular, health care organizations,

00:02:34:11 - 00:02:52:21
Thomas Ahr
violence at work is becoming too prevalent, and it was really harming our people and harming their ability to do what they came to health care to do, which is to provide care for others. So we see it, part and parcel with the work that we do to try to create positive work environments for everyone who is working here.

00:02:52:23 - 00:03:07:02
Thomas Ahr
And so naturally, and our organization fits into the HR space, but I can see where it fits into safety, security, nursing, other critical areas just as easily. Just happen to be one that that really gained traction for us at HSHS.

00:03:07:04 - 00:03:29:02
Jordan Steiger
No, that makes a lot of sense. And I think you mentioned it takes that interdisciplinary approach to really make this work and to enhance safety. I know that you and your organization have been doing a ton of work over the last few years, especially. And that's not to say you weren't doing this before, but you've really made huge strides on improving safety and kind of enhancing your programing around workplace violence.

00:03:29:03 - 00:03:37:22
Jordan Steiger
So tell us a little bit just about how you got started on this path and what was important to you as you were thinking about expanding some of your work?

00:03:38:00 - 00:04:08:09
Thomas Ahr
What was important to us was, was individual safety at work. And then we recognized that coming up with kind of individual solutions wasn't going to solve the problem, because it's so big and we're all feeling it, okay. And so we recognized the need for kind of systemic solutions for a dedicated effort to it. We had a no shortage of individuals, working very hard teams working very, very hard in response to it, to these situations.

00:04:08:11 - 00:04:29:22
Thomas Ahr
But we recognized we need more than that. As a leadership team, we're observing this. We were witnessing what was happening. We just recognized the need for more comprehensive solution, which really happened about 18 months ago for us. It's really when we decided to get serious around what we're going to do. And that initiated a number of activities that have led us to where we are today.

00:04:30:00 - 00:04:46:22
Jordan Steiger
So just to mention and build on what Tom was just talking about, we do have a case study coming out. The companion to this podcast, that is going to go into a lot more detail about some of the programs and approaches that Tom is discussing today. So if you're curious about anything, he's mentioning, that's a really good place to start.

00:04:47:01 - 00:05:08:20
Jordan Steiger
But thank you for, you know, telling us a little bit more about kind of what you're thinking was around that. One thing that has really stuck out to me, I think in all the work you've done, especially in the last 18 or so months, is your focus on prevention and training. So not just waiting for an event to happen, but really trying to empower your workforce to mitigate those events before they actually occur.

00:05:08:22 - 00:05:17:07
Jordan Steiger
What have you been doing to help your staff, you know, recognize signs of trauma, maybe identify behavioral health needs, things like that.

00:05:17:09 - 00:05:45:20
Thomas Ahr
The instances of violence are occurring every day and they're easy to see. And we do respond to those. And those are, what kind of gets the headlines in there. But what we've also recognized is that folks are living in, through trauma in other ways, and we need to spend the time to understand what it means to provide care in an environment where you may be, someone who was, is in other violent environments or is carrying other trauma with them.

00:05:45:21 - 00:06:03:05
Thomas Ahr
And so we look at it on both lenses, both that acute in-the-instant moment, but also what someone may be bringing to work. And we think around, you know, just some of the kind of core elements of trauma-informed care, but really recognizing and responding when we see these things occurring. So how do we actually do that?

00:06:03:05 - 00:06:25:19
Thomas Ahr
I mean, it's easy to say. We're big proponents here of a concept called mental health first aid. And actually, as we started this year, while we've had hundreds of leaders and colleagues take that certification, we have made that mandatory for all leaders, within our ministry. We want our leadership team, and we make available to all of our colleagues and our external partners as well.

00:06:25:21 - 00:06:56:07
Thomas Ahr
We want them to be able to recognize when someone may be suffering. It could be work-related. But I'll tell you, it's also home-related, community-related. And we want them to recognize that so they can help that person get to kind of on a healing path, whatever that might be for them. Certainly, mental health first aid isn't around providing that long term treatment, but at least recognizing when there may be a situation that can be addressed by addressing it, makes the colleague, makes the work environment, stronger.

00:06:56:08 - 00:07:03:22
Thomas Ahr
Is something that we want to give to all of our leaders so that as part of their role in managing others, they're looking after their welfare.

00:07:04:00 - 00:07:22:03
Jordan Steiger
I think that makes a lot of sense. And just like you said, that empowerment to understand that, like you are seeing someone on their worst day at their worst time, and that doesn't excuse violence, but it certainly, you know, helps you understand where they're coming from, maybe a little bit more. And that that leads to prevention, I think in some, some cases at least.

00:07:22:04 - 00:07:45:14
Thomas Ahr
You know, I think it does. And you try to think through, not only is it around recognizing it in someone on your team, but maybe even recognize it on that family member who's coming in, okay. And so it causes a different set of initial reactions there. And we think that's valuable, that you have that, that even if it's just a momentary pause to think about what is going on here,that's so preventative.

00:07:45:16 - 00:07:58:05
Thomas Ahr
Things can escalate very quickly. We, as do many other organizations, have de-escalation training and things on those, those rights. But this adds another layer to that that we think has been very beneficial for us.

00:07:58:07 - 00:08:13:06
Jordan Steiger
Absolutely. And I mean, mental health first aid is something that is out there in every community. And I think a really smart approach for your system to take, it's accessible. And it's evidence-based and we know it works. So I think that's an awesome example to share with other members.

