Yet another NHS cyber-vulnerability: fax machines

click to enlargeNow fax machines are hackable, say the white hats at Check Point Research. Your GP or doctor thinks they are safe, but their protocols haven’t been updated since the Big ’80s. Check Point found that all a hacker needs is the fax number to hack into one. 

The ‘how to’ is in the article. New ‘all in one’ printers which are connected to phone lines and wirelessly to networks can receive a malicious fax as an entry point into the network. Data is then exfiltrated through another fax as illustrated above left. Check Point’s study cited the HP OfficeJet Pro All-in-One fax printer but others would be vulnerable as well. Online electronic fax numbers may also have problems.

NHS’ census, released via a FOIA request, indicates it uses 9,000 fax machines. NHS has minimized the risk they present. HP has since issued security updates for its fax printers. Also Digital Health. 

Despite recruiting, Babylon Health’s GP at hand still on hold in Birmingham (UK); CEO steps down at rival Push Doctor

GP at hand, Babylon Health’s NHS app and service for scheduling patients with local GPs, was expected to roll out in Birmingham, but the Hammersmith and Fulham CCG, from which Babylon operates, continues to halt its the expansion since the beginning of this month on patient safety concerns.

The app, which schedules patients with GPs and requires registration that effectively changes what we in the US call ‘attribution’, was set to add GP surgeries in Birmingham starting this month and was setting up an HQ at Badger House, an out-of-hours GP services provider based in Birmingham’s inner city. GP recruitment had started, according to Pulse, in late July. Patients would register in Babylon’s host practice Dr. Jefferies and Partner in southwest London through NHS’ out-of-area registration scheme.

The objections to Babylon’s expansion came initially from Paul Jennings, the chief executive of Birmingham and Solihull CCG. According to Digital Health, “he wrote to Hammersmith and Fulham to lodge a formal objection to the expansion. He argued the digital service was “not yet robust or tested for a national service to be delivered from a single practice outside of Birmingham”. Hammersmith and Fulham then stated that “further information is required to provide assurance on the safety of patients” before the Birmingham roll-out could be approved. 

This is despite the release of a equality impact assessment by Verve Communications on behalf of Hammersmith and Fulham finding mainly positive results, such as GP at hand “more likely to address most barriers than traditional GP services” in 10 out of 11 protected groups” and that “carers may benefit from [the] use of GP at Hand as this will allow them to consult a primary care practitioner whilst continuing with their care responsibilities.” The new Health Secretary Matt Hancock, a major advocate of technology in care, is himself registered with Babylon. Mobihealthnews

(If you are in the UK, you can hear it straight from Babylon’s CEO Ali Parsa, interviewed by Roy Lilley of nhsmanagers.net, on 10 September at the RSM.)

Rival telemedicine service Push Doctor is also undergoing changes with CEO and co-founder Eren Ozagir’s departure. It appears that he and the board had a difference around company direction, with the board recommending a cut of 40 jobs (Sunday Times). Their COO, Wais Shaifta, became acting CEO in July. In June 2017, a report by the Care Quality Commission (CQC) found the service to be delivering unsafe care via antidepressant and blood thinner prescriptions being given without requisite blood tests and monitoring. Digital Health

France officially enters the telemedicine world

By ministerial decree for the 2018 social security financing law, France starts deploying telemedicine both for doctor-patient consults (teleconsultation) and ‘telexpertise’ (between health professionals) starting on 15 September. The latter will be defined in stages by 2020.  For instance, from 2019 it will be deployed for long-term conditions (ALD), rare disease patients in sub-dense areas or in long-term care homes or inmates. “In this context, they agree to define the scope of these acts and their rates as well as their methods of implementation and billing.”

The rest of the teleprofessional deployment calendar will be defined before the year 2020. The full bill is printed here (in French, of course) Agir-Telemedecine.org

Embedding microchips in workers–does this have potential in healthcare?

It’s not just for pets anymore. Embedding microchips for various purposes subcutaneously in people is a bit of technology that appears to be gaining traction. The employees of Three Square Market, a company that provides self-service mini-markets in commercial settings such as hotels or company breakrooms (what in this Editor’s airline days we dubbed ‘the iron kitchen’ or Ick) are happily planting chips in their skin to ID themselves into the office, onto their computers, and buy lunch in the company café. About the size of long-grain rice, they have no power source other than that supplied by an external RFID reader. About 80 employees of Three Square Market now have it, having started with 30 a year ago. It also seems to have caught on in Sweden.

