Roundup: data breaches ’round the world

Following on our review of recent articles on why medical identity theft is so attractive, here’s our review of data breaches in the news, including a new (to this Editor) report from Europe.

  • It’s not Europe, blame the UK! That is one of the surprising findings of a meta-review of all types of data breaches released earlier this month by the Central European University’s Center for Media, Data and Society (CMDS). While not specific to healthcare, it is the first study this Editor has seen on EU data breaches and is useful for general trends. 229 verified incidents were analyzed by the CMDS across  28 EU member countries plus Switzerland and Norway, 2005-3rd Quarter 2014, and includes unusual healthcare breaches such as Danish HIV patients’ personal information included in a PowerPoint presentation later published online. Key findings:
    1. 57 percent of breaches were due to insider theft, mismanagement or error; 41 percent were hacker-instigated
    2. It’s common: “for every 100 people in the study countries, 43 personal records have been compromised”
    3. In terms of impact, the UK by far, then Greece, Norway, Germany and Netherlands were the top five countries for incidents and numbers of records breached (report page 9) (more…)

Funding, granting and executive moves

Summer hasn’t been beach holiday time for some of the companies we’ve been following….Genetic testing for the masses 23andMe, only last fall in much hot water with FDA (but recently making nice–TTA 2 July), received a two-year, $1.4 million grant from the National Institutes for Health (NIH). iHealthBeat….’Smart pill’ developer Proteus Digital Health received a Series G round of $52 million, adding to a June round of $120 million. Investors not disclosed, but Proteus currently has a blue-chip list including Novartis, Medtronic and Kaiser. BusinessWire….Pre/post-procedure education and recovery monitoring service VOX Telehealth received another $1.1 million round of angel financing primarily from original investors, preliminary to an institutional round of financing in 1st Quarter 2015. Release….HealthSpot Station is reinforcing its retail reach (more…)

23andme and FDA: making nice?

In a reversal from the ‘¡No pasarán!’ (‘They shall not pass!’) position 23andme and its QS fans famously took back in the winter and spring [TTA 2 Apr, with prior links] vis-a-vis FDA on interpretation of genetic tests, this report from VentureBeat indicates that 23andme is holding out an olive branch. It’s not your usual cutting. It’s an application for Bloom’s Syndrome, a rare inherited genetic disorder, which FDA just accepted. Adding to it is that CEO Anne Wojcicki is a carrier of this disorder. VentureBeat’s speculation is that if successful, the Bloom’s Syndrome application would be the template for future test applications. The tone on both sides has grown conciliatory. For example: sitting on the same Congressional panel on healthcare last Tuesday was an FDA physician directly involved in the approval situation and Ms Wojcicki. There was a well-timed, quite emollient interview with Ms Wojcicki in the Wall Street Journal this past weekend. Certainly a factor is that 23andme is still growing, but less quickly–up 150,000 from its pre-FDA contretemps level of 550,000. And its funders, even though closely related to Ms Wojcicki, hate to wait on numbers which are certainly below projections.

mHealth: too much to blog, too little time

As always the question is where to start? Perhaps with the FT headline ‘Powerhouse’ UK leads Europe app development, says research, a piece by Daniel Thomas on some research sponsored by Google & Tech City UK. A full version of the report is here. Key findings are that the UK:

  • Has become the largest tech hub in Europe for app development;
  • Received a third of revenues generated from mobile software in Europe last year;
  • Is the base for almost a fifth of European developers of smartphone applications;
  • is believed to be the world’s second most important tech hub after the US;
  • Has about 8,000 companies involved in app development, employing close to 400,000 people.

Apparently almost half of app developers and designers in the UK generate most of their income from apps, although a fifth generate no income from apps at all but rather see them as a hobby.

Staying with the FT, Prof Mike Short has kindly also pointed this editor to another article entitled (more…)

Healthcare Apps 2014 – a few impressions

This event was held on April 28th-30th in Victoria in London. It was organised by Pharma IQ and clearly had a strong pharma focus (including the charge which at £1995 for industry attendees clearly discriminated in favour of those with big-pharma sized budgets). It was also held just a few days after the significantly lower-priced Royal Society of Medicine event, and in the middle of a London Tube strike, all of which doubtless contributed to the relatively modest attendance (26 paid). I am most grateful to the organisers for kindly inviting me as one of speaker Alex Wyke’s guests.

As mentioned in an earlier post, there was a similarity with the RSM agenda, so I won’t repeat comments made by the same speaker before. The first up was the 3G Doctor, David Doherty, who gave another of his excellent presentations, although the sound engineer sadly made some of it inaudible. After a review of how we had got to where we are, he suggested that the Internet is about to become a device-dominated network. He drew a parallel between (more…)

HHS draft report on health IT framework published

Another part of the 2012 FDA Safety and Innovation Act (FDASIA) clicked into place with the US Department of Health and Human Services (HHS) publishing a draft report proposing strategy and recommendations for what is rather grandly termed a “health IT framework”. Basically it defines more unified criteria, based on risk to the patient and function of what the device does, not the platform (mobile, software, etc.). It then separates products into three broad categories. Excerpted from the FDA release and the FDASIA Health IT Report:

  1.  Products with administrative health IT functions, which pose little or no risk to patient safety and as such require no additional oversight by FDA. Examples: billing software, inventory management.
  2. Products with health management health IT functions. Examples: software for health information and data management, knowledge management, EHRs, electronic access to clinical results and most clinical decision support software. This will be coordinated largely by HHS’s Office of the National Coordinator for Health IT (ONC) as part of their activities (including their current voluntary EHR certification program), but the private sector is also cited in establishing best practices.
  3. Products with medical device health IT functions, which potentially pose greater risks to patients if they do not perform as intended. Examples: computer-aided detection software, software for bedside monitor alarms and radiation treatment software. The draft report proposes that FDA continue regulating products in this last category. (Illustration on page 13 of report.)

The report also recommends the creation of a public-private entity under ONC, the Health IT Safety Center, which “would serve as a trusted convener of stakeholders and as a forum for the exchange of ideas and information focused on promoting health IT as an integral part of patient safety.” The private sector is duly noted as a ‘stakeholder’.

The report was developed by FDA “in consultation” with ONC and, not unexpectedly, the Federal Communications Commission (FCC). Another recommendation (page 28) is the establishment of a ‘tri-Agency memorandum of understanding (MOU)’ to further determine their working relationship in this area. There’s a 90 day comment period on the 34 page report, which is perfect for weekend reading (!) How this onion will eventually be peeled, rather than quartered, remains to be seen, as does anything emanating from Foggy Bottom.  FDA release. Report. FierceMobileHealthcare.

Update 8 April: A good summary of criticism and approval of the framework to date appears in iHealthBeat from the California Health Care Foundation. The two US Senators sponsoring the PROTECT Act [TTA 28 Feb, 6 Mar] stated there is still too much regulation of low-risk technologies, and Bradley Thompson of Epstein Becker/mHealth Regulatory Coalition believes the report is weak on the issues around clinical decision support software. With praise: HIMSS, Health IT Now Coalition and ACT, which claims to represent about 5,000 mobile application developers and IT firms, but has no locatable website.

Previously in TTA: FDA finally issues proposed rule simplifying medical device classification

Picture murky: 23andMe and the FDA

Genetic testing company 23andMe seems to be in no rush to resolve its differences with the FDA, and the digitalhealtherati a/k/a D3H (Digital Health Hypester Horde) are wondering why. In late November, 23andMe executives undoubtedly had a depressing Thanksgiving when the FDA ordered them to stop providing health reports (interpretation of genetic results) and marketing kits. Four months later, 23andMe continues to sell its kits for $99, providing only raw genetic data and ancestry reports–and according to its 31 March blog posting, will do so for the foreseeable future as they complete the regulatory review process. The blog quoted CEO and co-founder Anne Wojcicki, “My main priority is resolution with the FDA,” but actions speak louder than words–and the FDA isn’t talking. The FDA standard is still validation–the company has to analytically and clinically validate 23andMe for its intended uses, which is why the FDA took action against them in the first place.

