Updates on Change cyberattack: UHG’s timeline for system restorations, key updates around claims and payments in next weeks (updated)

March 9, 2024 | by

As of 8 March-updated 14 March

UnitedHealth Group released a timeline on restoring Change Healthcare systems.

Prescribing is currently back online, with payments not up until next Friday and the claims network starting testing and brought up through the week of 18 March. Highlights below are from the release. Details in 7 March press release.

  • Electronic prescribing is now fully functional with claim submission and payment transmission available as of 7 March. At the end of the release, there is additional information applicable to pharmacy claims and payments, as well as Optum Rx PBM.
    • Update: UHG announced on 13 March that the pharmacy network and payment systems were operational and 99% of pre-incident claim volume is restored. There are some pharmacies remaining offline. Reuters
  • Electronic payment functionality will be available for connection beginning 15 March (next Friday)
  • Testing and reestablishing connectivity to the claims network and software on Monday 18 March restoring service through that week.

Bottom line: the two critical functions of payments and claims will not be fully restored for a month (the cyberattack began on 21 February. Testing of the claims network is not full functionality. Reading between the lines, don’t bet on the week of 18 March for a complete restoration.

Editor’s note: Claims drive payments. There is a massive backlog. Providers could be out of pocket for months or working through reconciliations with UHG, if they participate in temporary funding.

Buried in the release: “we strongly recommend our provider and payer clients use the applicable workarounds we have established—in particular, using our new iEDI claim submission system in the interest of system redundancy given the current environment.”

The rest of the release recaps UHG’s temporary funding proposal, which the American Hospital Association had previously criticized as having ‘shockingly onerous’ terms that were “not even a band-aid on the payment problems” [TTA 5 March]. It has been improved with UHG advancing payments weekly and removing fees and interest. Repayment also seems sensible if the reconciliations are done correctly; “providers will receive an invoice once standard payment operations resume and will have 30 days to return the funds.” Registration is of course required.

UHG is also urging other payers to follow their lead in addressing payments with their providers.

At this point, you can’t expect UHG to disclose why Change Healthcare’s hundreds of systems were so vulnerable–nor whether they paid ransom to BlackCat, as reported. This Editor also wonders how much information on claims and payments, going back before 21 February, was lost. 

Other funding updates:

UHG will suspend until 31 March:

  • Prior authorizations for most outpatient services except for Durable Medical Equipment, cosmetic procedures, and Part B step therapies. This applies to Medicare Advantage (MA), including Dual Special Needs Plans (D-SNP).
  • Drug formulary exception review processes for Medicare Part D pharmacy benefits

UHG will work with state Medicaid agencies on actions they wish to implement.

Becker’s, Healthcare Dive

Is BlackCat/ALPHV faking its own ‘death’? (updated) HHS and CMS come to Change affected providers’ assistance with ‘flexibilities’

March 7, 2024 | by

BlackCat/ALPHV blames the FBI for another ‘shutdown’ and exits, stage left. BlackCat put up a copy of the shutdown screen (left) that appeared on their old leak website back in December [TTA 22 Dec 23] on their new leak website, claiming that law enforcement shut them down. This was not confirmed by the FBI either way, but Europol and the NCA confirmed to Bleeping Computer that they had no recent activity involving BlackCat. The other tell was that the source code on both screens was different–it was served up on another server.

On a Russian hacker forum called Ramp, BlackCat/ALPHV claimed that they “decided to completely close the project” and “we can officially declare that the feds screwed us over. The source code will be sold, the deal is already being negotiated”. The source code is reportedly up for sale for $5 million.

As to the $22 million, BlackCat/ALPHV never admitted it was paid by Optum/Change (nor is Optum confirming), but the affiliate called “notchy” which didn’t get paid [TTA 5 Mar] shared (to Bleeping Computer) that “a cryptocurrency payment address that recorded only one incoming transfer of 350 bitcoins (about $23 million) from a wallet that appears to have been used specifically for this transaction on March 2nd.” That wallet distributed (seven) equal payments of $3.3 million in bitcoin to other wallets.

(Update) Speaking of “notchy”, let’s not forget that this affiliate claims to have 4 TB of PHI/PII data from Change that could be sold or leaked. Since they never got paid by BlackCat/ALPHV, it’s safe to assume that information will be up, so to speak, for grabs.

When it all adds up–the fake FBI ‘raid’, shutting down servers, the signoff on Tox of “GG’ (good game?), the cutting off of affiliates (which also confirmed this to DataBreaches.net–and may or may not have been paid)–it resembles an exit scam.

(Update) Another excellent summary about ALPHV in Krebs On Security also updates LockBit, which was seized in an international takedown in February, and about governmental entities they ransomwared.  To be continued….

The lobbying of HHS by Congress, the American Hospital Association, and UHG to help out providers has produced some results. On 5 March, Health and Human Services (HHS) issued a statement that summarized various ‘flexibilities’ and workarounds to aid providers who cannot access systems or have to resort to alternatives to ensure continuity of services to patients. These will be administered through the Center for Medicare & Medicaid Services (CMS) and range from prior authorization, advance funding, and claims processing for Medicare. From the statement:

  • Medicare providers needing to change clearinghouses that they use for claims processing during these outages should contact their Medicare Administrative Contractor (MAC) to request a new electronic data interchange (EDI) enrollment for the switch.
  • CMS will issue guidance to Medicare Advantage (MA) organizations and Part D sponsors encouraging them to remove or relax prior authorization, other utilization management, and timely filing requirements during these system outages.
  • CMS is also encouraging MA plans to offer advance funding to providers most affected by this cyberattack.
  • CMS strongly encourages Medicaid and CHIP managed care plans to adopt the same strategies
  • If Medicare providers are having trouble filing claims or other necessary notices or other submissions, they should contact their MAC for details on exceptions, waivers, or extensions, or contact CMS regarding quality reporting programs. CMS has contacted all of the MACs to make sure they are prepared to accept paper claims from providers who need to file them.

Many payers are also making funds available while systems are offline. Hospitals may also face “significant cash flow problems from the unusual circumstances impacting hospitals’ operations, and – during outages arising from this event – facilities may submit accelerated payment requests to their respective servicing MACs for individual consideration.”

The statement closes with a reminder of HHS’ December concept paper on cybersecurity strategy for healthcare. DataBreaches.net (full statement), Becker’s

(Update) More on how this is affecting patient care focusing on cancer treatment, from the point of view of a Community Oncology Alliance spokesman. In addition, how consolidation is making healthcare more vulnerable to cybercriminals, and comments on UHG and Federal processes and payment offers to date. HealthcareITNews.

And DDoS attacks and questionable downtimes are now common.

Editor’s Update 11 Mar: The DataBreaches.net website had a major DDoS attack on 7 March and was down for two days thru 8 March. It is now fully up and running with our links working.

Multiple US Government websites went down Thursday evening 7 March based on news reports: Department of Homeland Security (DHS), Customs and Border Protection (CBP), Immigration & Customs Enforcement (ICE), Citizenship and Immigration Services (USCIS), US Secret Service and Federal Emergency Management Agency (FEMA). The timing based on the State of the Union address to Congress is, well, interesting. Daily Express   Later reports announced restoration later in evening. Cyberincidents are not exactly unknown on government websites.