In the glowing MIT Technology Review article, there seems to be little concern that the chip might have a long-term health effect even as minor as a cyst or fibroma, being that it is a foreign object. Chips could also be ‘pinged’ to detect location or download information.

Of interest in the healthcare area are the following:

  • Three Square’s president, Patrick McMullan, stores some health information on his chip
  • Three Square is also investigating the hot area of hand hygiene in hospitals. During this month into September, they are testing RFID bracelets at two hospitals in Fort Wayne, Indiana and Hudson, Wisconsin that verifies when doctors and nurses wash their hands using the proxy of turning on a sink through the sink’s RFID reader. 
  • Embedding chips in hospital and LTC staffs could increase areas such as hand hygiene, enforce security in restricted areas, and provide data for task or time/motion studies.

Rutgers develops wristband wearable that uses biosensors to count blood cells, bacteria, and air particles

click to enlargeResearchers at Rutgers University-New Brunswick (NJ) have developed a wristband with a biosensor that can count particles, including blood cells, bacteria and organic or inorganic particles in the air. The cuff-sized wristband has a circuit to process electrical signals, a micro-controller for digitizing data and a Bluetooth module to transmit data wirelessly to a smartphone app for further analysis. The blood count has to be done through pinpricks that funnel the cells through a channel thinner than a human hair to the biosensor.

From the articles, it appears the technology would be an add-on extending the capabilities of other sensor-based wearables. For instance, blood count monitoring could add another diagnostic parameter to traditional devices for chronic conditions and be used in diagnostic tools in remote or battlefield settings. Environmental analysis of air particles could be used for allergens or potentially toxic environments. Bacterial analysis could be used in potentially infectious settings or diagnosis. Rutgers Today,  Microsystems & Nanoengineering, Mobihealthnews

What Best Buy’s $800 million cash purchase of GreatCall connected health/PERS really means

Have health and connectedness services for older people finally made it out of the pumpkin and to the ball? GreatCall’s market doesn’t make for great cocktail party buzz or TEDMED talks. It’s emergency response with Jeopardy’s Alex Trebek presenting 5 Star emergency service bundled in a Jitterbug flip or smartphone (made by others). It’s made intelligent acquisitions. taking some of the tech developed by Lively to develop wearables that are quite presentable and by Healthsense for the senior living market. It’s been a leader in how to make both traditional direct marketing (DRTV, print) and digital work for an older market. Somehow, it’s managed to accumulate over 900,000 paying customers, which proved to be very attractive to first PE firm GTCR and now Minneapolis-based Best Buy, which with GreatCall has made its Biggest Buy.

GreatCall will remain a separate division with the same CEO (David Inns, with them since their 2006 founding) and remain HQ’d in San Diego. The transaction is expected to close by end of the third quarter of Best Buy’s fiscal 2019, subject to regulatory approvals.

Best Buy in the US has remained the #1 electronics ‘big box’ store that, like most retail, has stumbled about and come back from the brink. Their purchase of GreatCall, a partner for many years, reinforces a strategy they’ve worked on for a while in featuring health and wellness-related products to what CNBC calls ‘an aging population’ as part of ‘solving technology problems and addressing key human needs across a range of areas.’ GreatCall, as noted above, has a superb track record in direct marketing to that group. (In this context, the former Healthsense B2B play is limited–some of the feedback that this Editor’s received is that GreatCall stumbled out of the gate with Healthsense customers with a lack of understanding of the LTC/senior housing market dynamics. Long term, it seems out of phase with Best Buy’s direction in a way that consumer-oriented Lively is not.)

Will that talent spill over to and influence the rest of Best Buy’s business? Will Best Buy successfully carve out a niche which is relatively resistant to the predations of Amazon (which also sells a lot of health tech) and other online retailers? Is this niche big enough to support this Big Box Retailer? Seeking Alpha, press release, Mobihealthnews

OpenEMR’s security flaws threaten millions of patient records; McAfee successfully alters vital signs reporting into monitoring systems

The OpenEMR system, which is an open-source patient record system used in UK hospitals and others worldwide, has dozens of security flaws in its software, according to Project Insecurity, a London-based “tight-knit computer research organization which focuses primarily on educating the masses on the topics of information security” according to their corporate description on LinkedIn. According to their report, Project Insecurity found vulnerabilities including: “a portal authentication bypass, multiple instances of SQL injection, multiple instances of remote code execution, unauthenticated information disclosure, unrestricted file upload, CSRFs including a CSRF to RCE proof of concept, and unauthenticated administrative actions.”  OpenEMR has stated that they have now supplied patches to fix the vulnerabilities listed in the report. However, these multiple flaws put potentially millions of patient records at risk for some time.