00:08:13:08 - 00:08:33:12
Thomas Ahr
And I'll add to it, which is, from an HR guy here, it's not often that you get to offer a class or a program and you have waitlists. We do. And, so we don't have to promote it. It's being filled every time that we offer it. Matter of fact, we just going through what our schedule is for the rest of the first six months of the year.

00:08:33:12 - 00:08:51:14
Thomas Ahr
And we're full. We're thrilled for that. But it's one of the few things where people are asking to sign up. And when they walk out, they're sharing with others. So I encourage people to consider this as a great alternative and a great vehicle for this type of learning, and for the support you may want to provide within your hospitals.

00:08:51:16 - 00:09:10:22
Jordan Steiger
Absolutely. I think that's great advice to share. We know, though, that as much as we want to focus on prevention and everything,  that there are still going to be incidents, unfortunately, that happen. But I think the way that you and your team have kind of put some supports in place for your staff after incidents of violence is pretty incredible.

00:09:11:00 - 00:09:18:04
Jordan Steiger
So I was wondering if you could share a little bit about some of the work you've done to really support your staff after they experience violence?

00:09:18:06 - 00:09:37:11
Thomas Ahr
Yeah, I think the first and foremost thing that we have to do is to make sure that we're recognizing it when it happens. And so we put in a number of different processes and tools to make sure that it's initiating the next level of process, next level of action that occurs there. And those are very exciting, what we're doing.

00:09:37:11 - 00:09:58:12
Thomas Ahr
I'll share those with you in just a moment. But we need to make sure that that's getting entered into our systems and so that we can we can take action there. The thing that is kind of the most heartwarming of it all for us is recognizing that, particularly when violence happens at work, we do not want to re-traumatize that individual.

00:09:58:14 - 00:10:23:22
Thomas Ahr
And sometimes they need a little time away. And make sense if you are slapped or punched or something of that nature, I ask you to come right back to work. Probably isn't the best care solution that we could deliver in the moment, and certainly isn't respectful of the conditions that that colleague is facing. So we instituted last year, a different classification of time off, healing time away.

00:10:24:00 - 00:10:53:06
Thomas Ahr
And, much like many of you may have bereavement models or other of these kind of short-term periods of time where folks can take time away. We have funded and made available at this classification. So if someone needs the afternoon or the evening to reground themselves, or perhaps they need the next day off before they're ready to come back in there, they can take advantage of that without having to take time off for their vacation or their holiday or otherwise.

00:10:53:08 - 00:11:15:12
Thomas Ahr
I believe that we had an example right before the holidays, that it would have been a choice between taking holiday time away with their family or coming back to work and not being ready to do so. This was a fantastic bridge for them. You know, we had a concern that it might be overused and and it really it's not, it's been pretty, judiciously used, but we've had a number, I'll say it's more than

00:11:15:15 - 00:11:34:08
Thomas Ahr
I can count on my 10 fingers of times of which we've used it, and it's been of great value to those individuals. It's a terrific thing that we've done for them. And, and it really sets the stage better for their re-acclimation to work and for them to recognize their colleagues, to recognize that we do value and respect them.

00:11:34:10 - 00:11:50:17
Thomas Ahr
And knowing that this can be difficult. Now we do other things as well. I mean, we have, kind of care kits and, toolkits for leaders on how to check in with others. I already mentioned the mental health first aid to see if there's any lingering topics related to that.

00:11:50:19 - 00:11:59:10
Thomas Ahr
Care for colleagues is super important, and that's where we spend a lot of our time in the event these things occur. And we're not naive to believe that they're not occurring.

00:11:59:12 - 00:12:30:11
Jordan Steiger
I love this example, and I'm so glad you brought it up. If you didn't, I was going to ask you about it because I think this is something that other systems can really emulate. Like you said, everyone has a bereavement policy and, you know, others have maybe volunteer time away, things like that. You know, this is I think putting something in place really sends such a strong message to your workforce that you respect them as, you know, professionals, you respect their mental health, and their well-being, and you want them to be at their best so they can provide the best care to your patients, too.

00:12:30:13 - 00:12:50:15
Jordan Steiger
I have not heard of other hospital systems doing this. They might be out there. But I think this is a really, really shareable model. I'm so excited that you brought it up so others can learn from it. You mentioned a few things, like you wanting to make sure that, like, things are being reported and, you know, recorded as quickly as possible, you know, like events.

00:12:50:15 - 00:13:01:15
Jordan Steiger
How are you using that data and reporting and maybe even enhancing the amount of reporting? Because we hear from members a lot that, these events are kind of going unreported.

00:13:01:16 - 00:13:24:01
Thomas Ahr
Yeah. It's kind of hard to manage something that you don't understand how frequently they're occurring, and we know they're occurring. We know that they're occurring twice a day, okay. And I would not have known that otherwise. Now, this is the spectrum of different types of ways in which  violence is lived, okay. And so it's not always just the punch in the face.

00:13:24:01 - 00:13:46:18
Thomas Ahr
It could be other things as well. It could be harassment and bullying, lots of other different types of activities that really harm the individual. We do ask and we reinforce with our colleagues, with our leaders — report it. We need to know. And it's given us some great insights into certain things like, which units, at which type of day, which circumstance.

00:13:46:18 - 00:14:09:05
Thomas Ahr
For some reason, it's Thursdays, you know what are these things that are happening which allow us then to do other things with that, like, well, do we need to do different types of resource deployment? Are there certain conditions in place that are causing this to occur? How do we address those? We do meet monthly on this at a global level to say, what are we seeing and what should we do based on that.

00:14:09:05 - 00:14:28:17
Thomas Ahr
And that's with our security team. That's with our care delivery teams, just different groups across the organization. We say now that we know this, our quality teams, our risks teams, now that we know this — what should we do differently to try to prevent or try to mitigate, and try to address, what is going to be going on in our buildings.

00:14:28:19 - 00:14:43:21
Thomas Ahr
The more that we found as you do with many kind of quality events, the more that you you ask for reporting, the more that you get. This is always a good thing. We'd rather know than not know. And so we follow that same path that you would see as many quality folks and with more.

00:14:43:23 - 00:15:00:06
Thomas Ahr
And you want to get more of those so you can have good information to use to decide, what do we need to do? And what we need to do could be some of those examples that I just shared. But also, bigger picture things like advocacy, and speaking with  lawmakers and otherwise and law enforcement officials.

00:15:00:08 - 00:15:06:06
Thomas Ahr
How can we make changes that can support the care delivery that we want to support in our buildings?

00:15:06:08 - 00:15:25:06
Jordan Steiger
Absolutely. I'm glad you brought up thinking about partnerships and advocacy. I think that's such a key part of all of this. And, you know, one hospital or hospital system can't fix this problem alone. But it sounds like you're using the information you have to really make some positive changes. It's interesting how you say, you know, Thursdays for some reason.

00:15:25:08 - 00:15:41:13
Jordan Steiger
I don't know why, but I mean, that's good that you know that. And you can, you know, look at your work, you know, your staffing and understand how you can keep people safer. So that's awesome. As we're kind of winding down here, what is something that you're really proud of in all this work that you've done?

00:15:41:15 - 00:16:05:21
Thomas Ahr
I'm most proud of the way that the entire organization has leaned into it. And, we have monthly all-leadership meetings. Last calendar year, three of those meetings were dedicated to this topic. And usually there's two or three topics in those meetings. So it wasn't a one-time, here's an important initiative, let's everyone get on board.

00:16:05:23 - 00:16:33:23
Thomas Ahr
It is reinforced with regularity. I'm proud of our whole organization for saying this is a real concern, and we are focused on it for the long term. I'll say, secondly, the work that was done by our colleagues to help to rework our patient visitor code of conduct was transformational for us. It gave them a tool in the moment that they could use to change behaviors as they're occurring.

00:16:34:01 - 00:16:50:00
Thomas Ahr
And so I'm really proud that we were able to do that and to see it, when I round I go and look for that, is it visible? Is it viewable? Do the staff know where to find that? Have they had conversations with folks when they need to use it? Inevitably I do hear stories of it being used.

00:16:50:01 - 00:17:10:00
Thomas Ahr
So that shows that it's less of someone from the HR team in a corporate office doing something, to it is a tool that is practiced and is has having an effect in there. So it's very satisfying to see that occurring and knowing that's contributing to kind of de-escalating some of the issues that we're facing.

00:17:10:02 - 00:17:24:23
Jordan Steiger
I mean, it sounds like your whole system and workforce has really embraced this idea of safety. And I mean, that sounds like it's really coming from you and your team and your leadership and and going throughout the whole organization. So that's something I think to be extremely proud of.

00:17:25:01 - 00:17:44:07
Thomas Ahr
We have work to do. You know, violence is at epidemic levels in our society. And that's unfortunate. So we have to remain vigilant in it. I wouldn't say that we've got it right. We still are continuing to work on many different aspects of it, but we're proud to kind of turn the corner to say it's less of a program and more of a way in which we work,

00:17:44:07 - 00:17:46:07
Thomas Ahr
and that everyone's involved in it.

00:17:46:09 - 00:17:57:23
Jordan Steiger
I love tha. That's exactly what we should all be aiming for. Tom, thank you so much for being here with us today. It was a joy to learn a little bit more about your work, and I'm sure our membership is going to feel the same.

00:17:58:01 - 00:18:00:13
Thomas Ahr
Thank you, Jordan. Good luck to everyone.

00:18:00:15 - 00:18:08:22
Tom Haederle
Thanks for listening to Advancing Health. Please subscribe and rate us five stars on Apple Podcasts, Spotify, or wherever you get your podcasts.

00;00;00;01 - 00;00;17;26
Tom Haederle
Welcome to Advancing Health. In this second of a two part podcast, FBI leaders share details of a new national effort involving everyone to help defend against the latest malicious cyber threats that continue to plague all sectors of society.

00;00;17;28 - 00;00;48;13
John Riggi
Hello everyone. This is John Riggi, your national advisor for Cybersecurity and Risk at the American Hospital Association. Welcome back for part two of our conversation with FBI Cyber Division Assistant Director Brett Leatherman and FBI Office of Private Sector Assistant Director Gretchen Burrier to discuss all things cyber information sharing and AI. So, Brett, back to our discussion. We talked a little bit about the nation-state threats to criminal groups,

00;00;48;13 - 00;00;58;26
John Riggi
but some of the groups that are actually being used as proxies and being directed by nation-states. Can you tell us a little bit more about that connection?

00;00;58;28 - 00;01;29;11
Brett Leatherman
Yeah, we're really focused, John, on the blended threat right now. And that is, how nation-states are leveraging criminal groups and/or industry in their country to help facilitate their cyber network operations directed at the United States. And so we talked a little bit earlier about the PRC and this whole of society approach that they take. We have named companies in China who have helped procure access to US networks as a result of their hacking campaigns.

00;01;29;11 - 00;02;01;12
Brett Leatherman
Flack's Typhoon is an example of that, where they leveraged Integrity Technology Group, a company within China, to provide access to networks here in the United States. Assault Typhoon, one of the most consequential, the most consequential cyber espionage campaign launched against the United States was facilitated by multiple companies in China. And so we continue to see this blended threat where nation-states use these companies to facilitate that access, but they also work within the criminal ecosystem as well.

00;02;01;14 - 00;02;22;06
Brett Leatherman
DPRK is a great example of that, where they continue to do cryptocurrency thefts or place IT workers in networks here in the United States, remote IT workers. These groups are very aligned with criminal groups to understand tactics, techniques and procedures and how they can advance their geopolitical ambitions.

00;02;22;08 - 00;02;49;21
John Riggi
And we know first hand of the North Korean remote IT worker threat. Almost weekly, I received some report from a hospital or health system that they identified a suspicious remote IT worker and have limited their access, actually actually ended their access. And of course, we're concerned with the fact they have access, they're raising funds for their programs back in North Korea, potentially even nuclear weapons programs.

00;02;49;27 - 00;03;09;10
John Riggi
But the fact they have that access to steal data and/or deliver malware. Can you talk to us a little bit about threat hunting? What do you think some of the best practices are to identify the threats as well, in case they were already in our networks, both from the criminal hacker perspective and, from the nation-state perspective?

00;03;09;12 - 00;03;36;26
Brett Leatherman
Yeah. Well, first and foremost, we should be looking at the indicators of compromise that the FBI and our partners put out on a regular basis to identify where those emerging cyber threats are. So it's incredibly important to look at those joint cybersecurity advisories that we put out there that help you understand both the technical information and the contextual information to hunt through your environment and try to detect an adversary or to block at your perimeter some of the things that we see.

00;03;36;29 - 00;04;14;09
Brett Leatherman
But, you know, no podcast in today's day and age is complete without talking a little bit about artificial intelligence. We saw in November of this past year, Anthropic put out an advisory about the PRC's use of Claude, their artificial intelligence platform, to target industry. And what Anthropic put out was that 80 to 90% of the kill chain activity that happened there, from reconnaissance to identification of targeting to lateral movement, privilege escalation was done agentically through AI.

00;04;14;11 - 00;04;54;24
Brett Leatherman
And we've got to start to employ similar capabilities defensively to look at deviations in behavior. And that's where we have to move. And I know that no organization in health care is likely ready to apply artificial intelligence to the totality of its infrastructure. It's just too, too soon to do that. But there are ways that we can start surrounding key user accounts that have privileged access, key network devices or key data stores within our environments, and we can start to pull the logs off of those environments, run them through approved artificial intelligence devices to try to find those anomalies in behavior.

00;04;54;24 - 00;05;07;14
Brett Leatherman
And so behavior based detection is kind of the wave of the future. We're doing it now, but we have to do it much more efficiently through artificial intelligence. And we can start with baby steps doing that.

00;05;07;16 - 00;05;32;18
John Riggi
There is in a presentation, a discussion I have with leaders in the health care field where AI does not enter into the conversation. We talk about how the bad guys are very nimble and absolutely very quick to adopt AI. Takes us more time. Obviously we have to test it. We have to ensure that it does not corrupt our data or expose us to security and privacy issues for that data.

00;05;32;21 - 00;05;55;08
John Riggi
But I've always said I 100% agree with you, Brett, AI is fueling the next generation of the cyber arms race. We are not just at the beginning. We are, I think beyond that. And we've got to make sure we are using AI in our defensive measures just as the bad guys, as you said in the Anthropic report, which we published, are already using it to conduct these attacks.

00;05;55;10 - 00;06;18;21
John Riggi
Gretchen, the American Hospital Association, I've had this tremendous opportunity to work together with the FBI for the last several years. I've heard you describe our ongoing information exchange as the gold standard for private sector relationships. From your and the FBI's point of view, could you tell us why you believe that and what you believe the successes of our relationship have been?

00;06;18;24 - 00;06;41;27
Gretchen Burrier
Yeah, absolutely, John. You know, I do describe our relationship with the American Hospital Association as the gold standard because it reflects exactly what effective public private partnerships should look like. And I do talk about it all the time. I even brought it up at the SAC conference recently. But first, it is built on consistency and trust, right? We're not only meeting when there's a crisis and it is not transactional.

00;06;41;29 - 00;07;08;08
Gretchen Burrier
We have an established cadence of engagement that allows for real dialog with hospital CEOs and our FBI senior leaders. And to me, that continuity builds confidence on both sides. And second, right? It's genuinely two way. Hospitals are on the front lines of cyber threats, ransomware, foreign adversary activity. What they share with us helps the FDIC trends earlier and warn others before the damage spreads.

00;07;08;10 - 00;07;33;23
Gretchen Burrier
And in turn, the FBI has an ongoing dialog with them to ensure they're tracking various threats. What I see is the real roll up your sleeves, get to work action on challenges impacting this country's national security. And most importantly, John, the life of patients. I can't thank AHA and our nation's hospitals enough for the work that they do and for the willingness to lean in and work with us in the FBI.

00;07;33;25 - 00;07;47;14
Gretchen Burrier
I really think it's the combination of trust, continuity and real world impact where we're collaborating together on reports or other real time threats. That's why I consider it the gold standard.

00;07;47;17 - 00;08;12;02
John Riggi
Thank you, Gretchen. And to your point, we look not only to just meet and exchange information, but we've developed these ongoing projects. What will we do? What will we produce? And we will measure our impact on helping defend the health care sector. So again, thank you and your team so much for that. Now we have a great relationship at the national level which benefits the entire field.

00;08;12;04 - 00;08;21;29
John Riggi
But there's over 5,000 plus hospitals out there. How can hospitals on a local and regional level establish productive relationships with the FBI?

00;08;22;01 - 00;08;41;00
Gretchen Burrier
Sure. Look, hospitals can establish a relationship with the FBI by reaching out to their local FBI field office and asking for the private sector coordinator. And, of course, John, you're a great resource as well from your time in the Bureau. And I know that if any hospital reached out to you, I know you would assist them with an introduction as well.

00;08;41;03 - 00;08;50;04
Gretchen Burrier
And of course, at the end of the day, the Office of Private Sector, we also will get everyone connected with who they need to be connected with for whatever reason.

00;08;50;06 - 00;09;18;06
John Riggi
And again, we can't emphasize that enough. The FBI is always predisposed to help. And, one thing I do want to point out by contacting the FBI does not somehow place you at risk of regulatory exposure. The FBI is not a regulatory agency. Their job is to help you all recover from the attacks, to try to discover attribution, and really to provide you assistance during an attack.

00;09;18;08 - 00;09;33;01
John Riggi
Brett and Gretchen, what do you think the best way for the field, the hospital field, health care field is to contact the FBI in a true cyber emergency, like a ransomware attack, which is causing ambulance diversions.

00;09;33;03 - 00;09;50;26
Brett Leatherman
I know Gretchen mentioned, reach out to your local field office, and that is the best way to reach out. Now, we prefer to talk to you before a crisis happens. So I encourage everybody to reach out and get to know your private sector coordinator like Gretchen mentioned, as well as your cyber supervisor in your local field office.

00;09;50;28 - 00;10;17;23
Brett Leatherman
We take a victim-centric approach in everything we do. Our job in FBI Cyber Division is to impose cost on state and criminal adversaries. But an equal mission is to provide significant support and assistance to victims of cybercrime. And we can do that best when we have an established relationship with you. And that is through the private sector coordinator and your local cyber squad in your local field office.

00;10;17;23 - 00;10;42;08
Brett Leatherman
So, I would reach out in advance to have those conversations. But even if you don't have that relationship and you do suffer a cyber incident, reach out, have that conversation. There is value in bringing the FBI in. We protect information when it comes in. It's protected under law enforcement investigations. We don't share information that we get pursuant to those investigations with regulators.

00;10;42;08 - 00;11;06;29
Brett Leatherman
We don't make that information available publicly. We are bound by the Victims Rights Act, and we treat victims like victims. That is always been a part of our DNA and will always be a part of our DNA. The other thing that that does, though, is it allows an organization to reach out, say, this is what we're seeing. We have we have this particular ransomware attack in our environment.

00;11;07;01 - 00;11;34;01
Brett Leatherman
These are the IOCs, the indicators of compromise we see. And in the FBI, we can run that through our law enforcement holdings. We can check with our intelligence community partners. We have 22 cyber assistant legal attachés globally who sit with foreign partners. We can run those things through foreign partner visibility, and we can come back and we can provide additional information that helps with threat hunt containment and eradication activity.

00;11;34;01 - 00;12;00;25
Brett Leatherman
So as much as we want to pivot upstream against the actors, we also want to help organizations in containing the threat and getting back on their feet to help patients, which is the core mission of the hospitals. So, really, that is part of the value that we bring to reaching out. Every one of our 56 field offices have a cyber task force that is comprised of federal, state and local law enforcement partners, and they're there to help.

00;12;00;28 - 00;12;31;15
John Riggi
Such key points, Brett. And again, I think one of the key points that you made was the fact that by contacting your local FBI office doesn't mean that you'll just get the resources of that local office, perhaps in a remote area. It unlocks the resources of the entire US federal government and allied partners. All the agencies, all the intelligence communities will be notified of the attack, and then their resources and information will be brought to bear to assist your hospital.

00;12;31;15 - 00;12;50;13
John Riggi
Whether you're a multi state, multi-billion dollar system covering millions or lives, or you're a ten-bed critical access in a very remote area where the next nearest available hospital is 100 miles away. Gretchen, anything else to add on how our hospitals should contact the FBI during a cyber emergency?

00;12;50;15 - 00;13;11;03
Gretchen Burrier
You know, I think Brett said it perfectly. I would just again encourage you to reach out if you don't have that relationship and start building it today, because if a cyber incident hasn't happened, it probably will, unfortunately. And this way you've got a contact and hopefully that individual's contact information is in your cell phone. You can call them immediately

00;13;11;03 - 00;13;15;27
Gretchen Burrier
so no time is lost, because time is critical in an incident.

00;13;15;29 - 00;13;34;26
Brett Leatherman
Yeah. John, I would just add to what Gretchen was saying there that, it starts with the conversation and think about it that way. Because the FBI teams at the private sector coordinator level, the cyber level, even the special agents in charge and the assistant special agents in charge were happy to have a conversation. And there's no commitment beyond that.

00;13;34;26 - 00;14;02;10
Brett Leatherman
You don't have to feel like you're now committed to providing very sensitive information to the FBI. We're never going to ask for patient information or sensitive information. What we ask for is fully aligned with threat pursuit and victim response, and that is, you know, anonymized indicators of compromise, not PHI or anything like that. And so I would encourage folks, if you have questions, reach out, have that conversation to start with.

00;14;02;10 - 00;14;04;08
Brett Leatherman
And it's as easy as that.

00;14;04;11 - 00;14;30;24
John Riggi
Totally agree, Brett. And during that conversations folks will come to see the FBI are human. They're good folks. They want to help, such as yourselves. And it'll help allay some of those fears. Perhaps the legal folks might need to be involved to just assure them that you don't collect PHI. You don't need that. You don't need access to the service, and you would never tell a hospital not to restore because it's pending your criminal investigation.

00;14;30;26 - 00;14;39;17
John Riggi
So in a sense, the rules of engagement can kind of be worked out ahead of time. You don't want to have those questions during an emergency.

00;14;39;23 - 00;15;04;00
Brett Leatherman
To your point, like you brought up legal counsel. That is incredibly important in today's environment. It is often outside counsel in coordination with inside counsel, who kind of control the flow of data and information. And so the earlier you as a chief information security officer or network defender can have those conversations with your counsel and encourage them to engage the FBI in advance,

00;15;04;02 - 00;15;20;06
Brett Leatherman
the more ready you will be to share and receive intelligence on day one should there be a breach. And so incredibly important point is that counsel plays an a very important role in the bilateral sharing of information. And so bring them into those conversations early.

00;15;20;08 - 00;15;47;03
John Riggi
Absolutely agreed. And again, sensitizing them and helping them become comfortable to the relationship to the information sharing can certainly expedite recovery, quite frankly, with the assistance of the FBI and the federal government, Brett and Gretchen, want to thank you again for being here today, sharing your very important and salient points with us today for the benefit of the entire field, our patients and the nation.

00;15;47;03 - 00;16;07;27
John Riggi
And thank you both for what you do, and all the men and women in the FBI, every day to protect the nation and to our health care providers. Thank you for what you do every day to defend networks and care for patients and serve our communities. This has been John Riggi, your national advisor for Cybersecurity and Risk at the American Hospital Association.

00;16;07;29 - 00;16;10;12
John Riggi
Stay safe everyone.

00;16;10;15 - 00;16;18;24
Tom Haederle
Thanks for listening to Advancing Health. Please subscribe and rate us five stars on Apple Podcasts, Spotify, or wherever you get your podcasts.

00;00;00;04 - 00;00;16;07
Tom Haederle
Welcome to Advancing Health. Coming up in part one of this special two part conversation with FBI leaders, we learn about Operation Winter Shield, the FBI's new 60 day nationwide effort to protect against cybercrime.

00;00;16;10 - 00;00;43;24
John Riggi
Hello, everybody. I'm John Riggi, your national advisor for Cybersecurity and Risk at the American Hospital Association. What a great conversation we have lined up for you today. So proud and privileged to have two of my very good friends from the FBI here with me today to talk about the latest cyber threats and what we can do to help defend against the threats and how we share information with the FBI for the greater good.

00;00;43;27 - 00;01;03;26
John Riggi
So here with me today is my good friend, longtime friend, FBI Assistant Director Brett Leatherman, who leads the FBI's cyber division. We also have my longtime and good friend, FBI Assistant Director Gretchen Burrier who leads the Office of Private Sector. Thank you both for being here today.

00;01;03;28 - 00;01;05;15
Brett Leatherman
Thanks, John. Happy to be here.

00;01;05;18 - 00;01;09;16
Gretchen Burrier
Yeah. John, thank you so much for having us. It's really great to be here today.

00;01;09;18 - 00;01;19;23
John Riggi
Great to have you, Gretchen and Brett. Brett and I actually worked together in cyber division over ten years ago. Seems like a lifetime ago, right, Brett? So much has changed. Yeah.

00;01;19;26 - 00;01;22;01
Brett Leatherman
A lot changes in cyber in ten years.

00;01;22;03 - 00;01;45;00
John Riggi
Right! Sometimes it seems like in ten minutes, it changes. Brett, if I could start off with you - again, thank you for being here. And, coincidentally, at the time of this recording, you and the FBI have announced the launch of Operation Winter shield. Could you tell us a little bit about that and why it's relevant for the nation's hospitals?

00;01;45;02 - 00;02;15;06
Brett Leatherman
Thanks, John, and thanks for the invite to participate in the podcast. Operation Winter shield launched February 1st and it's a 60 day campaign to defend the homeland against malicious cyber activity. What's unique about Operation Winter shield is most FBI enforcement action or operations involves federal, state and local partners in support of, you know, reducing violent crime or some sort of enforcement action that the FBI has jurisdiction in.

00;02;15;08 - 00;02;55;21
Brett Leatherman
Operation Winter Shield is different in that it requires all of us, everybody listening to this podcast, to come together and work together to reduce risks to critical infrastructure, to health care and to the homeland from both state  and criminal cyber actors. So what it does is it distills the FBI's visibility in this space, pursuant to our law enforcement and intelligence community mission, into the top ten controls that we recommend organizations apply to their environments. Based on that work that we do,  today 95% of the breaches continue to exploit one of these controls, at least one of these controls.

00;02;55;23 - 00;03;26;23
Brett Leatherman
And so we believe that really spending the next 60 days firming up the ability to defend against these attacks by advertising these controls to Fortune 100 organizations, down to small mom and pop businesses, and especially in health care, can measurably move the needle and increasing resilience against these cyber attacks. The one thing I would add is that we know that nation states in general who target us now use a whole of society approach to target the homeland through these cyber operations.

00;03;26;23 - 00;03;37;14
Brett Leatherman
And this requires a whole of society approach to defending it. And this is meant to pull all of us together in support of that national defense and national security mission.

