Weekend news roundup: Teladoc adds to Primary360; Novartis, Medtronic support UK digital cardiac startups; Bluestream adds PrimaryOne Health; NoKo ransomware threatens healthcare; more Fed scrutiny on telehealth Rx, billed time may be coming

July 8, 2022 | by

Teladoc had some positive news this week with additions to Primary360, its new primary care service for the provider/payer market. It added in-network referrals and care coordination capabilities, free, same-day prescription delivery from Capsule, and in-home, on-demand phlebotomy from Scarlet Health. The release notes that about half of patients fail to pick up their prescriptions. In addition, Priority Health, a nonprofit health benefits company serving Michigan, has added Primary360 to its fully insured virtual first plan design for employers. FierceHealthcare

Some good news from the UK in a time of government upheaval. Novartis is supporting cardiac digital health startups through the Novartis Biome UK Heart Health Catalyst 2022. This investor partnership is to identify and scale innovations for non-invasive lipid testing and at-home blood pressure testing using software as a medical device. Partners in support are Medtronic, RYSE Asset Management and Chelsea and Westminster Hospital NHS Foundation Trust and its official charity CW+. Successful applicants will receive support from partners during the competition process, the opportunity of investment up to £3 million provided by RYSE Asset Management, subject to due diligence at RYSE`s discretion, access to the Novartis Biome UK eco-system located in White City, and opportunities to work with our NHS partners to set up and deliver a pilot evaluation of the winning innovation. Applications must be in by 31 August–form is here. FierceBiotech

Bluestream Health adds PrimaryOne Health. Bluestream provides a white-labeled customized virtual care service that will be integrated into PrimaryOne’s services. This medical group of 11 community healthcare facilities across central Ohio serves 48,000 patients with primary care, OB-GYN, pediatric, vision, dental, behavioral health, nutrition, pharmacy, physical therapy, and specialty care.  Release

North Korea’s Maui Ransomware is no Hawaiian vacation. The threat has built enough since May 2021 for the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the Treasury (Treasury) to release a joint Cybersecurity Advisory (CSA) on Thursday warning healthcare and public sector health organizations. It is state-sponsored North Korean malicious cyber activity. The CSA provides a sample of how it executes, what it targets, how it encrypts files, and how to respond. Hackermania, NoKo Style, is Running Wild with breaches piling up [TTA 7 July], and not only in healthcare. Healthcare Dive, Healthcare IT News

And in Dog Bites Man News, a former US assistant district attorney for Massachusetts predicts that Federal entities such as the Department of Justice (DOJ) may not stop with telemental prescribing. They will not only be ramping up their scrutiny of telemental health companies–but also telehealth billing. For Cerebral and Done Health that facilitate the prescribing of Schedule 2 drugs, this assumption of scrutiny has become a no-brainer. What it also is: a caution for mainstream telehealth providers such as Teladoc and Amwell charging into psychiatric telehealth.  But the former ADA, Miranda Hooker, now a health sciences area partner with Troutman Pepper in Boston, makes a broader prediction. Prosecuted telehealth fraud, as this Editor has noted, has grown in other areas, such as prescriptions for durable medical equipment (DME) billed to Medicare [TTA 6 May] and cardiologists moonlighting as Dr. Mabuse, Master Cybercriminal [TTA 19 May]. But the next frontier may be time-specified telehealth consults billed to Medicare under various CPT codes (e.g. 994XX). A 15-minute consult billed as a more lucrative 30-minute consult can be considered fraud. The Cerebral investigation, according to Hooker, marks a shift by the DOJ into investigating the actual provision of telehealth services and whether they are being billed properly. FierceHealthcare

Two telehealth case studies: St. Luke’s University Health, CommonSpirit Health

July 8, 2022 | by

Telehealth effectiveness measured in two different US health systems. Some of our Readers are marketers like your Editor, who are always searching for references on program effectiveness. Healthcare IT News in recent days has presented two, one using Amwell and the other using Teladoc:

St. Luke’s University Health is a small health system with 14 hospitals and multiple clinics covering eastern Pennsylvania and western New Jersey. They were addressing several problems:

  • Network coverage expansion and time to consult reduction
  • Integration with EHR and multiple systems
  • Maintaining high privacy standards
  • Introducing behavioral telehealth for both patients and employees, especially during the Covid pandemic

The case study is primarily about the implementation of Amwell Psychiatric Care for 24/7 coverage and the SilverCloud Health platform, part of Amwell. This accelerated at the start of the pandemic. St. Luke’s instituted a Virtual Remote Monitoring Center (VRC) that monitored more than 6,000 patients supported by a 24/7 operations team.

With SilverCloud, they custom-built a support program for employees that included a self-paced program for stress, anxiety, and depression with support from a social worker and app-based 24/7 coaching interventions. If needed, the employee could be referred to an Employee Assistance Program or a St. Luke’s therapist. 