OpenEMR’s decentralized model has some drawbacks when it comes to security. According to OpenEMR, they do not know how many organizations are affected as the open-source software has voluntary registration. Patches and security fixes are announced to the registration list, the OpenEMR’s online forum and social accounts, the open-emr.org community, and OpenEMR vendors. While no data has been publicly exposed, the Project Insecurity report revealed this system’s risk to the healthcare organizations which use it. Also DigitalHealth and Project Insecurity on Twitter.

McAfee has confirmed another vulnerability–that vital signs reporting into a central monitoring station can be altered in real time. They tested a circa 2004 bedside monitor/central monitoring system reportedly still in use. The system monitored heartbeat, oxygen level, and blood pressure, used both wired and wireless networking over TCP/IP, and appeared to store patient information. The central monitoring station ran Windows XP Embedded, which presented one set of flaws, but far more accessible to a breach was the communication from the devices to the central monitoring system. In short, “the attacker simply has to send replacement data to the central station while appearing as the patient monitor.” The article proves vital signs can be altered by the time they reach the central monitoring station to create a bad diagnosis, unnecessary testing, and unneeded medication. The McAfee article lays out How to Mess With Vital Signs, Believably.

Late summer and early autumn event updates: Save 20% on Connected Health Summit, SEHTA Health + Space, Lilley’s talk with Ali Parsa, PATH Summit, Connected Health Conference, HealthIMPACT

It’s always a little sad to realize that summer is winding down. Some (like your Editor) stretch the summer past Labor Day (the DMZ in the US) into early autumn, taking the philosophy that woolies are way too warm till November. Here are eight substantial events on your calendar to look forward to:

Connected Health Summit, 28-30 August next week, San Diego–Readers Save 20%!

Parks Associates have offered our readers 20% off registration at ‘Connected Health, Independent Living and Engaging Consumers’, the fifth Connected Health Summit organized by Parks Associates. The conference will analyze the roles of connected health technologies and innovations in driving changes in consumer behaviors and business models. Lead speakers are from IBM Watson Health, Alarm.com, Uber Health, and Qualcomm Life. More information and registration here. As a preview, download their latest white papers:  Market Snapshot – Consumer Health Attitudes and IoT Home Living Features and Sleep Tech and IoT. #CONNHealth18

Healthcare and Space Funding Call Brief, 4 September, Cocoon Networks, 4 Christopher Street, London, EC2A 2BS, 10:00 – 13:00

Sponsored by SEHTA, The Knowledge Transfer Network, and MedCity, this will cover funding opportunities for converting innovation from the space sector, from exploration to satellite communications, to new solutions for the health sector and medical applications that improve NHS treatment and care. At this event attendees will hear about them plus have the opportunity to network with organizations from both the health and space sectors. This event is part of the MedTech London programme supported by the GLA. For further information, contact Clare Ansett, Head of Communications, SEHTA

Health Chat with Ali Parsa of Babylon Health, 10 September, RSM, 1 Wimpole Street, London (new venue!)

This Health Chat conducted by Roy Lilley of nhsmanagers.net promises to be eventful. “Has the tide turned in primary care? What effect might Babylon produce? Who are the beneficiaries? What is the future for the traditional primary care GP model?” Tickets are a modest £19.95 – £39.95 and are going quickly. Sponsored by UK HealthGateway, the publishers of nhsmanagers.net. Register here.

PATH Summit, 30 September – 2 October, Omni Shoreham Hotel, Washington DC

Those of us who wondered what long-time CEO Jonathan Linkous of the American Telemedicine Association has moved on to now have their answer: CEO of PATH, the Partnership for Artificial Intelligence and Automation in Healthcare. Their first Summit will attempt to answer questions like: “Is artificial intelligence, automation, robotics and sensors the future of healthcare or a passing fad?” It will cover AI innovations, best practices, and barriers to beware (boo!) Find out more and register here, but this Editor’s advice (not that it will be taken) is to drop the silly home page quote from the buffoonish and irrelevant Mark Cuban. 