Update: VillageMD lays off 49 in first two of six Village Medical closures in Illinois

March 6, 2024 | by

VillageMD starts releasing staff in soon-to-shut Illinois clinics. Layoffs have already started in the Illinois clinics owned and operated by Walgreens-owned VillageMD. As reported in Crain’s Chicago Business, two of their six Village Medical clinics have given notice to doctors, practice managers, medical assistants, registered nurses, and ultrasound and radiology technicians. This eliminated 24 positions at the Lincoln Park (Chicago) office and 25 positions at their Wheeling clinic, both free-standing independent locations. The layoffs took place between 20 February and 5 March. It is not clear from the article or the WARN Notice filed 20 February with the state Department of Commerce whether the layoffs take effect by or on 19 April or if the clinics are being run by a skeleton staff before closure. 

A website check of Village Medical locations in Illinois has banners on each location’s page confirming that they will close on 19 April. Illinois WARN notices have not been posted yet for the four other locations.The only co-located Walgreens-Village Medical location is in Elk Grove, so the five free-standing locations may not have been part of the 2021-22 expansion or had been acquired in separate transactions.

VillageMD is headquartered in Chicago with an original footprint mainly in the Midwest to Texas, expanding to the East (plus specialty and urgent care) when it acquired Summit Health/CityMD in January 2023 for $8.9 billion

A VillageMD spokesperson told Crain’s that laid-off full-time employees will receive an ‘exit package’ which indicates that part-time employees may receive little to no assistance. “Support for patients” is limited to urging them to contact their insurance company for help in locating a new physician and office, then assisting in transferring their records. The spokesperson did not disclose if current patients are in the process of being notified nor how.

Based upon these initial layoff numbers, Village Medical’s layoffs in Illinois will be upwards of 150 at minimum. Their spokesperson declined to reveal the full number of layoffs in Illinois. If 25 per location is extrapolated to 85 locations across Village Medical, layoffs will be ~ 2,125.

VillageMD has been remarkably silent to the press about the closures and reorganization. It has not issued a press release since last October. Additional background TTA 29 Feb.

Reality Bites Again: UHG being probed by DOJ on antitrust, One Medical layoffs “not related” to Amazon, the psychological effects of cyberattacks

March 6, 2024 | by

When It Rains, It Really Pours for UnitedHealth Group. On the heels of their Optum/Change Healthcare ransomware disaster are recent reports that the US Department of Justice is investigating UHG over multiple antitrust concerns. According to the Wall Street Journal, DOJ is examining certain relationships between the company’s UnitedHealthcare insurance unit and its Optum services unit, specifically around Optum’s ownership of physician groups. UHG has been aggressively buying and buying interests in practice groups for several years, announcing quite publicly that their goal was to own or control 5% of US physicians. In 2022 and 2023, they bought CareMount, Kelsey-Seybold, Atrius Health, Healthcare Associates of Texas, and Crystal Run Healthcare (Becker’s). Local reporting by the Examiner News in Westchester, NY, brought much of this history to light. In that area, it started with local practice group CareMount and their 25% layoff after being folded into Optum Tri-State with ProHealth in Long Island and NYC and Riverside Health–a layoff pattern that accelerated in the practice groups in 2023.

DOJ lost out on their challenge to the Change Healthcare acquisition in November 2022, deciding not to appeal the Federal District Court decision in 2023 [TTA 23 Mar 2023]. But DOJ never sleeps; they are examining with a microscope UHG’s $3.3 billion bid for home health provider Amedisys that started in August 2023 and has not moved forward. DOJ has a long memory, a Paul Bunyan-sized ax to grind, and doesn’t like losing. One wonders if now UHG has buyer’s remorse after fighting for two years to buy Change.

In the Alternate Reality Department, One Medical CEO Trent Green insisted that their reorganization and layoffs were unrelated to their acquisition by Amazon. Those of us who are a little less credulous know that with 98% of acquisitions, staff are laid off. Overlapping areas wind up being pinkslipped, no matter their individuals’ quality or even difference in business: finance, HR, legal, marketing, IT, operations, compliance, sales, account managers…the list is almost endless. According to the Washington Post article (also Becker’s), One Medical cuts, estimated at up to 400, also included front desk staff, office managers, health coaches, behavioral health specialists and a pediatrician–people who aren’t employed by other Amazon units. One Medical’s corporate offices in New York, Minneapolis, and St. Petersburg, Florida are closing, and its San Francisco office space is reduced to one floor. TTA 14 Feb

One Medical has never been profitable, as this Editor noted when the acquisition was announced as part of the “race to transform healthcare models”. This wasn’t going to last long with Amazon, which has been aggressively been cutting and dumping in other units such as Audible, Prime, and Halo. Marketing Amazon-style with deeply discounted memberships to Prime members also has its limitations. One Medical has a scant 200 mostly urban offices, which means that members outside those areas only have access to virtual visits. It had previously cultivated a patient population of young, mostly healthy and lower-cost urbanites, who as they grow older and have families might stick with the practice–or find it not compatible with or targeted to their needs in middle age. Management has changed: Green replaced Amir Dan Rubin, MD, as CEO last September. CFO Bjorn Thaler will move to a new position focused on growth initiatives. A layer of regional general managers will report to an Amazon head of operations, and legal, finance, and technology teams will report to Amazon’s healthcare business structure. Inbound calls now go to Mission Control, a central call center, and even those humans will be in future supplemented by an AI-enabled chatbot.

Iora Health, One Medical’s specialized (acquired) unit in Medicare Advantage and Medicare Shared Savings Programs including the advanced ACO REACH model, in October was rebranded as One Medical Senior, with an intention for all One Medical offices to serve age 65+–but with current patients, many with multiple chronic conditions, now reporting cutbacks in callbacks, appointment length, physician load, and services provided such as transportation. One clinic had 20 staff cut back to five with patients pushed out to virtual visits–hardly appropriate for a high needs, older, less technologically savvy patient population in value-based care, quality-measured models. Editor’s note: having had some experience in ACO and VBC World, Amazon may as well get out of ACOs because practices in these primary care models require specialized and dedicated management, reporting, and population nurturing. They don’t mainstream well.  I have also read that ironically, Iora was profitable for OneMedical, which is 1) why they bought it and 2) ran it separately.

In this Editor’s view, human costs are a factor shown to be absent from Amazon’s business calculations for success–which doesn’t quite square with the mission of healthcare for healthier patients and better outcomes.

Speaking of the reality of human cost, let’s spare a thought for those dealing with the effects of a cyberattack or data breach. They are the IT staff, pharmacists, software specialists, front line clinicians, billing specialists, doctors, therapists, business managers, coders…the list goes on. They share their feelings of frustration, helplessness, distress, aloneness, and financial fear on Reddit, Twitter/X and other forums. Few think of them taking the brunt of patient frustration and their state of mind day after day as Change/Optum’s disaster goes on and on. Writer Molly Gamble of Becker’s has the final and most sympathetically descriptive say in her brief but important article about When ransomware strikes, who to call?  A full read is recommended.

Helplessness or loss of control, especially at a collective level, can be psychologically and emotionally taxing. Recognizing a threat but not knowing what to do about it can increase one’s stress, anxiety and fear. The lack of a known end point of a cyberattack like Change is experiencing can intensify psychological distress. Some independent therapists, for instance, have noted they have halted their insurance billing for a week due to the downtime and expressed fear about going longer without income. 

These mental effects, while lesser-discussed, are exactly what cyberthreats intend to bring on. Cyberterrorists want to create mental and physical harm, and research has found that the psychological effects of cyber threats can rival those of traditional terrorism.

Facing Future: Walgreens CEO moves company into strategic review–will he get WBA board alignment?