  • Is the lack of urgency more about continuing to gather raw genetic and health data unimpeded? Ms Wojcicki had widely stated her real aim was to build a 25-million-strong database (Fast Company).
  • Is the real revenue stream of the company not the kits but in monetizing a massive database, selling it to researchers and others (Matthew Herper in Forbes)–the Google model which Ms Wojcicki is quite familiar with? Consider that there’s $126 million into the company, that is a lot of $99 kits.

Most companies in this situation would be imploding. This one is not. Interestingly. FierceMedicalDevices, The Verge

Previously in TTA: all you ever wanted to know about the 23andMe kerfuffle in FDA tells 23andMe genomic test to stop marketing (including this Editor’s analysis of their pre-FDA website with copy breathlessly expressing potentially life-saving or critical lifestyle changing claims, countered by legal ‘educational use’ boilerplate) and The inevitable: class action lawsuit against 23andMe (a check of the Ankcorn blog has no updates)

FDA finally issues proposed rule simplifying medical device classification

The FDA has now published its proposed rule simplifying its medical device classifications as directed by the 2012 FDA Safety and Innovation Act (FDASIA). This permits reclassification by administrative order versus the rulemaking (notice and comment) process. (Presumably this rule, as part of the latter process, sets up the process for the former.)  In the US, the Food, Drug & Cosmetic Act (FDC Act), which FDASIA amends, has three classifications of devices from least restricted (Class I general controls) through premarket approval (Class III).  

As published yesterday in the Federal Register, the class definitions are being amended to balance the assurance of safety and effectiveness with “the level of regulation necessary to provide such assurance should be closely tailored to the risk presented by a type of device.” The long-awaited changes are seen as highly favorable for mobile health devices and apps which for the most part do not fit neatly into the present Class I-III structure.  (more…)

Short, ‘springy’ takes for Friday

IBM Watson crunches the genomics for glioblastoma. A clinical trial at seven locations is being developed in partnership with the NY Genome Center to identify potential treatment options for the most common type of brain tumor–one where diagnosis and treatment time is of the essence.  iHealthBeat, Modern Healthcare….Also in NY, Montefiore Medical Center in The Bronx is evaluating several mobile initiatives including a current pilot for texts/care management to support diabetic teenagers, as well as evaluating interacting with diabetics on fitness and  biosensor monitoring. FierceMobileHealthcare….Yecco’s social media platform for families caring for older adults [TTA 13 Mar] adds insurance. Allianz Global Assistance UK announced Yecco Home Care insurance, providing up to six weeks of assistance at home following an accident, injury or hospitalization. Release….Six US Senators seek clarification on FDA mobile health regulations. The letter to FDA Commissioner Margaret Hamburg inquired on FDA plans and asked if legislative assistance might be required. The FDA/ONC-HIT framework report originally due in January now has a deadline of 31 March. iHealthBeat. The Hill ‘Healthwatch’….The Samsung Galaxy S5 won’t be considered a medical device by South Korea’s Ministry of Food and Drug Safety. According to Engadget, it was the heart-rate sensor that subjected it to stricter regulations under current South Korean laws. Oy….And it took a while, but finally the Tunstall Americas management page lists new CEO Casey Pittock at the top! (No release yet though.)

A very Appy week!

Although my fellow editor Chrys has done a great job of covering the Ofcom-sponsored report on attitudes and behaviours of apps users, and The Boss (aka Donna) has highlighted the HIMSS Analytics Mobile Study as well as covering the opposition to the PROTECT legislation, identifying a tax issue that might just be behind it all, there is still more to report on the apps front this week.

Beginning with that PROTECT legislation, the same Brad Thompson that Donna quotes also writes in Mobihealthnews of the recommendations of the FDASIA committee on how the FDA can improve the regulation of mobile health. The overall recommendation is that the “FDA needs to do a better job at (more…)

The PROTECT Act for HIT doesn’t: mHealth Coalition

The mHealth Regulatory Coalition, which is a four-year-old alliance of legal and software companies in the health IT/software area, and whose most vocal spokespersons are well-known industry legal counsels Brad Thompson and Kim Tyrrell-Knott of Epstein Becker Green, has come out against the PROTECT Act (S 2007). PROTECT, which was proposed by Senators Fischer and King, would limit FDA regulation of certain ‘low-risk’ clinical software in the interest of fostering innovation and reducing regulatory burden. Original reports indicated that this responsibility would be transferred to the National Institute of Standards and Technology (NIST) [TTA 28 Feb]. According to Mr. Thompson, “The rush to avoid expert reviews of complex technologies with far-reaching health ramifications ignores the fact that we cannot separate the high risk from the low risk apps using broad terms in legislation.” His example: a theoretical smartphone app designed to diagnose melanomas from photos. PROTECT is being supported by IBM, athenahealth, Software & Information Industry Association, Newborn Coalition and McKesson. The bill also would exempt certain health IT software from being charged a 2.3% medical device tax, which is perhaps the ‘long game’ being played here by the aforementioned companies, as most Washington watchers give the bill as it stands little chance of clearing both houses of Congress and a congressional committee, much less being signed into law. The question remains: how best to speed less clinically significant wellness software to market without logjamming FDA.  iHealthBeat summary, Clinical Innovation + Technology, MRC press release

FCC sharply elbows up to the mHealth regulatory table

That other three-letter agency, the Federal Communications Commission (FCC), which has shown a distinctly competitive face versus the FDA on Federal healthcare tech policy over the past three years and more, has formed–drum roll–a task force to examine adoption of wireless technologies by health care organizations. Connect2HealthFCC will “identify regulatory barriers and incentives to expand the use of wireless health technologies; and strengthen partnerships with stakeholders in the telehealth and mobile health industries.” If this an accurate statement of the task force’s purpose, the parade not only has gone by, but it’s also three counties away. Yet going back in our files, this Editor notes that the FCC has vigorously fenced not only with the FDA, but also with HHSNIH, NIST and Congress for its place in the Federal HIT regulatory firmament. With issues such as ‘net neutrality’, wireless bandwidth and rural broadband, the FCC has a heaping healthcare helping on its plate just in assuring national access and removing conflicts in frequency demands by devices. However, the task force is headed by Michele Ellison, lately the FCC’s top regulatory enforcer with, as The Hill notes, 6,000 actions under her belt. In Foggy Bottom, things are never what they seem. iHealthBeat

Is *less* regulation the answer for mHealth? (US)

What if the solution to the mHealth/digital health logjam of approvals at the US Food and Drug Administration (FDA) is to take clinical and health software completely out of their approval purview–and hand it to the National Institute of Standards and Technology (NIST), which is not a regulatory body but a standards-development organization. That is the solution proposed by the PROTECT Act of 2014 (Preventing Regulatory Overreach to Enhance Care Technology), proposed by Senators Angus King (I-Maine) and Deb Fischer (R-Nebraska). It’s put some of the better known organizations into a swivet, along with high profile attorney and mHealth legal expert Bradley Merrill Thompson with Epstein, Becker & Green. Possibly little to no regulation would be applied to EMRs, clinical support software and wearables/fitness apps–which is promptly being conflated by the usual suspects to heavy-duty equipment such as CT scanners.  FDA also finalized its guidance last September on telehealth and telemedicine applications, which this would render irrelevant. The Washington betting is that this Senate bill will go exactly nowhere, but it’s indicative of the jockeying for position this Editor is seeing within the present government and now with advocates/lobbyists [TTA 13 Feb]. MedCityNews, FierceMobileHealthcare

The CES of Health (Friday)

Rounding up the 10 Ring Vegas Circus-Circus, it’s time for ‘best and worst lists’: hopping with the Kiwi tracker, no one’s kind to Mother, in the kitchen with 3D printers and what may be up with Google, FDA and contact lenses.