Connected Health Conference, 17-19 October, Boston

The second year of the combined PCHAlliance Connected Health Conference and the Partners Connected Health Symposium at the impressive Seaport World Trade Center kicks off with co-located conferences followed by two full days of events and expo. Preview it and register here

HealthIMPACT has three events from September into December:

HealthIMPACT Midwest – Rev1 Ventures, Columbus, OH, September 27

NODE.Health Evidence in Digital Medicine Roundtable – Microsoft Technology Center Boston – October 16

NODE.Health Digital Medicine Conference – Microsoft Technology Center, New York, NY – December 5-7

Who’s available? A young graduate in telemedicine/eHealth studies seeks opportunity

Maceline (Mimi) Kadurira is finishing up her MSc in eHealth & Tele-Medicine at Rome (Italy) Business School. She is seeking a position where she will gain additional exposure to various aspects of telemedicine, eHealth, and social sciences where she has an honors degree from Africa University in Harare, Zimbabwe.

Some points she would like to highlight re her suitability for a new opportunity:

  • Volunteer involvement. I have volunteered with Inspire Tutors as Communications and marketing Organiser helping with writing and maintaining company blog and spearheading campaigns and marketing awareness programmes and providing one-on-one coaching children and youths with developmental disabilities, including counseling. I also implemented individualized learning plans for students with intellectual disabilities. Shadowing case managers and attending mental health meetings was an incredibly beneficial experience during my volunteering time.
  • Professional experience. As a student (Intern) a full year as Human Resources Assistant, compiling time sheets, risk management, helping in the recruitment process, filing, data entry and general confidential information handling/maintenance.
  • E-Health and Telemedicine Management. Courses include Electronic Medical Records, Chronic Disease Management, Best Practice, Clinical Decision Support Systems, ESA activities in Telemedicine (space technology for downstream eHealth applications) Protection of personal data in eHealth, Standards and Interoperability.

Can your growing organization use Mimi? Contact Details: macelkaduri@yahoo.co.uk  Her CV is here

More good news for telehealth, RPM in FCC approval of $100M Connected Care Pilot Program

The Federal Communications Commission (FCC) moved relatively quickly to approve the Connected Care Pilot Program, approving broadband-enabled telehealth and remote patient monitoring services in underserved rural and remote areas. Funding for the program has been pegged at $100 million. The approval was unanimous on the program proposed by FCC commissioner Brendan Carr and Mississippi Sen. Roger Wicker.

CCPP will provide $100 million for subsidies to hospitals or wireless providers running post-discharge remote monitoring programs for low-income and rural Americans. An example is those run by the University of Mississippi Medical Center. The goal is to lower same-cause readmissions and improve patient outcomes. [TTA 13 July] Hearings late last month also were structured to support the program and start to fill out the details for a 2019 start [TTA 1 Aug].

Public comments are now open for a 2019 start to the program (see FCC website–look under Connect2Health which is the umbrella site for this and similar programs). Commissioner Carr had to look no further than the VA to see how Home Telehealth and other remote monitoring programs worked to drive down cost and improve patient outcomes. VA Health’s remote monitoring program cost $1,600 per patient compared to $13,000 for traditional care in one study. The trick is now translating this into an open system.

This is a nice boost to both real-time video and asynchronous remote patient monitoring in market development (and getting paid) in areas of great need. It’s also another Federal signal (so to speak) for 2019, following the proposed Medicare Physician Fee Schedule’s increased payments and broader applicability for both.  mHealthIntelligence, Mobihealthnews, FCC Release Hat tip to reader Paul Costello of Medopad.

Coffee break reading: a ‘thumbs down’ on IBM Watson Health from IEEE Spectrum and ‘Der Spiegel’

In a few short years (2012 to now), IBM Watson Health has gone from being a 9,000 lb Harbinger of the Future to a Flopping Flounder. It was first MD Anderson Cancer Center at the University of Texas last year [TTA 22 Feb 17] kicking Watson to the curb after spending $62 million, then all these machine learning, blockchain, and AI upstarts doing most of what Watson was going to do, but cheaper and faster, which this Editor observed early on [TTA 3 Feb 17]. At the end of May, IBM laid off hundreds of workers primarily at three recently acquired data analytics companies. All came on board as market leaders with significant books of business: Phytel, Explorys, and Truven. Clients have evaporated; Phytel, before the acquisition ranked #1 by KLAS in analytics for its patient communication system, reportedly went from 150 to 80 clients. IBM denies the layoffs were anything but much-needed post-acquisition restructuring and refocusing on high-value segments of the IT market.