00;03;37;17 - 00;03;59;21
John Riggi
You and I have chatted many, many times - and Gretchen, over the years - of the value of private sector cooperation. I love this expression whole of society. We used to talk about a whole of government approach. But you're absolutely right. Private sector must be a partner with the government on these task forces to help defend the nation. Whole of nation, whole of society approach.

00;03;59;23 - 00;04;10;07
John Riggi
Brett, getting back to Operation Winter shield just briefly, could you give us a sampling of let's say, maybe the top five controls that you think all critical infrastructure should implement?

00;04;10;10 - 00;04;39;23
Brett Leatherman
Yeah. And none of these are going to come to a surprise to many folks, right? The issue is we continue to see the actors exploiting these. So things like adopting phish resistant authentication - incredibly important. Implementing a risk based vulnerability management program. Incredibly important. We continue to see nation state actors targeting end of life edge devices. So one of the controls is understanding how to track and retire end of life technology on a defined schedule.

00;04;39;23 - 00;05;03;22
Brett Leatherman
And for health care, that's incredibly important. Health care continues to be, you know, according to a lot of reporting out there, the number one targeted entity within critical infrastructure, I saw one report that showed the average cost of a data breach within health care is $7.42 million. And so there's a low tolerance for downtime because there is patient and life safety implications.

00;05;03;22 - 00;05;21;02
Brett Leatherman
So, for example, control number six within Winter Shield is maintain offline in immutable backups. That is incredibly important for health care when it comes to resiliency in being able to get, you know, health and safety data in systems back online during a breach.

00;05;21;04 - 00;05;46;00
John Riggi
Totally agreed, Brett. In fact, when the AHA, myself worked with the previous administration to help develop the cybersecurity performance goals version 1.0, what we did is we looked at the threat reporting coming from the FBI. And so as I said, let's look at how we are getting beat. And it's the same controls that, that you just described as the best mitigating practices. Challenge for us in health care for all our listeners,

00;05;46;00 - 00;06;10;05
John Riggi
you all know this better than I, is the financial constraints that we are faced with as well. We know what to do. This reinforcement from the FBI really gives validation to that, but within an operating environment under severe financial pressure. Brett, you just mentioned the nation-states. Talk to us a little bit about China and their typhoon campaigns targeting critical infrastructure.

00;06;10;07 - 00;06;30;16
Brett Leatherman
Yeah, we talked about these end of life devices. And if you look at Vault Typhoon, Flax Typhoon, both campaigns between 2024 and 2025 that are PRC sponsored campaigns, they target those end of life devices. The reason they do that is those devices sit here in the United States. They're global botnets, but the ones that are have real impact

00;06;30;16 - 00;06;57;25
Brett Leatherman
here are devices that sit here in the US. They sit on trusted IP space within the United States, meaning the actors can quickly pivot from that space to target other organizations like health care. So the PRC understands that the path of least resistance is the way to go. They don't want to deploy their most sophisticated capabilities when they can start to target things that these controls are meant to address.

00;06;58;01 - 00;07;10;18
Brett Leatherman
You know, it's incredibly important that we come together and really understand how we plug those gaps in our exposed infrastructure to reduce the likelihood of compromise.

00;07;10;20 - 00;07;31;06
John Riggi
Really key point you made. China and Russia around North Korea as sophisticated as they may be, they're not using highly sophisticated zero days to attack us. That's why these basic controls are so important to help mitigate the threat. Getting back to nation-states a little bit, we talked about China. What about Russia, Iran and North Korea?

00;07;31;09 - 00;07;57;14
Brett Leatherman
Yeah. Critical infrastructure is a target for each of those entities for a variety of different reasons. Number one, for organizations who want to pre-place capability in the United States, health care is a key area to do that, right. And so the electric grid, the financial services sector, health care, all of those areas would have real impact should a nation-state decide to launch some sort of cyber attack against the homeland.

00;07;57;14 - 00;08;23;09
Brett Leatherman
And so each of these nation-states possess different capabilities in this space, but each of them will also follow the model of that path of least resistance. And it doesn't matter if these are actors sitting in Iran, if they're actors sitting in North Korea, in Russia or China, they're going to continue to target credentials, stolen credentials, for example, to get into environments where there's no multi-factor authentication.

00;08;23;09 - 00;08;41;03
Brett Leatherman
So if there is remote access to your environment, every one of these state actors on top of criminal actors are going to target that. Same with the end of life devices. They're going to target those because they're easy to get into. And so each of these actors are sophisticated, but often they won't take the sophisticated way

00;08;41;03 - 00;08;43;09
Brett Leatherman
in if they can target one of these controls.

00;08;43;11 - 00;09;10;14
John Riggi
Great points. And again, pointing out to everyone at this time of the really increased geopolitical tensions, with all of these nations China, Russia, Iran, North Korea. Understanding that they do possess first world, highly sophisticated cyber capabilities. And the question is, will they use that against us or some proxy at their direction to launch some type of un-attributable attack, things we're all concerned about.

00;09;10;21 - 00;09;44;28
John Riggi
But I appreciated your advisory in early December, talking about pro-Russian hacktivists being directed by the Russian military intelligence service, the GRU. We in health care and hospitals need to understand the geopolitical risk environment because it directly translates to cyber risk. Brett, last question for you at this moment. We talked about the disruption to health care delivery by particularly these Russian-based or Russian speaking ransomware groups that disrupt and delay healthcare delivery, posing a direct risk to patient and community safety.

00;09;45;01 - 00;09;53;08
John Riggi
Can you talk to us a little bit about the most significant Russian groups or ransomware groups that the FBI's tracking at the moment?