March 5, 2024 | by

Walgreens’ CEO Wentworth positions for turnaround. “This is not a 12-month turnaround story” said Mr. Wentworth at the TD Cowen healthcare investor conference. To this Editor, the public honesty and lack of cant (a/k/a “PR Speak”) was refreshing. His unobvious caveat though was aligning the board around what he and the new executive team–very few if any carryovers from the prior regime–see as the direction of the company and asset management.

The WBA board is led by executive chairman Stefano Pessina, who has a vested interest in a turnaround. He is the lead individual shareholder of WBA with apparently 10% of shares with other insiders (including the COO of WBA International, Ornella Barra, spouse of Mr. Pessina) having about 17%. Large institutional investors (Vanguard, State Street, etc.) have over 60% of the company. The share price has fallen about 40% in the past year (from early March 2023) and 55% from this time in 2022. (Derived from WBA and Yahoo Finance)

Example: This Editor has estimated from public information that Walgreens sank north of $10 billion into VillageMD, from initial and then controlling interest, then funding the buy of Summit Health/CityMD. This is a huge and recent investment that is going sideways in a span of less than three years. It does take some nerve to walk it back. TTA 22 Feb

Other key points Mr. Wentworth made, according to the most complete report in Crain’s Chicago Business, was that this was not a prelude to some massive unveiling of a New Walgreens, that it would be a ‘starting gun’ for the work to be done, and that investors would be updated through the process. The review will include:

  • Evaluating its 8,000+ location footprint based on current and projected population and type of usage
  • US Healthcare assets including the already shrinking VillageMD [TTA 29 Feb], home care benefit management services primarily for payers CareCentrix, and specialty pharmacy Shields Health Solutions.
  • Shields is apparently no longer up for sale per earlier reports but Boots now may be
  • Smaller assets around clinical trials and pharmacy fulfillment centers

The next earnings call is 28 March, when undoubtedly more will be revealed.

FierceHealthcare caught up to this as well.

Editor’s POV on ‘musts to avoid’: Walgreens’ chief medical officer, Dr. Sashi Moodley, was interviewed during ViVE24 by Mobihealthnews, It is only remarkable in how he sidestepped direct questions beyond the first two lengthy ones on a virtual care initiative, generating a fog of non-answers around VillageMD closures and corporate strategy that became peasoup thick by the last question. (Kudos to Jessica Haden for not going wobbly.) The dubious wisdom of placing a C-level in front of the press at a ‘hard and tough news’ time, one whose expertise is clinical in nature, most comfortable in speaking to that and not corporate strategy, plus evidently has a hard time editing/limiting responses, should be rethought. 

Week 2: Change Healthcare’s BlackCat hack may last “for the next couple of weeks”, UHG provides temp funding to providers, AHA slams it as a ‘band aid”–but did Optum already pay BlackCat a $22M ransom? (updated)

March 5, 2024 | by

The BlackCat/ALPHV ransomware attack on Change Healthcare’s systems continues. At this point, the Optum systems website doesn’t show anything other than a chronological trail of updates and a long list in very small gray type of Change Healthcare systems affected–no more individual checks on working systems and red Xs on the ones that weren’t. 

  • UnitedHealth Group is setting up a program to loan funds, the “Temporary Funding Assistance Program,” to providers who cannot receive payments while Change systems are down. While without fees or interest, the loans will have to be repaid.
  • In a Tuesday 27 Feb conference call with hospital cybersecurity officers reported by STAT, UHG Chief Operating Officer Dirk McMahon said that the program will continue “for the next couple of weeks as this continues to go on.” This is more of a timeline than UHG has otherwise disclosed.
  • The American Hospital Association (AHA) on Monday slammed the “Temporary Funding Assistance Program” as “not even a band-aid on the payment problems” that hospitals are experiencing. The program is, in their view 1) “available to an exceedingly small number of hospitals and health systems” and with “shockingly onerous” and “one-sided contractual terms” and conditions for payback and verification through access to claims payment data. For their members, “their financial future becomes more unpredictable the longer Change Healthcare is unavailable. UnitedHealth Group, which is a Fortune 5 company that brought in more than $370 billion in revenue and $22 billion in profit in 2023, can — and should — be doing more to address the far-reaching consequences that result from Change Healthcare’s inability to provide these essential hospital revenue cycle functions nearly two weeks after the attack.” 4 March letter to UHG   AHA maintains an update page for members and other providers.
  • US Senator Chuck Schumer wrote 1 March to the Center for Medicare and Medicare Services (CMS) requesting that CMS accelerate payments to hospitals, pharmacies and other providers. Also Becker’s
  • AHA wrote 4 March to all four Congressional leaders detailing the effect on providers, UHG’s assistance program’s inadequacies, and requesting assistance from HHS including requesting “Medicare Administrative Contractors to prioritize and expedite review and approval of hospital requests for Medicare advanced payments.”  

Update: According to First Health Advisory, a cybersecurity firm in healthcare, some large providers are losing $100 million daily because of the interruptions to Change/Optum’s payer systems. CNN, Becker’s

And BlackCat went All Quiet on the Ransomware Front. Bleeping Computer confirmed that BlackCat turned off their servers and took their negotiation website offline over the weekend. “The Tox messaging platform used by the BlackCat ransomware operator contained a message that does does not provide any details about what the gang plans next: “Все выключено, решаем,” which translates to “Everything is off, we decide.”” It has now been changed to “GG”.

This may or may not be related to another development–an affiliate of BlackCat/ALPHV claiming that they were scammed of a $22 million ransomware payment from Optum. These affiliates actually carry out the attacks on cybervictims using encryptors from the main entity. Dmitry Smilyanets of threat intelligence company Recorded Future picked up a message posted by “notchy” that said Change/Optum paid $22 million on 1 March to “prevent leakage and decryption key.” ALPHV suspended their account after receiving the payment and never paid them. This affiliate also claims they still have 4 terabytes of data from Change that goes deep into Tricare, Medicare, MetLife, CVS, and many other payers. As proof on the ransom, “notchy” provided a cryptocurrency payment address with a total of nine transactions. In the ultimate irony, “notchy” warned other affiliates to stop dealing with ALPHV. Cutting off affiliate ties and walking away with the cash, preliminary to another rebrand of BlackCat/ALPHV, formerly DarkSide and Black Matter? Also The Registerand DataBreaches.net–which commented that while Optum may have gotten a decryptor, what about All That Data?

BlackCat is back, claims theft of 6TB of Change Healthcare data

February 29, 2024 | by

What’s known as of Thursday 29 February (Leap Day) about the Change Healthcare cyberattack:

  • Change and Optum have attributed it to BlackCat/ALPHV as of today. From Becker’s HealthIT:  “Change Healthcare can confirm we are experiencing a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat,” an Optum spokesperson emailed Becker’s on Feb. 29. “We are actively working to understand the impact to members, patients and customers.”
  • BlackCat is claiming it stole 6 terabytes (TB) of data in the breach. From Bleeping Computer 28 Feb:

BlackCat said that they allegedly stole 6TB of data from Change Healthcare’s network belonging to “thousands of healthcare providers, insurance providers, pharmacies, etc.”

The ransomware gang claims that they stole source code for Change Healthcare solutions and sensitive information belonging to many partners, including the U.S. military’s Tricare healthcare program, the Medicare federal health insurance program, CVS Caremark, MetLife, Health Net, and tens of other healthcare insurance providers.