IEEE Spectrum rated the causes as corporate mismanagement (mashing Phytel and Explorys; IBM’s ‘bluewashing’ acquired companies; the inept ‘offering management’ product development process; the crushed innovation) plus inroads made by competition (those upstarts again!). What’s unusual is the sourcing from former engineers–IEEE is the trade group for tech and engineering professionals. The former IBM-ers were willing to talk in detail and depth, albeit anonymously. 

Der Spiegel takes the German and clinical perspective of what IBM Watson Health has gone wrong, starting with the well-documented failures of Watson at hospitals in Marburg and Giessen. The CEO of Rhön-Klinikum AG, which owns the university hospital at Marburg, reviewed it in action in February. “The performance was unacceptable — the medical understanding at IBM just wasn’t there.” It stumbled over and past diagnoses even a first-year resident would have considered. The test at Marburg ended before a single patient was treated.

The article also outlines several reasons why, including that Watson, after all this time, still has trouble crunching real doctor and physical data. It does not comprehend physician shorthand and negation language, which this Editor imagines is multiplied in languages other than American English. “Some are even questioning whether Watson is more of a marketing bluff by IBM than a crowning achievement in the world of artificial intelligence.” More scathingly, the Rhön-Klinikum AG CEO: “IBM acted as if it had reinvented medicine from scratch. In reality, they were all gloss and didn’t have a plan. Our experts had to take them by the hand.”

Hardly The Blue Wave of the Future. Perhaps the analogy is Dr. Watson as The Great Oz.

More and more into the (data) breach: 3X more patient records in Q2, UnityPoint’s breach balloons to 1.3M

click to enlargeAnd we thought Healthcare Hackermania was following the Hulkster into retirement. After a quiet Q1, data breaches and hack attacks blew up both in Q2 and now in this quarter.

Data compliance analytics firm Protenus’ Breach Barometer (with DataBreaches.net) has been tracking healthcare data breaches for years. It was quiet last quarter with 1.13 million patient records affected in 110 separate health data breaches. But last quarter was a true triple threat with patient records up three times to 3.14 million, 142 separate breaches–which means more per breach on average. What is also distressing is that 29.71 percent are repeat offenses among employees, up from 21 percent in the previous quarter.

  • 36.6 percent of breaches were due to external hacking, nearly double that of Q1.
  • 30.99 percent were due to insiders, either through deliberate wrongdoing (theft) or insider error. Insider wrongdoing was led by family members snooping on other family members’ records. Not Russians, Chinese, NoKos, or Bulgarians bashing about. 
  • In contrast to Q1, where the biggest data breach was a network hack of an Oklahoma-based health network (reportedly the Oklahoma State University Center for Health Sciences), compromising nearly 280,000 records, Q2’s Big Breach was a physical burglary of the California Department of Developmental Services in Sacramento affecting over 581,000 records. After the usual ransacking and theft, the burglars started a fire before they left and the sprinklers did the rest.

It routinely takes nearly forever from when a breach occurs to when it is discovered: in Q1 244 days, in Q2 204 days. In Q2 the longest discovery time was over five years –2013 to 2018. This indicates that insiders may be good at covering their tracks, and/or IT staff don’t get around to detecting and policing breaches.

Protenus and DataBreaches.net compile incidents disclosed to HHS and reported in the media, and are now adding their own proprietary, non-public data on the status of health data breaches nationwide, including a review of tens of trillions of individual
accesses to EHRs which Protenus audits as part of their healthcare systems services. More detail in Protenus Q2 and Q1 full reports, HealthITSecurity (Q1)

Certain to lead their Q3 report is the 1.4 million patient record breach at UnityPoint Health, an Iowa-based health system. In May, a small phishing breach compromised 16,000 records. This cyberattack also started with email phishing and spread through employee networks. “The phishing campaign tricked employees into providing confidential login information, which hackers used to infiltrate email accounts and access data contained within.” Were the hackers after patient data? According to UnityPoint, “The phishing attack on UnityPoint Health was more likely focused on diverting business funds from our organization.” Healthcare Analytics News

You may not want a cyberattack, but cyberattacks and hacking want you….