For the mental health programs, using the PHQ-9, comparing results between in-person and virtual visits from July 2021 to March 2022, results were close to identical in 6-point reductions in both virtual (96%) and in-person (90%) populations. In overall telehealth visits, between March 2021 and March 2022, they had over 205,000 unique patients use telehealth. Another metric that telehealth affected was outpatient care. St. Luke’s reduced no-show rates from 14% to 6%. Article

CommonSpirit Health is the largest Catholic and second-largest non-profit health system in the US.  The problem they were attempting to solve was primarily onboarding patients in crisis in the shortest possible time, well within the four hours recommended by the Joint Commission. They expanded their use of Teladoc in the CommonSpirit Telehealth Network to include behavioral health, instituting a.”round and respond” model to improve access to behavioral health specialists in several hospital emergency departments (EDs) and quickly assess patients as mild, moderate or severe based on patient risk. They also added services such as geropsychiatric and crisis intervention with medication-assisted treatment as consultation-liaison services. Results were:

  • Decrease in length of stay, cost; increased satisfaction and expectations of care met
  • 1,200 telebehavioral health consultations per month, through three states and across 25 hospitals
  • Establishing a standard of care of response within 60 minutes to all ED consult requests, have actionable recommendations within 90 minutes, and an ED disposition plan within the first four hours
    • 61% of cases seen within 30 minutes, 79% within 60 minutes with average response 42 minutes
    • 65% rate for discharge recommendations and a 35% rate for transfer at specific locations.

Article

Verdict Balwani: guilty on all 12 Theranos fraud charges

July 7, 2022 | by

Breaking. A not-so-bright day for Sunny Balwani in the US District Court, Northern District of California, in San Jose. Today, after five days of deliberations, the jury returned verdicts on the ‘summer rerun’ of the two Theranos trials, that of former president Ramesh ‘Sunny’ Balwani. Unlike CEO Elizabeth Holmes, Balwani was found guilty of all 12 criminal fraud charges.

Each of the 10 wire fraud counts carries a maximum of 20 years imprisonment in Federal prison, plus a $250,000 fine and restitution on each count. The two additional conspiracy to commit wire fraud charges carry five years each. No date has been set yet for sentencing by Judge Edward Davila, who will be sentencing Holmes in September on her conviction on four of 11 counts and a possible 20 years as a member of Club Fed.

The trial called 24 witnesses, most of whom testified in the Holmes trial. The prosecution’s case centered on Balwani’s responsibilities in defrauding investors on the Theranos technology in order to get funding and placement in Safeway and Walgreens, as well as his knowledge that the labs didn’t work. The defense, calling only two witnesses, maintained that Balwani was a true believer in the technology, that the prosecution’s case was incomplete, he had no intent to defraud, and lost millions in direct investment and in shares. 

It is expected that Balwani will appeal the verdict. Undoubtedly, more details to come. Mercury News (mercifully, not paywalled), CNBC, KTVU2

Thursday news roundup: IBM Watson Health sale closed, now Merative; OneMedical inviting buyers–maybe; worst healthcare data breaches rounded up

July 7, 2022 | by

It’s a post-Independence Day and early summer holiday relatively quiet week….

It’s Merative, not IBM Watson Health anymore. Francisco Partners‘ buy from IBM of Watson Health closed last Thursday (30 June) but didn’t make the news until after the holiday. The announcement of the new brand, Merative, was splashed on HLTH’s website today (not HIMSS) with the usual language about how their data connects and transforms health through pioneering “cloud, real-world data and industry-leading AI” through health systems, hospitals, health plans, life sciences, and government. Speaking of data points:

  • HQ now in Ann Arbor, MI
  • New CEO Gerry McCarthy from CEO of eSolutions, a former Francisco Partners portfolio company that exited to Waystar in October 2020
  • The former general manager, Paul Roma, will be a Senior Advisor to Francisco Partners
  • Merative will have six product families: Health Insights; MarketScan; Clinical Development; Social Program Management and Phytel; Micromedex, and Merge Imaging 
  • Other investors include True Wind Capital and Sixth Street

Since 2015, IBM had built up Watson Health through four acquisitions and over $4 billion in investment. They sold it for perhaps $1 billion to get it off their books. Once upon a time they were the leader, now they’re up against Oracle and a dozen other competitors like IQVIA that sell connectedness and ‘actionable insights’ across and in chunks of their business (example, life sciences). Given the track record of the controlling private equity partner, Merative needs to become profitable quickly. Merative will not be a long term investment for them. FierceHealthcare. Our prior coverage: 7 Jan, 22 Jan, 25 Feb (Who needs Watson Health?)

Also apparently up for sale to the right buyer is One Medical. The clinic group flirted with but ultimately sent packing CVS Health. One Medical offers concierge in-person and telehealth primary care in seven metros and has over 700,000 members. They bought Medicare value-based primary care provider group Iora Health a year ago [TTA 11 June] but since then their stock (trading under 1Life Healthcare) and valuation has cracked by 75%. Not mentioned in the Bloomberg article is whether Iora is included in the possible deal.

And for those who like their Hackermania on the Wild Side, there’s a massive list over at Wired that racks up the Greatest Hits. It’s only halfway through 2022, but the data breaching and ransomware perps have multiplied. From Russia/Ukraine to extortion gangs like Conti and Lapsus$ to cryptocurrency theft and China, the Old Reliable Healthcare continues to star. Our recent list is here but topping out the Wired list are Shields Health Care Group, Baptist Health System, Resolute Health Hospital, Kaiser Permanente, and Yuma Regional Medical Center. Also Becker’s.

Weekend news, deal roundup: Teladoc CEO’s tapdance interview, VA EHR cost reporting now law, Tunstall-Doncaster Deaf Alliance partner, Cleveland Clinic’s $33M medtech spinoff

July 1, 2022 | by

Teladoc CEO Jason Gorevic’s curious tapdance of an interview. Teladoc has had a rough 2022 to date. Their 2022 Q1 financials [TTA 4 May] were disastrous, their share price has not recovered since it cracked in late April with a 62% year-to-date plunge, the Livongo acquisition is shaping up to be the healthcare equivalent of Eastern Airlines’ takeover by Texas Air Corporation circa 1986, and shareholders are filing class action lawsuits. