With all the valid concern around #llm and #genai power and water usage, I thought I'd start a blog series on tiny LLMs. Let's see what they can do on real tasks on very power efficient hardware.
The impact from smaller opensource LLMs like Llama3-8B and Phi-3 could be large. They are not necessarily the best and smartest models but can be easily integrated in software on every device and platform. Also they can be finetuned, improved with RAG to function better for specific tasks and in specific contexts. Exciting times ahead. #opensource#LLM#AI#Llama#Phi
Proving once again what lying bastards they are, #LockBit hit St. Anthony Hospital (Chicago) on December 18 and exfiltrated some patient data. The hospital hasn't confirmed how much yet, and they make no mention of any #encryption of files. LockBit seems to be demanding $800k ransom/extortion to delete the files.
Tell me your #LLM has been trained using cishet data, not vetted for diversity & inclusion, without telling me your LLM has been trained using cishet data & vetted for diversity & inclusion. #Phi#Phi2
On Christmas Eve, Integris Health in Oklahoma was sending emails to patients and issuing notices about an attack by threat actors in November who were allegedly contacting patients directly.
According to their notices, the threat actors did not lock/encrypt anything but did exfiltrate files with #PHI
Affected #PII and #PHI of Clay County residents as well as other Minnesota counties' residents who used Social Services.
Interesting disclosure in terms of sharing investigation details. It doesn't come out and say directly whether they paid or not, but tells people they can request the full investigation details report.
The Perry Johnson & Associates (PJ&A) breach that affected 1.2 million patients of Cook County Health in Illinois also affected millions of Northwell Health patients on Long Island,
PJ&A is a medical transcription service so lots of #PII and #PHI appear to be involved in this one.
The actual breach/exfil occurred months ago. So far, I've not found any attribution, any indication of any extortion/ransom demand, or any group claiming responsibility for this one.
Repeat after me: "Date of discovery" does NOT mean the date you completed any investigation. It is the date on which you first knew or reasonably should have known that you had a breach of unsecured PHI.
It is not a huge breach as breaches go, but Sightpath Medical's breach notification raises a lot of questions about compliance with HIPAA's Breach Notification Rule. I hope #HHSOCR investigates this one.