Per BlackCat’s claims, the sensitive data stolen from Change Healthcare contains a wide range of information on millions of people, including their:

  • medical records
  • insurance records
  • dental records
  • payments information
  • claims information
  • patients’ PII data (i.e., phone numbers, addresses, social security numbers, email addresses, and more)
  • active U.S. military/navy personnel PII data

Tyler Mason, UnitedHealth Group VP, had earlier stated to Bleeping Computer that 90% of the 70,000+ affected pharmacies switched to new electronic claims procedures to avoid the Change Healthcare issues. 

While this cybertheft appears breathtaking in its scope and perfect revenge as a “dish best eaten cold” for the December takedown of their websites, the amount and type of data in the exploit may be exaggerated for purposes of negotiating a rich settlement. As of today, BlackCat has not offered a number for ransom. This theft may be worth far more in selling the data to other cybercriminals in Russia, Eastern Europe, and China than demanding a ransom from UHG/Optum, which may decide to rebuild systems rather than pay up [TTA 27 Feb].

Breaking: VillageMD exiting Illinois clinics–in its home state–as closures top 80 locations

February 29, 2024 | by

VillageMD to cut six locations in the Chicago area–five standalone, one attached to a Walgreens store. The clinics will close on 19 April.

The irony is that VillageMD is headquartered in Chicago.

In October, Walgreens announced that 60 Village Medical clinics would close. The Florida closings announced last week were in two phases, 14 and 38, a total of 52. With Illinois, the total would be 58. However, Crain’s Chicago Business stated late on Wednesday in its article that 12 Massachusetts locations closed in February. Last month, three locations in New Hampshire and all 12 Indiana clinics closed, bringing the total to 85.

This story will be updated as it develops.

Short takes on a springlike ‘defrosting’: Redi Health’s $14M Series B, Dario Health buys Twill for ~$30M

February 29, 2024 | by

Announced during ViVE, Redi Health gained a $14 million Series B. Funding came from not the VC or PE Usual Suspects so in evidence two short years ago, but from Blue Heron Capital with participation from inside investors Refinery Ventures, Mutual Capital Partners, Rev1 Ventures, and M25. This brings Redi’s total funding to about $19 million, after early-stage rounds totaling $5 million.

Based in Columbus, Ohio, Redi integrates program enrollment, a patient assistance program on a mobile app and website, and co-pay strategies into a single platform targeting patients with multiple chronic conditions. The app includes medication and symptom tracking, a pharma assistance program, and a navigator that connects providers, field teams, and patient support managers. Redi’s most convincing stats are that Traditional Patient Support Programs (PSPs) contribute to a non-adherence rate of approximately 70%, leading to estimated losses of over $600 billion annually for the pharmaceutical industry, but don’t get into the cost of non-adherence in patient outcomes: morbidity and mortality associated with poor medication adherence costs $528.4 billion annually (PAN Foundation). Yahoo!Finance, Mobihealthnews  Hat tip to Steven Wardell of Wardell Advisors

Another sign of the times? Complicated Deals. DarioHealth is buying Twill, formerly known as Happify (and with a behavioral health app still known as Happify). Dario is putting up $10 million in cash. The rest is in 10 million shares of common stock (Nasdaq,  DRIO) in the form of pre-funded warrants for the benefit of Twill’s debt holders and equity holders. These warrants will not vest all at once but in four phases after closing: 270 days, 360 days, 540 days, and 720 days. As Dario stock is at about $2.50, this is approximately $20 million for a total transaction cost of $30 million. 

Dario has a combined app and in-person approach to musculoskeletal (MSK) therapy, diabetes, hypertension, weight management, and behavioral health. Twill concentrates on telementalhealth, initially on reducing stress and increasing wellness, but now has expanded to the mental issues around chronic conditions, pregnancy and maternal health, with tailored and culturally adapted tracks and activities. It is not stated if the Twill products will continue under their present names.

The combination of both companies is expected to double Dario’s pro forma 2023 revenues to $30.5 million, based on extrapolating Q1-3 2023 revenues: $16.7 million in Dario revenues and $13.8 million in Twill revenues.

The rest of the Dario release is a dizzying chronicle of funding legerdemain that this Editor hasn’t seen since her airline days when she sat in on finance meetings that would ultimately decide 1) how many cities the airline could open and 2) how much she could spend on advertising media to support them. There’s a $22.4 million private placement of convertible preferred stock, inducement grants of stock options to employees of Twill to purchase up to 2,963,459 shares of Dario’s common stock at a strike price of $2.55, and 1,766,508 shares, 733,562 in the form of restricted stock units and 1,032,946 in the form of warrants mainly to keep key employees of Twill on board, such as co-founder/CEO Tomer Ben-Kiki, as well as to other employees, board members, and consultants. Investment firm Stifel is listed, but again none of the VC or PE Usual Suspects. 

Twill reported only a single non-equity assistance funding through the PharmStars accelerator in Spring 2023, so Dario likely did not have a lot of investors to buy out.

Roundup: Walgreens’ new chief legal officer; Digital Health Collaborative launched; fundings/M&A defrosting for b.well, R1 RCM, Abridge, Reveleer; Veradigm likely delists, buys ScienceIO–mystery? (updated)

February 27, 2024 | by

Walgreens’ CEO Wentworth’s final add to Executive Committee named. Lanesha Minnix was announced on Monday as the company’s new global chief legal officer and EVP, effective 15 April. She comes from being general counsel and corporate secretary for Ecolab, a Fortune 500 water, hygiene and infection prevention company. As chief legal officer, she will oversee Walgreens’ global legal, compliance, corporate governance and corporate security functions. Ms. Minnix succeeds Danielle Gray, who left in January to “pursue an external opportunity” (Reuters). Yahoo Finance from PR Newswire

A new organization to ‘advance digital health adoption’ launched last week. The Digital Health Collaborative, a coalition of 14 healthcare and consumer organizations, is committed to “evidence-based, cost-effective, equitable digital health solutions.” Their initial activities are expected to include a national purchaser survey, grantmaking, and convenings. The DHC is supported by the Peterson Health Technology Institute (PHTI) and led by Caroline Pearson, also the Executive Director at the NYC-based Peterson Center on Healthcare.

The 14 organizations backing the DHC are: AARP, AHIP, Alliance for Connected Care, American Medical Association (AMA), American Telemedicine Association (ATA), Consumer Technology Association (CTA), Digital Medicine Society (DiMe), Digital Therapeutics Alliance (DTA), HLTH Foundation, Innovation and Value Initiative (IVI), International Consortium for Health Outcomes Measurement (ICHOM), National Alliance of Healthcare Purchaser Coalitions, The National Committee for Quality Assurance (NCQA), and RockHealth.org.

