TTA’s Summer Windup Redux: Don’t buy that digital kit before you test your analogue (UK); Doro acquires Invicta, PillPack hits data wall, Humana and CTA, events, more!

 

 

Editor Donna feels like the hamster on the wheel–though able to capture a few more days of summer–but Editor Charles jumps on the Analogue versus Digital Soapbox.

Telecare – time to sweat the analogue assets, not dump them (Editor Charles asks that you do your homework before you cart in that shiny new digital kit and throw the old out the window)

Summer may be winding down but activity is winding up. Doro acquires Invicta, Amazon’s PillPack hits a data wall, Humana first payer to join CTA. Judge Leon finally blesses CVS-Aetna’s merger after 9 months. And events, including Digital Mental Health at the RSM 23 Sept.

News and event roundup: Amazon PillPack, Humana joins CTA, NH’s telemedicine go, Fitbit Lives Healthy in Singapore, supporting Helsinki’s older adults, events
Shock news: the CVS-Aetna merger officially approved after 9 months (Judge Leon’s Final Judgment delivered. But what about future healthcare mergers?)
Doro AB acquires Invicta Telecare from Clarion Housing, increasing to nearly 200,000 users (UK) (Consolidation continues)
Digital Mental Health for Adults – a one day conference at the RSM on 23 September 2019 in London (Sponsored by the RSM)

Being contrarian, we consider that AI and machine learning may be doing real damage both in its workings and in the quality of all that medical data being fed into it. Regrettably, telemedicine in nursing homes looks like a permanent failure. And CMS takes the lead in the PFS with three new telehealth codes on opioid treatment.

A realistic look at why telemedicine isn’t succeeding in nursing homes (It should, but it’s the economics of the business)
Are AI’s unknown workings–fed by humans–creating intellectual debt we can’t pay off? (Building dangerous error upon error with bad data, destroying theoretical thinking–and that’s for starters)
CMS’ three new proposed telehealth codes, changes on inclusions, in 2020 Medicare Physician Fee Schedule (US) (CMS takes initiative in opioid treatment)

Summer is really flying by, but the daystopper of the week is the doubling of breached patient records this year. LIVI adds a lot of patients in the UK, Allscripts settles with DOJ on compliance, and GSK IMPACT opens for UK charitable organization applications.

The Breach Barometer hits a new high for healthcare–and the year isn’t over (The geometric increase in breaches and exposed records)
LIVI telemedicine app expands availability to 1.85 million patients with GPs in Birmingham, Shropshire, Northamptonshire, Southeast (The crowded UK telemedicine field)
Allscripts reaches deal with DOJ on Practice Fusion in compliance settlement for $145 million (Bargains are never bargains)
2020 GSK IMPACT/The King’s Fund Awards now open for applications (UK) (Apply soon!)

Summer is flying by, but rural health connectivity advances at the FCC. Smartphones now set up to detect viruses. Another smartphone enabled ultrasound player–but this time in 3D. A study connects health tech to retaining LTC workers. Connected Health Summit coming up, and Vivify Health acquires a new VP.

Comings and goings, short takes, and in other news…: Vivify’s new SVP Sales, Parks’ Connected Health Summit, $35M for 3D portable ultrasound, Oxford Medical Sim new pilot (Events, products, and more)
Technology will help ease, but not replace, rising workforce demand in long-term care: UCSF study (It’s almost all about the workers and retaining them in the face of technology)
Can a smartphone camera, app, and device detect viruses at low cost? (A University of Tokyo team says yes)
FCC reforming Rural Health Care Program to improve telehealth funding in addition to Connected Care Pilot (US) (About time, but still underfunded)


Have a job to fill? Seeking a position? Free listings available to match our Readers with the right opportunities. Email Editor Donna.


Read Telehealth and Telecare Aware: http://telecareaware.com/  @telecareaware

Follow our pages on LinkedIn and on Facebook

We thank our present and past advertisers and supporters: Tynetec, Eldercare, UK Telehealthcare, NYeC, PCHAlliance, ATA, The King’s Fund, DHACA, HIMSS, Health 2.0 NYC, MedStartr, Parks Associates, and HealthIMPACT.

Reach international leaders in health tech by advertising your company or event/conference in TTA–contact Donna for more information on how we help and who we reach. See our advert information here. 


Telehealth & Telecare Aware: covering the news on latest developments in telecare, telehealth, telemedicine and health tech, worldwide–thoughtfully and from the view of fellow professionals

Thanks for asking for update emails. Please tell your colleagues about this news service and, if you have relevant information to share with the rest of the world, please let me know.

Donna Cusano, Editor In Chief
donna.cusano@telecareaware.com

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

TTA’s Midsummer Week 6: AI and machine learning’s hidden risks and debt, the permanent fail of nursing home telehealth, and CMS’ PFS adds telehealth codes for opioids

 

It’s hard to believe, but ‘traditional summer’ is starting to wind down. Being contrarian, we consider that AI and machine learning may be doing real damage both in its workings and in the quality of all that medical data being fed into it. Regrettably, telemedicine in nursing homes looks like a permanent failure. And CMS takes the lead in the PFS with three new telehealth codes on opioid treatment.

TTA will be on holiday starting next week. There will no Alerts published on Thursday 29 August or 5 September.

A realistic look at why telemedicine isn’t succeeding in nursing homes (It should, but it’s the economics of the business)
Are AI’s unknown workings–fed by humans–creating intellectual debt we can’t pay off? (Not only that, but building dangerous error upon error with bad data and destroying theoretical thinking)
CMS’ three new proposed telehealth codes, changes on inclusions, in 2020 Medicare Physician Fee Schedule (US) (CMS takes initiative in opioid treatment)

Summer is really flying by, but the daystopper of the week is the doubling of breached patient records this year. LIVI adds a lot of patients in the UK, Allscripts settles with DOJ on compliance, and GSK IMPACT opens for UK charitable organization applications.

The Breach Barometer hits a new high for healthcare–and the year isn’t over (The geometric increase in breaches and exposed records)
LIVI telemedicine app expands availability to 1.85 million patients with GPs in Birmingham, Shropshire, Northamptonshire, Southeast (The crowded UK telemedicine field)
Allscripts reaches deal with DOJ on Practice Fusion in compliance settlement for $145 million (Bargains are never bargains)
2020 GSK IMPACT/The King’s Fund Awards now open for applications (UK) (Apply soon!)

Summer is flying by, but rural health connectivity advances at the FCC. Smartphones now set up to detect viruses. Another smartphone enabled ultrasound player–but this time in 3D. A study connects health tech to retaining LTC workers. Connected Health Summit coming up, and Vivify Health acquires a new VP.

Comings and goings, short takes, and in other news…: Vivify’s new SVP Sales, Parks’ Connected Health Summit, $35M for 3D portable ultrasound, Oxford Medical Sim new pilot (Events, products, and more)
Technology will help ease, but not replace, rising workforce demand in long-term care: UCSF study (It’s almost all about the workers and retaining them in the face of technology)
Can a smartphone camera, app, and device detect viruses at low cost? (A University of Tokyo team says yes)
FCC reforming Rural Health Care Program to improve telehealth funding in addition to Connected Care Pilot (US) (About time, but still underfunded)

A news-filled week with events, executive moves at Verily, Teladoc, and ATA, a challenging take on oral health, a dim view on AI, mall ‘medtail’, CVS’ SDH initiative, and Call9’s fan dance.