[grow_thumb image=”http://telecareaware.com/wp-content/uploads/2014/01/02-itoi-620×400.jpg” thumb_width=”150″ /]ZDNet rounds up its Friday coverage with a Best of CES selection. It’s always interesting to get the broader non-healthcare techie view of ‘what’s hot’–they spotted fitness bands early when even diehard QSers were skeptical– and to then see if their picks make it into the broader market. Their health tech picks are the Mimo Baby onesie + detachable turtle monitor from Rest Devices (sure to be a hit at your next baby shower; TTA 10 Sept], movement profiler Notch(see Thursday; it also made The Guardian’s roundup), MakerBot’s home 3D Replicator Mini (Wednesday) and the Epson Moverio BT200 digital content projection smart glasses  (in-market March, @ $699.99 a bargain for what use?). Au contraire, see 11 born-to-fail worst gadgets which includes being mean to Sen.se’s Mother and, in worst design, an iPad video ‘periscope’ from iTOi which looked like it was stolen off the set of the 1956 space opera Forbidden Planet. For today’s market, it definitely could have used a steampunk vibe to carry off its ‘Blue Blazes’ design.

Yet one of their writers gives Mother, a/k/a the “M2M Mollycoddle”, “part-Russian doll and part-Doctor Who monster”, a more thoughtful once-over. (more…)

The CES of Health preview

International CES in Las Vegas will be the annual ten-ring circus it always is, but this year even the tech watchers are concentrating on health. There appears to be no blockbuster consumer electronics debuts this year, so what you will see in the rinse-and-repeat cycle are the connected categories of Wearables and The Internet of Things. Basically everything will be connected, automated…and gathering lots of data on you (what ZDNet’s Jason Hiner in his CES preview article has dubbed Contextual Computing, and he likes it). Lisa Suennen of Psilos Group, writing in MedCityNews, coins her own slightly dismissive term, ‘The Internet of Wearable Things’, and makes the entirely sensible point that sensing your fitness is one thing, doing something about it another. But the critical health app that soars over her goal posts is the Surf Life Saving WA Twitter account. If you’re in Western Australia and hitting the water, you want to know where the sharks are. This gives it to you. This Editor also sees that Samsung received FDA 510(k) approval for their heavily hyped S Health app built into the US-released Galaxy S4 smartphone. While the UK enjoyed third party device connectivity back to the S3, the US version of S Health, according to Mobihealthnews, only connected to three unreleased Samsung peripherals and relied on manual entries. This undoubtedly will change–expect there to be buzz about where Samsung will now take this at CES. And there’s always hay to be made with sleep analysis tracking–high-end multi-sensor fitness watch Basis Science has now added advanced sleep tracking to its BodyIQ analysis of running, walking and biking, as well as upgrading its looks (VentureBeat).

Certainly more to come out of CES and conferences within CES this coming week!

mHealth Summit 2013: Verizon’s role in the HIT ecosystem

Peter Tippett, MD, PhD Talks Verizon’s Role in the Health IT Ecosystem

Lois Drapin, Founder & CEO of The Drapin Group, in the third of her post 2013 mHealth Summit insights, speaks with CMO and VP of Verizon Enterprise Solutions, Peter Tippett, MD, PhD to share his insights on expanding Verizon’s role in the health IT ecosystem during the 2013 mHealth Summit. This article is courtesy of HIT Consultant.

I was happy to hear that Peter Tippett, MD, PhD, Chief Medical Officer and Vice President of Verizon Enterprise Solutions put aside thirty minutes for an interview with me at the mHealth Summit. I arrived at the large Verizon booth and was immediately greeted by one of my favorite women in health technology, Nancy M. Green, Managing Principal of Healthcare Practice at Verizon Enterprise Solutions. Disruptive Women in Health Care, a group founded by Robin Strongin, just announced their list of Disruptive Women to Watch in 2014 and Nancy is on that list. Congrats goes out to Nancy… and to Dr. Tippett for having one of these top women on his team. We like that.

I always ask people to share a little about themselves before we talk business. (more…)