The DHC with support from PHTI has established a Research and Impact Fund for aligned research and programs. The first grant was provided to DiMe for its Integrated Evidence Plans for Digital Health Products. While a fine list, this Editor notes no payers or hospitals (end user groups) or cybersecurity organizations to advocate for digital health security. DHC release

Some funding and M&A action…zounds!

b.well Connected Health’s Series C clocks in at $40 million. Leavitt Equity Partners led the raise which tops up b.well’s funding to $98.8 million. Their last funding round was a $32 million Series B in July 2021 with HLM Venture Partners as the lead. b.well markets its FHIR-enabled Connected Health platform to unify healthcare data, solutions, and services for end users at payers, providers, and employers. Joining the board are three new members: Andrew Clark, Managing Partner at Leavitt Equity Partners, Ryan Howells, Principal at Leavitt Partners and Executive Director of the CARIN Alliance, as an independent director, and Hon Pak, MD, Head of Digital Health at Samsung. Samsung is a key partner of b.well. A key joint project involves giving Galaxy smartphone users control over their longitudinal health records, as well as proactive, personalized health insights via Samsung Health, with easy access to care from providers including Walgreens, Northwell Health, Lee Health, ThedaCare, and others. Is the lettered round an indicator of Better Times ahead? Release, FierceHealthcare

R1 RCM may go private via investor group. An investor group led by New Mountain Capital is offering to take the revenue cycle management (RCM) company private to buy up shares they do not already own at $13.75 per share. New Mountain holds 32.43% of shares and is working with an investment group that includes another major shareholder TCP-ASC (TowerBrook Capital Partners that has a 29.64% stake, plus Ascension Health Alliance–Ascension accounts for nearly half of R1’s income), putting them at over 62% if TowerBrook goes all in. Mr. Market has weighed in and says that the offer price is already obsolete. It  represented a tidy premium to Friday’s close at $11.10, but the current trading on Nasdaq is well above the bid at $14.45. Current shareholders such as Coliseum Capital Management LLC, one of the five largest shareholders, have already stated to the board that the company is undervalued at the offer price. R1 traded in the $18 as recently as last summer, but hit a headwind at end of year with the loss of customer Pediatrix on implementation issues. But based on their 2023 performance despite this, the other investors are making a good case. R1 RCM is the largest publicly traded RCM company for hospitals and healthcare systems. They closed 2023 profitably with net income of $3.3 million, flipping a $63 million 2022 loss, on a revenue increase of nearly 25% to $2.3 billion.  Reuters, Healthcare Dive

Abridge, a clinical documentation and ‘clinical conversation’ company, is enjoying a lush Series C of $150 million led by Lightspeed Venture Partners and Redpoint Ventures leading five other investors. Abridge has a conversational AI technology using LLM and speech recognition to ease the burden of taking notes during the doctor’s appointment and states it is fluent in 14 languages across 55 medical specialties. Its last raise was a $30 million Series B just last October. A good reason why both is that it is fully integrated within Epic. According to HISTalk, Lightspeed advisor Paul Ricci is a former chairman and CEO of Nuance, one of Abridge’s biggest competitors, so one has to assume he knows what’s what inside this technology. Axios

Another NLP and AI powered healthcare data analytics company, Reveleer, is also topping its tanks with a $65 million raise. Hercules Capital led the venture round on a total funding of $208 million. Release

Veradigm nears a delisting on Nasdaq due to reporting–but plans acquisition of ScienceIO, in what has to be a first. The continuing delisting watch on Veradigm (the former Allscripts) is fading to black with the company anticipating its failure to file needed financial statements with Nasdaq. Its stock continues to decline (today at $7.32 as of noon ET).

Since March 2023, Veradigm has had trouble with required reports due to faulty financial software and has begged extension after extension. The required reports due by Tuesday 27 February are for 2023 quarterlies on form 10-Q and its annual 2022 report on form 10-K.

Veradigm is also facing a slew of shareholder lawsuits on the decline in its share price [TTA 3 Jan]. To counter this, Veradigm announced today (27 Feb) that the board of directors is adopting a limited duration stockholder rights plan that issues by means of a dividend one preferred share purchase right for each outstanding share of Company common stock to stockholders of record on the close of business on 8 March 2024. This becomes exercisable only if a person or group secures beneficial ownership of 10% or more of the outstanding shares in the next year. The rights plan is obviously designed to compensate shareholders in the event of a takeover not approved by the board (i.e. a hostile takeover) via accumulation of stock and make a sale to an unapproved buyer less attractive. Release, MarketWatch/WSJ

Apparently Veradigm is healthy and profitable, according to analysts reported in Healthcare Dive. The company estimated unaudited revenue between $608 million and $622 million for its fiscal year 2023. Net income from continuing operations is estimated between $49 million and $58 million, according to the filing. This, coupled with its business as a data company, further adds to the mystery around their reporting to Nasdaq.

Simultaneous to the delisting, Veradigm announced today that it is acquiring yet another company, ScienceIO, that is (surprise!) an AI company. Veradigm will leverage ScienceIQs proprietary large language models on Veradigm’s rich data set and more. Acquisition cost of $140 million in cash (subject to customary adjustments for cash, indebtedness, working capital and transaction expenses) has approximately $44 million deferred, substantially all of which is payable in installments on each of the first three anniversaries of the closing date. Release

This is not the first acquisition that Veradigm has made with the delisting hanging. In January, Veradigm announced the acquisition of Koha Health, which specializes in orthopedic/musculoskeletal (MSK) revenue cycle management (RCM).

Updated 28 Feb: Nasdaq is delisting Veradigm effective 29 February. It will continue to trade OTC under MDRX until whatever time they become compliant with their reports. Veradigm is not appealing at this time. Healthcare Innovation. Veradigm release

Change Healthcare cyberattack persists–is the BlackCat gang back and using LockBit malware? BlackCat taking credit. (update 28 Feb #2)

February 27, 2024 | by

On Day 7, reports, like recollections, may differ. Today’s Reuters report (26 Feb) attributes the attack on Change Healthcare, which has snarled pharmacies and hospitals since Wednesday [TTA 23 Feb], to a revived BlackCat (a/k/a ALPHV) ransomware operation. Readers will recall that the FBI busted BlackCat right before Christmas last year, seizing their operational darknet websites and putting up a most showy home screen. They worked their way into the BlackCat operation via their affiliate operation. However, BlackCat rebooted a few days later, made an appearance, and went back underground. As Bleeping Computer predicted then, BlackCat is apparently back and, adding insult, not even under a new name. 

Bleeping Computer today reported that BlackCat’s hack went through a critical ConnectWise ScreenConnect auth bypass flaw (CVE-2024-1708 and 1709) which was actively exploited in attacks to deploy ransomware on unpatched servers. This was confirmed by Reuters and Health-ISAC, a healthcare-focused organization engaged in cyber best practices and threat intelligence, via the American Hospital Association’s AHA Cybersecurity Advisory today (26 Feb). AHA is advising healthcare organizations to actively reevaluate their connection or disconnection status of Change Healthcare systems which have been deemed safe by Optum.

As of today, BlackCat did not claim credit for taking down Change’s systems nor is there any report of a ransom demand. It is perhaps too early to determine if there has been any data theft. Nor are there reports of other healthcare or other organizations being attacked through the ScreenConnect flaw.

Optum has a page detailing the status of Change Healthcare’s individual systems here. Optum has a statement that has remained nearly the same on issues with connectivity since last Wednesday.* This Editor’s experience of the page is that it needs refreshing to view the full version. Regarding the systems, they are a long list to scroll through and your Editor lost count after 100. Most have red Xs by them. Some systems are checked green. Change is also holding Zoom calls to update partners. Reuters reported that Alphabet’s cybersecurity unit Mandiant is in charge of investigating the attack.

Change Healthcare processes 15 billion healthcare claims annually. This attack seems to have hit their pharmacy software the hardest. These software tools are used to verify patient eligibility for specific medication and also their insurance coverage. The outage not only covers the big chains like CVS and Walgreens, but also Tricare and the Military Health System (MHS) globally. TTA 22 Feb, updated 23 Feb.