Comings and goings, short takes and upcoming events: MedStartr Wed night, Mad*Pow acquired, Teladoc’s new COO, JAMA ponders telepharmacy, NHS London anxiety apps partner (updated)
Oral health: more than a public health challenge, an opportunity for telehealth? (Two Lancet articles make the case)
News roundup: docs dim on AI without purpose, ‘medtail’ a mall trend, CVS goes SDH, Kvedar to ATA, Biden ‘moonshot’ shorts out, and Short Takes
Call9: we’ll be back — with a different model! (Not forthcoming to Crain’s on what it looks like, though)

Rock Health assesses the first half 2019 funding picture and is reassured at the pressure that investors have to exit–but we see other and somewhat cautionary things. And the hearings on the CVS-Aetna merger slump towards an exhausting close in Judge Leon’s court.

Health tech bubble watch: Rock Health’s mid-2019 funding assessment amid Big IPOs (Why the funding picture is far more interesting than Rock Health thinks)
The CVS-Aetna merger hearing draws to a dreary, weary close (But when?)

A just-published UK survey of the care tech landscape has implications in the worldwide trend of community-based wellness and disease prevention. CVS-Aetna goes another round in Judge Leon’s court, this time with five states; he should Ask Alexa as NHS patients in the UK shortly will. And did you attend DHACA’s most recent meeting on the 17th?

Care Technology Landscape Review: Socitm Advisory for Essex County Council (UK) (A UK study which has international resonance)
‘Ask Alexa’ if you’re sick, says the NHS (But what if Alexa no comprende?)
Another round this Wednesday in the CVS-Aetna merger hearings (We’ll see what happens next in the longest post-merger hearing in healthcare history)
Come and listen to Julian Hitchcock talking regulation next Wednesday 17th July! (It’s past, but keep in touch with DHACA)


Have a job to fill? Seeking a position? Free listings available to match our Readers with the right opportunities. Email Editor Donna.


Read Telehealth and Telecare Aware: http://telecareaware.com/  @telecareaware

Follow our pages on LinkedIn and on Facebook

We thank our present and past advertisers and supporters: Tynetec, Eldercare, UK Telehealthcare, NYeC, PCHAlliance, ATA, The King’s Fund, DHACA, HIMSS, Health 2.0 NYC, MedStartr, Parks Associates, and HealthIMPACT.

Reach international leaders in health tech by advertising your company or event/conference in TTA–contact Donna for more information on how we help and who we reach. See our advert information here. 


Telehealth & Telecare Aware: covering the news on latest developments in telecare, telehealth, telemedicine and health tech, worldwide–thoughtfully and from the view of fellow professionals

Thanks for asking for update emails. Please tell your colleagues about this news service and, if you have relevant information to share with the rest of the world, please let me know.

Donna Cusano, Editor In Chief
donna.cusano@telecareaware.com

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

The Breach Barometer hits a new high for healthcare–and the year isn’t over

31.6 million healthcare breached records can’t be right? But it is, and it’s double all of 2018. Protenus’ Breach Barometer for the first six months of the year tallied over double the number of patient records breached calculated for 2018 (15.1 million). The number of breach incidents reported was smaller–285 breach incidents disclosed to the US Department of Health and Human Services or the media–compared to 503 breaches in 2018, which means that individual data breaches affected far more records.

Hackermania is running wilder than ever. Nearly half the breaches were due to hacking. The big kahuna of breaches this year was reported in May at American Medical Collection Agency, a third-party billing collections firm. This eight-month breach affected 20 to 22 million records at Quest Diagnostics, LabCorp, Opko Health, under one of its subsidiaries, BioReference Laboratories, Inc., and Clinical Pathology Laboratories [TTA 5 June] This hack also involved Optum360, a Quest contractor and part of healthcare giant Optum. In terms of PII, the records breached included SSI, DOB, and physical addresses.

 Yet insider breaches are still a significant threat at 21 percent, whether from errors without malicious intent or deliberate wrongdoing. In the report, Protenus (with DataBreaches.net) calculated that 60 of the 285 breaches were insider-related affecting 3.5 million records. 35 were insider-error incidents, with 22 additional due to wrongdoing.