The Theranos Story, ch. 54: cue up ‘Tainted Love’ in the courtroom

click to enlargeTainted Love, Labs, and Lucre Indeed. Drop the needle on the Gloria Jones version from 1964 or the Soft Cell version from 1981.

Consider that the very fates of Ms. Elizabeth Holmes, the now not-so-Sunny Balwani, and the formerly $9 bn Unicorn Theranos may hinge on the nature of their personal relationship and its influence on the governance of the company.

There are two legal actions against the company and the two principals, one by the DOJ for criminal fraud [TTA 16 June] and by the SEC on (civil) securities fraud [TTA 15 March].  Both are out on $500,000 bail on the DOJ charges. The possibilities on the latter can be up to 20 years in Club Fed, plus $250,000 in fines and clawing back of investor funds, if any can be found.

While Ms. Holmes settled with the SEC, paying a fine and exiting the company, Mr. Balwani did not and is fighting the charges, though this declaration was made before the DOJ charges.

Bloomberg Markets brings up an interesting set of dynamics which can play well with potential jurors and make the prosecution’s case far more convincing for a Northern California jury. To wit, in 2009 when she started running out of money, Ms. Holmes turned to Mr. Balwani, her boyfriend, for a $12 million line of credit. In return, he became president and COO. The nature of their relationship was kept strictly hush-hush to the board and investors. Secrecy was ratcheted up at the company and management started to break down. And the timing: a week after Mr. Balwani left, the news of bad patient test results and problems with their lab started to break big.

Jurors, even in Silicon Valley, love drama and personal intrigue–especially the type that underscores deception and $900 million in fraud perpetrated by a Stanford dropout who clumsily attempted to channel Saint Jobs and a somewhat schlubby dude who Should Have Known Better. Far more than gullible corporate suits at Walgreens and hedge funds….add to it the personal stories of patients harmed by bad Theranos tests and you get an emotional story worthy of Law & Order.

Do expect Ms. Holmes to bring up her Saint Joan if not a female Saint Sebastian analogy. Burning at the stake versus being shot full of arrows are too memorable images which she’ll try out. Add a #MeToo spin of a young woman coerced by an older man–a tale of at least tit-for-tat to get the $12 million. 

The rompin’ soap opera is likely to start next year. Stay tuned…. 

Telemedicine changing Texas rural health and emergency medicine

The expanded use of telemedicine in Texas–controversial and delayed by the state medical society, despite its use in distance medicine and prisons–is slowly starting to change rural health in the state. SB1107 passed the Texas legislature in 2017, removing the previous requirement for an in-person medical consultation. Texas, like many Western states, has an acute shortage of primary care doctors in 184 of 254 counties, according to the state health service.

Where telemedicine fills that gap is in areas such as emergency rooms in rural hospitals. In Van Horn, population 2,000, with the next hospital 90 miles away, telemedicine enables the ER  to operate two trauma rooms and for the state, have a doctor there well within 30 minutes away which is the state requirement for a basic-level trauma facility. The ER connects with an office building in Sioux Falls, SD to a nurse and doctor on immediate call to help oversee care via the Avera eCare telemedicine system.

Universities have also worked to diversify telemedicine use in other settings. Texas Tech University Health Sciences Center has pioneered its use in ambulances and schools. The regional TexLa Telehealth Resource Center helps anyone looking to start a telemedicine project. By 2020, the University of Texas will have telemedicine fully implemented on campus. Houston Chronicle

Rounding up July: Teladoc’s new name and earnings, Hitching a Lyft, GlobalMed with FCC, Proteus and HIV sensing, Parks Associates, Welbeing

click to enlarge click to enlargeTelemedicine giant Teladoc today formally unveiled its name and logo change to Teladoc Health. Citing its worldwide reach and a broad portfolio of services, CEO Jason Gorevic stated “…we will further accelerate the adoption of virtual care and enhance our technology-enabled services to make high-quality healthcare a reality for more people and organizations around the world.” The name will officially change on 10 August but there is no change in their NYSE ticker symbol TDOC. Release on MarketWatch  Their earnings call on Wednesday reported a second quarter loss of $0.37 per share which was substantially less than the projected $0.43. Revenue was $94.56 million for the quarter ended June 2018, more than double that of CY 2017. Zacks.com