A Friday report in SC Magazine indicated that the malware used by BlackCat was a strain of LockBit malware going through the ConnectWise ScreenConnect bypass flaw. Their source, Toby Goucker, chief security officer at First Health Advisory, stated that their firm found the ScreenConnect flaws and sent out a notification on 19 February. Goucker noted that bad actors prey on the gap between when these vulnerabilities are uncovered and announced, but before when patches are applied. However, Goucker was not able to confirm that Change uses ScreenConnect.

Ironically, the LockBit ransomwareistes were busted only last week by a combined UK NCA and US DOJ/FBI effort. Like weeds, they never go away entirely.

Oddly, Change Healthcare’s website home page does not have a notice about their problem or direct to a page on their or UHG’s site about it for assistance. We know you’re busy, guys, but from this Editor’s marketing perspective not having an information banner and redirect to the Optum page is a basic communication failure.

**This is a developing story and will be updated.**

*Update 27 Feb 9am Eastern Time.

A repeat of Optum’s boilerplate statement on their page today indicates this cyberattack is still unresolved for most of Change Healthcare–and will remain unresolved at least through today:

Update – Change Healthcare is experiencing a cyber security issue, and our experts are working to address the matter. Once we became aware of the outside threat, and in the interest of protecting our partners and patients, we took immediate action to disconnect Change Healthcare’s systems to prevent further impact. This action was taken so our customers and partners do not need to. We have a high-level of confidence that Optum, UnitedHealthcare and UnitedHealth Group systems have not been affected by this issue.

We are working on multiple approaches to restore the impacted environment and will not take any shortcuts or take any additional risk as we bring our systems back online. We will continue to be proactive and aggressive with all our systems and if we suspect any issue with the system, we will immediately take action and disconnect. The disruption is expected to last at least through the day. We will provide updates as more information becomes available.
Feb 272024 – 09:03 EST

Identical message 28 Feb 10:48am ET indicating that the effects of this attack are now one week old.

Updated 28 Feb: DataBreaches.net (“The Office of Inadequate Security”) reports that BlackCat is taking credit for it.

“BlackCat informed DataBreaches that yes, they are responsible for the attack. DataBreaches has asked them if they are willing to share any additional details and will update this post if any are received.”

This Editor is also following coverage in the usually reliable The Register which added a reply they obtained from Optum: “Since identifying the cyber incident, we have worked closely with customers and clients to ensure people have access to the medications and the care they need. We also continue to work closely with law enforcement and a number of third parties, including Mandiant and Palo Alto Networks, on this attack against Change Healthcare’s systems.” They are not confirming the perpetrators. 

#2 update from DataBreaches may point to Change Healthcare as well as healthcare in general. Here is part of a Cybersecurity Advisory (CSA) that is an ongoing #StopRansomware effort by the Cybersecurity and Infrastructure Security Agency (CISA). CISA was joined by the FBI and interestingly, the Department of Health and Human Services (HHS). They “are releasing this joint CSA to disseminate known IOCs and TTPs associated with the ALPHV Blackcat ransomware as a service (RaaS) identified through FBI investigations as recently as February 2024.” The addition of HHS as well as February 2024 should be noted. “FBI, CISA, and HHS encourage critical infrastructure organizations to implement the recommendations in the Mitigations section of this CSA to reduce the likelihood and impact of ALPHV Blackcat ransomware and data extortion incidents.” Could this be behind what is going on at Change Healthcare–a BlackCat full-court press versus US healthcare?

And at least one major hospital CEO wants answers now. Tampa General Hospital CEO John Couris went up to Optum’s CEO Amar Desai in the speaker room at the ViVE conference in Los Angeles on Monday, and the answer was far less than satisfactory. “And his answer to me was, ‘We’ll have an update in two days.’ So I don’t think he knows.” Mr. Couris’ speculates that Change Healthcare will 1) not pay ransom and 2) will rebuild its systems in maybe four weeks–and how that puts hospitals like his that use Change as a clearing house for claims in, to put it mildly, a pickle. MedCityNews

Weekend reading: AI cybersecurity tools no panacea, reality v. illusion in healthcare AI, RPM in transitioning to hospital-at-home, Korean study on older adult health tech usage

February 23, 2024 | by

A potpourri of current articles. Hope you don’t feel like Pepper the Robot after you read them!

AI won’t boost cybersecurity, that’s cutting corners (Cybernews)

AI tools that make cybersecurity more effective and faster in response are increasingly available. They are estimated in a Techopedia article rounding up multiple studies to be a global market of over $133 billion by 2030. IBM claims that organizations with AI cybersecurity took 100 days less to identify and contain data breaches. Yet AI can also leave organizations more vulnerable to cyberattack. Hackers and ransomwareistes have been using AI for years in phishing and vishing (phone-based social engineering) attacks–now using OpenAI. What’s vulnerable? Large language models (LLMs) used in generative AI (AI with the ability to create content) can be corrupted and fed false information [TTA 7 Feb] or create deepfake images–Google Gemini is the latest example (not in article). FTA: “We need human critical thinking to use AI to solve and prevent problems. We’re adopting AI far faster than we have the ability to understand how to adopt it properly.” Another approach is to think like a cybercriminal and use AI to better understand how criminals can break into your systems.

What is real and what is illusion with healthcare AI? (03:16 video, Healthcare IT News)

This is a preview of a HIMSS24 talk on 11 March by Dr. Jonathan Chen, assistant professor at the Stanford Center for Biomedical Informatics Research. Patient care and outcomes are dependent on discerning what is real and what is not, especially in the use of chatbots in patient notes. Generative AI can be very convincing even if it’s not accurate, and that is not what is wanted in patient care. We are at the Gartner Peak of Inflated Expectations when it comes to AI–and we’ve been there before.

RPM strategies for moving from discharge to hospital-at-home care (Healthcare IT News) 

How can the home be better treated as a fundamental care setting? Understanding this is key to transitioning patients from in-hospital acute care to hospital-at-home, which is in reality not being discharged and requires managing a significant number of complex layers. Interview with Cindy Gaines, RN, chief clinical transformation officer at Lumeon, a clinical automation company.

Tailor fit digital health tech to the elderly’s needs: study (Mobihealthnews)

This summarizes a South Korean study that compared the usage of digital devices, such as smartphone apps, health apps, and wearables, among healthy and pre-frail/frail Koreans aged 65+. Smartphone use is nearly universal in South Korea, but wearables are only lightly used. Frailer respondents used social media more than healthy ones and used more healthcare apps on their phones. From the study: “There was a notable difference in the services used by pre-frail and frail respondents compared to healthy respondents. Therefore, when developing digital devices for pre-frail and frail older adults, it is crucial to incorporate customized services that meet their unique needs, particularly those services that they frequently use.”

505 participants completed the survey, with 153 (30.3%) identified as pre-frail or frail and 352 (69.7%) as healthy. Full study in the Journal of Korean Medical Science 27 November 2023

Breaking: Walgreens’ VillageMD shutting in Florida; Change Healthcare system websites cyberattacked (updated 23 Feb)

February 22, 2024 | by

The New Reality Strikes Again. Walgreens is closing all VillageMD locations in Florida. In addition to the 14 already closed, an additional 38 will be shuttered on 15 March for a total of 52. These are all co-located and attached to Walgreens locations (left).