When it comes to breaches, the trend is easily not healthcare organizations’ friend, as 2018 tripled 2017’s total breached records. This is despite the new emphasis on healthcare IT security and insider training. Protenus release, FierceHealthcare, Protenus first half report (PDF)

More and more into the (data) breach: 3X more patient records in Q2, UnityPoint’s breach balloons to 1.3M

[grow_thumb image=”http://telecareaware.com/wp-content/uploads/2015/02/Hackermania.jpg” thumb_width=”150″ /]And we thought Healthcare Hackermania was following the Hulkster into retirement. After a quiet Q1, data breaches and hack attacks blew up both in Q2 and now in this quarter.

Data compliance analytics firm Protenus’ Breach Barometer (with DataBreaches.net) has been tracking healthcare data breaches for years. It was quiet last quarter with 1.13 million patient records affected in 110 separate health data breaches. But last quarter was a true triple threat with patient records up three times to 3.14 million, 142 separate breaches–which means more per breach on average. What is also distressing is that 29.71 percent are repeat offenses among employees, up from 21 percent in the previous quarter.

  • 36.6 percent of breaches were due to external hacking, nearly double that of Q1.
  • 30.99 percent were due to insiders, either through deliberate wrongdoing (theft) or insider error. Insider wrongdoing was led by family members snooping on other family members’ records. Not Russians, Chinese, NoKos, or Bulgarians bashing about. 
  • In contrast to Q1, where the biggest data breach was a network hack of an Oklahoma-based health network (reportedly the Oklahoma State University Center for Health Sciences), compromising nearly 280,000 records, Q2’s Big Breach was a physical burglary of the California Department of Developmental Services in Sacramento affecting over 581,000 records. After the usual ransacking and theft, the burglars started a fire before they left and the sprinklers did the rest.

It routinely takes nearly forever from when a breach occurs to when it is discovered: in Q1 244 days, in Q2 204 days. In Q2 the longest discovery time was over five years –2013 to 2018. This indicates that insiders may be good at covering their tracks, and/or IT staff don’t get around to detecting and policing breaches.

Protenus and DataBreaches.net compile incidents disclosed to HHS and reported in the media, and are now adding their own proprietary, non-public data on the status of health data breaches nationwide, including a review of tens of trillions of individual
accesses to EHRs which Protenus audits as part of their healthcare systems services. More detail in Protenus Q2 and Q1 full reports, HealthITSecurity (Q1)

Certain to lead their Q3 report is the 1.4 million patient record breach at UnityPoint Health, an Iowa-based health system. In May, a small phishing breach compromised 16,000 records. This cyberattack also started with email phishing and spread through employee networks. “The phishing campaign tricked employees into providing confidential login information, which hackers used to infiltrate email accounts and access data contained within.” Were the hackers after patient data? According to UnityPoint, “The phishing attack on UnityPoint Health was more likely focused on diverting business funds from our organization.” Healthcare Analytics News

You may not want a cyberattack, but cyberattacks and hacking want you….

MediBioSense and Blue Cedar take a new approach to secure medical wearable data (UK/US)

[grow_thumb image=”http://telecareaware.com/wp-content/uploads/2018/01/VitalPatch_Header_Photo_Tablet.jpg” thumb_width=”150″ /]Doncaster UK-based MediBioSense Ltd. has partnered with San Francisco-based Blue Cedar to protect their VitalPatch app on smartphones and tablets. MediBioSense uses VitalPatch in their MBS HealthStream system marketed in the UK in acute care and long-term care setting. Blue Cedar is securing the app through their patented code-injected technology which protects the VitalPatch-collected data from the app to the provider database. The system with Blue Cedar’s security is available directly from MediBioSense.

VitalPatch is a single-use adhesive biosensor patch applied to the patient’s chest (see left above). It monitors eight vital signs and activity signs: heart rate, respiration, ECG, heart rate variability, temperature, body posture including fall detection/severity, and steps as an indicator of activity. MediBioSense contracted with the US-based developer, VitalConnect, to sell the system in the UK. VitalPatch is US FDA-cleared (Class II) and CE Marked for the EU.