The burgeoning area of non-emergency medical transportation (NEMT) got a Lyft with the publishing of two studies indicating reductions in costs and no-shows. Lyft rideshare partner Hitch Health which integrates EHR data, to identify patients, worked over 12 months with the Hennepin Healthcare internal medicine clinic in Minneapolis. The no-show rate dropped from 31 percent to 22.5 percent, with an estimated increase in revenue of $270,000. In Camden, NJ, Rideshare worked with a branch of the MD Anderson Cancer Clinic to schedule on-demand transportation, reducing direct transportation costs by 30 percent with the service and no-show rate down to four percent. Mobihealthnews

GlobalMed, a previous Perspectives contributor, was represented by its CEO on a four-person panel discussing the FCC ‘s proposed Connected Care Pilot Program, a new $100 million program to support telehealth for low-income Americans, attended by  FCC Commissioner Brendan Carr. Here’s a video from the 24 July meeting. Hat tip to Marcia Rhodes of Amendola Communications

Proteus Digital Health’s sensor-equipped pills, transmitter patch, and app may have a new market with prophylaxis (PrEP) treatments for the prevention of HIV transmission. A study by University of California, San Diego researchers with Truvada (Gilead Sciences) found that the sensor-equipped drug was well-received by most users and pharmacokinetically equivalent to Truvada alone. Proteus is the first FDA-approved digital ingestion tracking system with Abilify MyCite [TTA 14 Nov 17]. Mobihealthnews

Parks Associates has two upcoming opportunities for speakers at their hosted events at two large conferences. Click on the links for more information:

CONNECTIONS Europe: Strategies for Smart Home & Consumer IoT – Deadline: 1 Sept
Amsterdam – 13-14 Nov 2018  Event website

CONNECTIONS Summit at CES – Deadline: 15 Sept 2018
Las Vegas – 8 Jan 2019  Call for papers and more information.  

Welbeing in the UK announced on Wednesday 1 Aug their Rehabilitation Project in Cumbria. The program is designed to help patients who have had a fall or similar trauma leading to a hospital stay. When they are discharged, patients can now receive Welbeing’s alarm service for up to 13 weeks, free of charge. The service is being funded by Eden District Council. Welbeing recently acquired Eden Housing Association’s alarm and response services in Eden and Carlisle. (Link to press release to come)

Healthcare cybersecurity breaches multiply like measles as far away as Singapore. Is it a matter of time before hacking kills someone?

Even if you are the Prime Minister of Singapore, you can be hacked. Prime Minister Lee Hsien Loong joined 1.5 million of his fellow Singaporeans in what they have termed an unprecedented data breach of SingHealth, considered to be a world model. There are the usual state actor suspects: Russians, Chinese–and North Koreans–starting less than two weeks (27 June) after hosting the meeting between President Donald Trump and Maximum Leader Kim Jong Un. (That is hardly a gracious thank you if it’s them (s/o).  POLITICO Morning eHealth reported on Monday 23 July. 

What’s happened since: Singapore banks have been instructed to tighten data procedures and use additional verification methods. The government believes 1) they are next and 2) that the healthcare breach data could be used to impersonate customer identities. SingHealth records include full name, national identification number, address, gender, race, and date of birth. (ZDNet)

The National (UAE) reported that the hack specifically targeted the PM. Their angle was that Singapore has ambitions to host a ‘smart city’ as does the UAE and testing Singapore means that the UAE may be next. Singapore is covering a different angle–the ‘inside job’ one. They moved to disconnect computers from the internet at public centers which may inconvenience patients and healthcare staff but which weakens data collection for this very busy centralized system. (Reuters) Watch the government press conference here.

Will the next WannaCry or NotPetya kill someone? That is the premise in this article in ZDNet and one we’ve discussed previously. It’s not a targeted attack on a particular life, but could be an infrastructure failure–for instance, an industrial control for electricity that destroys systems including those to dependent homes or hospitals. What this article doesn’t include are all those aging hackable connected devices in operating rooms, hospital rooms, and in-hospital Wi-Fi powering tablets and other connected devices. KRACK can be very wack indeed! [TTA 18 Oct 17]