Florida was a major expansion market for co-located clinics and its third largest market following Texas and Arizona) according to a report by investment analyst Jefferies.  In October, Walgreens announced the closure of 60 Village Medical locations in ‘non-strategic locations’. In January, CEO Tim Wentworth confirmed that about half of those locations were already closed. Doing the math, the rest of those locations will be in Florida.  Updated–see 29 February

Evidently, Walgreens’ US Healthcare unit views Florida as non-supportable to warrant a drastic move like this in a growing population market. Business Insider, which appears to have an inside track on this from the Jefferies report, “theorized” that many of these Village Medical locations were actually inside pharmacies–too small to attract patients and to recruit primary care doctors. If this is true, for a company that prides itself on retail know-how, as in the old real estate saw ‘location-location-location’, it has made a major and costly misstep.

Walgreens has sunk close to $9 billion into VillageMD: $5.2 billion for the majority stake and another $3.5 billion to aid with the Summit Health/CityMD buy. This does not include the earlier minority investment in VillageMD, so the total is likely well north of $10 billion. It all looked very different in 2020 when it was ‘go big or go home’. One wonders if VillageMD / Village Medical or its parts are on the selling block along with Shields Health if Walgreens has decided on a major strategic change.  Healthcare Dive

And another Reality is Cyberattack. Revenue cycle management and leading patient payment processor Change Healthcare is the latest victim. It notified users that it was disconnecting systems hours after Wednesday morning Eastern Time when it noticed disruptions to some applications that grew into “enterprise-wide connectivity issues.” The disruption is continuing into today (Thursday 22 Feb). There are few public specifics other than the timing and confirmation of the attack as of now, but it appears to have reached down to the local pharmacy level, into providers of all sizes, and shut down nearly every Change Healthcare system. This Editor visited the main website, which appears altered (shrunken); attempts to go to connecting links go to blank screens. Optum is not disclosing further information and perhaps shouldn’t at this point. Change Healthcare is part of UnitedHealth Group’s Optum and processes 15 billion transactions a year filled with PHI and PII, which adds to the scariness factor. TechCrunch, Becker’s, HealthITSecurity   This is a developing story and will be updated

Update 22 Feb: HISTalk reports that athenahealth customers are also affected, as their electronic data interchange is supported by Change Healthcare technology.

UnitedHealth Group said in an SEC filing that a “suspected nation-state associated cybersecurity threat actor” gained access to Change Healthcare’s information technology systems. It “cannot estimate the duration or extent of the disruption at this time.” UnitedHealth has retained security experts and was working with law enforcement. As of Thursday evening, the disruption continues and affects pharmacies nationwide in an inability to process insurance claims for prescriptions. Healthcare services are also being disrupted, said an unnamed director at a regional hospital system in Pennsylvania. Reuters

Update 23 Feb: Further corroboration in Fox Business on the above and continuing effects on pharmacies. Tricare, which covers active and retired military, stated on its website in a news release that this is impacting all military pharmacies worldwide. “Military clinics and hospitals will provide outpatient prescriptions through a manual procedure” until the ongoing cyberattack against Change Healthcare “is resolved.”

In more unwelcome news that this cyberattack is ongoing, the American Hospital Association (AHA) is formally advising healthcare facilities to not only disconnect from Change/Optum, but also check their own IT for vulnerabilities. AHA notice.  Also WSJ (not paywalled)

Mid-week roundup: Cotiviti’s $10.5B stake to KKR; Cigna buys back $3.2B shares; VA Oracle Cerner faulty med records; LockBit ransomware websites cold-busted at every level, principals indicted; Trualta partners with PointClickCare

February 22, 2024 | by

Investor KKR announced their buy of a $10.5 billion stake in healthcare analytics Cotiviti. The stake comes from Veritas Capital, creating an equal share of ownership. The recapitalization will be used for commercial expansion, new product development, and technology-related opportunities. It is expected to close subject to regulatory approvals in Q2 this year. According to Axios and Bloomberg, it is financed by a $5 billion leveraged loan sale launched last week, with a $4.4 billion floating rate term loan led by JPM and a $600 million fixed rate term loan led by Goldman Sachs. This is Veritas’ second attempt to exit. While money is leaking back into private equity deals, the new trend is to finance them with more cash than debt. Cotiviti release

Cigna, having sold off its Medicare Advantage plans for $3.7 million to HCSC, is repurchasing $3.2 billion in stock (7.6 million shares) through agreements with Deutsche Bank and Bank of America. Cigna’s plan remains to repurchase $5 billion of common stock over H1 2024 after ending merger talks with Humana. FierceHealthcare, Cigna release

VA warned about faulty medication records in the Oracle Cerner Millenium EHR. The culprit is in the Health Data Repository, according to a government watchdog. David Case, deputy inspector general for the VA, reported at a House Veterans Affairs Committee Technology Modernization Subcommittee meeting last week, that while VA had no reports of harmful drug interactions, Case had at least one instance of a veteran not given a critical medication for adrenal insufficiency, leading to a near-disastrous outcome. The VA has also not informed the 250,000 veterans with prescription records in the Oracle Cerner system that the records may have errors.. In the VA facilities that have Oracle Cerner, providers, pharmacists, and frontline staff must perform complex manual medication safety checks to replace automated checks.

The Oracle Cerner rollout has been put on hold till summer this year–maybe [TTA 1 Nov 23]. At this hearing, Mike Sicilia of Oracle did show up and attributed the problems in the HDR to multiple systems being involved from VistA and other EHRs, into Oracle Cerner. However, after 10 separate fixes, the most recent software update had a similar data issue during final testing and was quickly pulled. Military.com

A victory versus ransomware. Updated. The LockBit ransomware group has been cold-busted “at every level” by the UK, US, and international law enforcement. According to the Department of Justice release and other sources, the UK’s National Crime Agency’s (NCA) Cyber Division led Operation Cronos, working in cooperation with the Justice Department, Federal Bureau of Investigation (FBI), and other law enforcement agencies worldwide. They seized numerous public-facing websites and domains used by LockBit to connect to the organization’s infrastructure along with servers used by LockBit administrators. Russian nationals Artur Sungatov and Ivan Kondratyev, also known as Bassterlord, were indicted in the US District Court of New Jersey in Newark, charged with deploying LockBit against numerous victims throughout the United States. Sungatov was also indicted in the Northern District of California. According to Europol, “Two LockBit actors have been arrested in Poland and Ukraine at the request of the French judicial authorities. The French and US judicial authorities have also issued three international arrest warrants and five indictments.” LockBit’s ‘heart’ is of course in Russia, where nearly all cybercrime is located–they are free to operate there as long as they don’t target anything in RU. Cybernews

Trualta partners with PointClickCare for family caregiver education and support. PointClickCare is a leading EHR for long-term and post-acute care (LTPAC) providers. Trualta provides educational resources to support family caregivers when a patient is discharged through logging in to the resource site, with the ability to access articles, videos, and modules that cover a variety of care topics including preparing for discharge, transitioning from hospital to home, and life after discharge.  Trualta’s information will be offered through PointClickCare’s Marketplace. A recent study by Trualta of caregivers using their materials found that 30 days of Trualta use can decrease annual unexpected hospital visits among care recipients by 20%. Trualta release

Teladoc closes 2023 with improved $220M loss, but weak forecast for 2024 leads to stock skid

February 22, 2024 | by

A falling tide sinks most boats. If you were riding the telehealth pandemic tide, as Amwell [TTA 15 Feb] and Teladoc did, these last two years were the worst kind of shock. Teladoc’s 2022 was an annus horribilis–the Livongo acquisition went $6.6 billion worth of sideways [TTA 3 Feb 23], wiping out their 2022 with writedowns culminating in a $13.7 billion annual loss. Their 2023 was a lot better, beating analysts’ estimates, but forecast growth is slowing to a crawl.