One impetus, according to the release (PDF), is the GDPR (General Data Protection Regulation), the pan-European/UK data-protection law slated to take effect in May. This not only applies to European Union citizens’ personal data but also requires reports on how organizations safeguard that data. 

Blue Cedar, which this Editor has previously profiled [TTA 3 May 17], has developed code-injection technology that secures data from the app to the provider location on their servers or in the cloud. It secures the app without the device being managed. Devices have their own vulnerabilities when it comes to apps even when secured, as 84 percent of cyberattacks happen at the application layer (SAP). Blue Cedar’s security also enables tap-and-go from an icon versus multiple security entries, thus quick downloading from app stores or websites. For companies, the secured app provides granular analytic reports about users, app usage, devices, and operating systems which are useful for GDPR requirements.

Blue Cedar’s latest release of app security is Enforce, to secure existing mobile apps using in-app embedded controls to enforce a broad range of security policies. It is sold on the Microsoft Azure cloud platform and is primarily targeted to the value-added reseller (VAR) market. 

All the more reason to use all means to secure devices and apps. When as of last week Allscripts‘ EHR for e-prescribing was hit with a ransomware attack (FierceHealthcare), yet another hospital (Hancock Regional in Indianapolis) paid $5,000 to hackers to get back online (Digital Health), and Protenus/DataBreaches.net tracks a breach a day [TTA 29 Dec 17], cybersecurity has become Job #1 for anyone in the healthcare field. (And Big Healthcare now votes for security. Protenus today announced their $11 million Series B led by Kaiser Permanente Ventures and F-Prime Capital Partners. Release.)

Rounding up the roundups in health tech and digital health for 2017; looking forward to 2018’s Nitty-Gritty

[grow_thumb image=”http://telecareaware.com/wp-content/uploads/2017/12/Lasso.jpg” thumb_width=”100″ /]Our Editors will be lassoing our thoughts for what happened in 2017 and looking forward to 2018 in several articles. So let’s get started! Happy Trails!

2017’s digital health M&A is well-covered by Jonah Comstock’s Mobihealthnews overview. In this aggregation, the M&A trends to be seen are 1) merging of services that are rather alike (e.g. two diabetes app/education or telehealth/telemedicine providers) to buy market share, 2) services that complement each other by being similar but with strengths in different markets or broaden capabilities (Teladoc and Best Doctors, GlobalMed and TreatMD), 3) fill a gap in a portfolio (Philips‘ various acquisitions), or 4) payers trying yet again to cement themselves into digital health, which has had a checkered record indeed. This consolidation is to be expected in a fluid and relatively early stage environment.

In this roundup, we miss the telecom moves of prior years, most of which have misfired. WebMD, once an acquirer, once on the ropes, is being acquired into a fully corporate info provider structure with its pending acquisition by KKR’s Internet Brands, an information SaaS/web hoster in multiple verticals. This points to the commodification of healthcare information. 

[grow_thumb image=”http://telecareaware.com/wp-content/uploads/2017/12/canary-in-the-coal-mine.jpgw595.jpeg” thumb_width=”150″ /]Love that canary! We have a paradigm breaker in the pending CVS-Aetna merger into the very structure of how healthcare can be made more convenient, delivered, billed, and paid for–if it is approved and not challenged, which is a very real possibility. Over the next two years, if this works, look for supermarkets to get into the healthcare business. Payers, drug stores, and retailers have few places to go. The worldwide wild card: Walgreens Boots. Start with our article here and move to our previous articles linked at the end.

US telehealth and telemedicine’s march towards reimbursement and parity payment continues. See our article on the CCHP roundup and policy paper (for the most stalwart of wonks only). Another major change in the US is payment for more services under Medicare, issued in early November by the Centers for Medicare and Medicaid Services (CMS) in its Final Rule for the 2018 Medicare Physician Fee Schedule. This also increases payment to nearly $60 per month for remote patient monitoring, which will help struggling RPM providers. Not quite a stride, but less of a stumble for the Grizzled Survivors. MedCityNews

In the UK, our friends at The King’s Fund have rounded up their most popular content of 2017 here. Newer models of telehealth and telemedicine such as Babylon Health and PushDoctor continue to struggle to find a place in the national structure. (Babylon’s challenge to the CQC was dropped before Christmas at their cost of £11,000 in High Court costs.) Judging from our Tender Alerts, compared to the US, telecare integration into housing is far ahead for those most in need especially in support at home. Yet there are glaring disparities due to funding–witness the national scandal of NHS Kernow withdrawing telehealth from local residents earlier this year [TTA coverage here]. This Editor is pleased to report that as of 5 December, NHS Kernow’s Governing Body has approved plans to retain and reconfigure Telehealth services, working in partnership with the provider Cornwall Partnership NHS Foundation Trust (CFT). Their notice is here.

More UK roundups are available on Digital Health News: 2017 review, most read stories, and cybersecurity predictions for 2018. David Doherty’s compiled a group of the major international health tech events for 2018 over at 3G Doctor. Which reminds this Editor to tell him to list #MedMo18 November 29-30 in NYC and that he might want to consider updating the name to 5G Doctor to mark the transition over to 5G wireless service advancing in 2018.

Data breaches continue to be a worry. The Protenus/DataBreaches.net roundup for November continues the breach a day trend. The largest breach they detected was of over 16,000 patient records at the Hackensack Sleep and Pulmonary Center in New Jersey. The monthly total was almost 84,000 records, a low compared to the prior few months, but there may be some reporting shifting into December. Protenus blog, MedCityNews

And perhaps there’s a future for wearables, in the watch form. The Apple Watch’s disconnecting from the phone (and the slowness of older models) has led to companies like AliveCor’s KardiaBand EKG (ECG) providing add-ons to the watch. Apple is trying to develop its own non-invasive blood glucose monitor, with Alphabet’s (Google) Verily Study Watch in test having sensors that can collect data on heart rate, gait and skin temperature. More here from CNBC on Big Tech and healthcare, Apple’s wearables.

Telehealth saves lives, as an Australian nurse at an isolated Coral Bay clinic found out. He hooked himself up to the ECG machine and dialed into the Emergency Telehealth Service (ETS). With assistance from volunteers, he was able to medicate himself with clotbusters until the Royal Flying Doctor Service transferred him to a Perth hospital. Now if he had a KardiaBand….WAToday.com.au  Hat tip to Mike Clark

This Editor’s parting words for 2017 will be right down to the Real Nitty-Gritty, so read on!: (more…)

Hackermania meets The Dark Overlord with 2.3 million 2017 health data breaches

[grow_thumb image=”http://telecareaware.com/wp-content/uploads/2015/02/Hackermania.jpg” thumb_width=”150″ /]It’s a cage match! Reports are soaring, with a proliferation of data breaches year to date, after a relatively quiet period in 2016.

The Dark Overlord (TDO), in the mainstream news with dumping unseen Netflix program episodes on illegal file-sharing sites and demanding ransom (Guardian), also has been hard at work dumping PHI hacked from various clinics. DataBreaches.net tallied it at 180,000 records from at least nine medical clinics.

Health data security developer/provider Protenus, whose Breach Barometer tracks the numbers, counted 2.1 million breaches in 1st Quarter. March spiked with 700,000 coming from Commonwealth Health Corporation of Kentucky.

Our standby Privacy Rights Clearinghouse counted over 175,000 to date, but 160,000 came from MedCenter Health in Protenus’ total, so their net addition was 15,000. But PRC’s detail illustrates that ransomware is alive, well, and invading smaller healthcare organizations. Other reasons are unauthorized data server access, third-party vendors, email error, and theft.