00;09;53;10 - 00;10;19;06
Brett Leatherman
I appreciate that question because the, ransomware groups operating globally, continue to target the underlying ecosystem of health care. Meaning, where they can identify points of targeting that is not just one hospital, but has cascading impact across health care, hospitals, pharmaceuticals, they'll target that. And so we've seen attacks in the past. Change Healthcare as an example.

00;10;19;12 - 00;10;41;26
Brett Leatherman
So these supply chain breaches are incredibly important. And that goes back to one of our Winter Shield advisory statements, which is to analyze third party risk, to understand the third party's web access to your data in your systems and your networks and work with them to build resilience there. It's incredibly important that we also assess detection capability.

00;10;41;26 - 00;11;05;28
Brett Leatherman
We're so focused sometimes on prevention, and we do want to prevent cyber attacks from happening. But we've also got to detect the adversary when they get in. We can't stop them 100% of the time. And these groups are very good at in some cases, for example, scattered spider socially engineering their way into our helpdesk, getting legitimate credentials and getting into our environments.

00;11;06;00 - 00;11;26;18
Brett Leatherman
So if we can focus on detecting them earlier, it's incredibly impactful to reducing that blast radius. In health care, I think it's over 270 days on average it takes right now to detect an actor in a health care environment. And so we've got to reduce that dwell time significantly.

00;11;26;21 - 00;11;51;22
John Riggi
Totally agreed, Brett. And this again, the continuing threats that we face wholesale here, third party risk is a major area of risk exposure we talk about constantly. We can do the best we can to defend our own systems and networks. Then we get exposed to these third party technology and service providers and supply chain. Gretchen, turning to you, given all these threats that Brett just described,

00;11;51;23 - 00;12;00;16
John Riggi
can you tell us about your division's extremely important mission in helping carry these threats and the value of information sharing with the private sector?

00;12;00;18 - 00;12;24;23
Gretchen Burrier
Absolutely. And first, John, it's a privilege to be on your podcast. I love listening to it regularly. So to be on your show, it's very exciting. But to answer your question, you know, the reality today is that the front lines of national security, they're increasingly running through the private sector, whether it's cyber intrusions, ransomware, intellectual property or, you know, foreign malign influence.

00;12;24;25 - 00;12;51;17
Gretchen Burrier
U.S. companies are often the first to see these threats and sometimes the first to feel the impact. So the mission and focus of my team and the FBI's Office of Private Sector is to make sure these companies don't face those threats alone. We serve as the connecting bridge between the FBI's operational divisions and the businesses that own and operate, you know, the systems, the data and infrastructure our country relies on.

00;12;51;19 - 00;13;11;20
Gretchen Burrier
And if you don't know who to connect within the FBI, you can reach out to our team and we'll make sure you get the help you need. We also have in the FBI private sector coordinators, at least one in every field office across the country. You can pick up the phone, call the field office and ask to speak to the private sector coordinator for help and assistance.

00;13;11;23 - 00;13;43;28
Gretchen Burrier
They're the best at what they do, and they fully believe in partnering with industry. And just to touch on your comments about, you know, information sharing. It's at the heart of what we do and it's at the heart of our work. When companies share what they're seeing with the FBI, whether that's a suspicious cyber incident or unusual activity on their networks, Brett's team can connect the dots across sectors and across investigations, and that allows the FBI to provide contacts to warn others, disrupt adversaries, and in many cases, prevent the next victim.

00;13;44;00 - 00;14;11;19
Gretchen Burrier
And at the same time, you know, OPS is dedicated to giving value back through threat briefings, various engagements, webinars, other tailored information so that companies can make better risk decisions in real time. And we do this, of course, in coordination with our operational divisions. Just to give a quick plug too, we have two key partnership programs to the Office of Private Sector, the Domestic Security Alliance Council and Infoguard.

00;14;11;22 - 00;14;32;10
Gretchen Burrier
And those wishing to learn more can visit dsac.gov and info guard.org. Brett and I really do see this is a two way partnership. And John, I know you do as well. And when the private sector and the FBI work together, we're faster, we're more resilient, and we make it harder for criminals and foreign adversaries to succeed.

00;14;32;12 - 00;14;57;21
John Riggi
Thank you Gretchen. Appreciate your continued support. And for all of the private sector coordinators in the field, everywhere we go and we go a lot of places to help hospitals, we invite the FBI, we invite CISA, we invite Secret Service. The Office of Private Sector coordinators have been outstanding. Just recently, I did a four hour exercise for the leadership of one of the largest health systems in the country.

00;14;57;21 - 00;15;22;11
John Riggi
Over 100 C-suite executives there. Two FBI agents from the local field office stayed the entire time and really contributed significantly. So you talk about the partnership. It is real world, side-by-side. And the reality is a lot of the expertise and experience and evidence and Intel lies with the private sector on our networks. So it really is a tremendous partnership.

00;15;22;13 - 00;15;45;04
John Riggi
Brett and Gretchen, thanks for an amazing conversation. We have so much more to discuss. I think what we're going to do is part two of this amazing conversation. So for our listeners, stay tuned for part two. Until then, Brett and Gretchen, thank you and all the men and women of the FBI for what you do every day to secure our nation and health care. And to all our frontline health care heroes

00;15;45;04 - 00;15;54;03
John Riggi
thank you for what you do every day to defend our networks, care for our patients, and serve our communities. Stay safe everyone.

00;15;54;05 - 00;16;02;17
Tom Haederle
Thanks for listening to Advancing Health. Please subscribe and rate us five stars on Apple Podcasts, Spotify, or wherever you get your podcasts.