  • Q4 revenue was up 4% to $661 million, powered by a 15% gain in international revenue of $96 million and a 2% increase in US revenue to $565 million. Hopes for the heavily promoted mental health business BetterHelp fell flat too at a flat $277 million. Their integrated care segment providing telehealth services to health plans, employers, and health systems brought in $384 million, up 8%. Net loss was $29 million versus $3.8 billion in 2022.
  • 2023 notched an 8% increase from $2.4 billion to $2.6 billion, with integrated care accounting for $1.5 billion, up 7%, with BetterHelp revenue reaching $1.1 billion. But losses continued at $220.4 million–versus $13.7 billion in 2022.
  • Adjusted EBITDA (earnings before interest, taxes, depreciation, amortization) increased in Q4 22% to $114 million, with 2023 up 33% to $328 million. BetterHelp’s Q4 increased 11% to $58 million, 19% to $136 million for the year.

This cheerful picture was negated by Teladoc’s downbeat forecast for 2024. Q1 is projected between $630 and $645 million, lower than the analyst take of $673 million. 2024 full year is forecast between $2.635 billion and $2.735 billion, with the analyst take at $2.77 billion. The analysts forecast a 6.8% increase versus Teladoc’s forecast of 5.2%, but the difference was enough to drop their share price by 25%. According to CEO Jason Gorevic, the forecast will be for growth at best in low single digits, which is not what Wall Street wanted to hear. This could be sandbagging–or reality. Telehealth visits dropped 45% in 2022 from 2020 (Trilliant Health), with more recent CMS Medicare data on visits falling 73% in Q2 2023 from Q2 2020. Other factors: telehealth modules in EMRs and population health platforms, many more competitors like Included Health (Grand Rounds/Doctor on Demand) and MDLive.

Teladoc post-Livongo writedown has assiduously focused on cutting costs, higher margins, and getting on that ‘path to profitability’, cutting jobs in data science and engineering, third-party (supplier?) costs, and more. Yet on the Q4/2023/2024 earnings call, the CEO talked up making technology deals for differentiating technologies such as machine learning and (of course) AI, as well as ‘tuck in’ M&A deals. After the Livongo embarrassment, perhaps Mr. Gorevic could give it a rest until notching a few more solid quarters. Quartz, FierceHealthcare, Healthcare Dive, Teladoc release

Telemental news roundup: Brightside Health expands Medicaid/Medicare partners; Blackbird Health gains $17M Series A; Nema Health’s PTSD partnership with Horizon BCBSNJ

February 21, 2024 | by

Mental health, whether pure ‘telemental’ or an integrated in-person/virtual model, remains one of the healthier (so to speak) sectors of digital health.

Brightside Health announced today a series of new and expanded health plan partnerships as well as expanded state coverage for Medicare and Medicaid plans.

  • CareOregon with a new contract to serve Medicaid beneficiaries.
  • Blue Shield of California with a new contract to serve Medicare Advantage enrollees.

These add to Brightside’s partnerships announced last October:

  • Blue Cross and Blue Shield of Texas–expanded contract to include Medicare Advantage coverage.
  • Centene’s expansion of coverage state-by-state, including Nebraska Total Care Medicaid and Wellcare Medicare Advantage.
  • Optum for UnitedHealthcare Medicare Advantage members
  • Lucet for Florida Blue members

Under traditional Medicare, coverage now includes Texas, California, Delaware, Arizona, New York, Washington, Florida, North Carolina, Michigan, and Illinois.

Beneficiaries and members can access Brightside’s virtual psychiatric therapy including medication, plus cognitive and behavioral therapy with independent skill practice, and Crisis Care, Brightside’s program for those with elevated suicide risk. With the new partnerships, Brightside is now estimating that they cover approximately 100 million lives–one in three US covered lives–and is seeking to further expand these partnerships as well as to traditional (original) Medicare Part B beneficiaries. Brightside Health was founded well before the gold rush in telemental health–2017–and has raised over $81 million over five rounds up to a Series B in March 2022, mainly led by Acme Capital (Crunchbase). Brightside release, Yahoo! Finance, Psychiatric Times

Blackbird Health raised $17 million in a Series A funding. This was led by Define Ventures with participation from Frist Cressey Ventures and GreyMatter, for a total raise of $23 million to date. Blackbird addresses the other side of the spectrum from Medicare–pediatric mental health in an integrated in-person and telemental health model–and serves patients aged 2-26. Blackbird’s care model considers in an ‘understand-first’ approach how children’s brains develop over time and the impact that growth has on mental health. Another unique aspect is that they developed a series of ‘Blackbird Biotypes’ based on 50 million data points drawn over a decade that identify patterns of behavior in clusters of individuals with similar symptoms-linked brain features. These assist in assessment, accurately identifying the underlying root cause of symptoms, and proposing integrated and personalized treatment plans. Blackbird claims this approach results in substantially lower use of medications and ED utilization. Last year, Evolent Health co-founder and COO Tom Peterson joined the company after his own family’s experience with Blackbird’s therapeutic model to help it scale from its three clinics and 40 providers in the Mid-Atlantic region. Blackbird release, Forbes

Startup Nema Health, a virtual clinic targeting a single condition–post-traumatic stress disorder (PTSD)–is now in-network in Horizon Blue Cross Blue Shield of NJ (Horizon BCBSNJ) commercial plans. Nema’s model is virtual care for PTSD from evaluation and virtual therapy sessions, starting with intensive sessions 3-5 times per week for 2-4 weeks, through support from a designated peer mentor plus messaging and interactive exercises. Based in NYC, Nema is in-network with UnitedHealthcare/Optum, Oxford, Oscar, and Connecticare in the states of New York, New Jersey, and Connecticut. Horizon is New Jersey’s largest insurer. Nema claims that 76% of their patients no longer meet PTSD criteria after completing Nema therapy. Nema is at seed stage funding of $4.1 million from .406 Ventures and Optum Ventures, raised last November. FierceHealthcare, Nema release

Why this matters:

Since 2020, telemental health got a black eye (and then some) from ADHD and opioid medication-assisted treatment (MAT) providers such as Cerebral, Done Health, Truepill, and others. Thriving during the pandemic, many of them are now facing various Federal charges. Others, like Calm, are basically meditation and sleep apps. The real need, and provider shortage, remains.

The need for psychiatric care and support for Medicare and Medicaid covered populations is high, but clinical supply is low.

  • According to the Center for Medicare and Medicaid Services (CMS) in announcing the state-based Innovation in Behavioral Health (IBH) eight-year, eight-state integrated care model last month, among the 65 million Americans currently enrolled in Medicare, 25% have at least one mental illness, with 40% of Medicaid members experiencing mental illness or substance use disorders (SUDs).
  • Yet provider shortages have worsened over time–as of 2020, The Commonwealth Fund estimated that an additional 7,400 providers (not necessarily psychiatric MDs) were needed to meet demand. Studies cited in Psychiatric Times (2022) estimate that the current shortage of psychiatrists, running at 6%, is expected to be between 14,280 and 31,109 psychiatrists by 2024. Distribution is concentrated in urban areas and their suburbs as well. It doesn’t help that physicians entering psychiatry in 2003-13 decreased by 0.2% and their average age is 55. Even in well-covered geographic areas, retiring doctors with no replacements have created coverage shortages.
  • For child psychiatry, the American Academy of Child and Adolescent Psychiatry (AACAP) reports that there are just 14 psychiatric specialists for every 100,000 children in America.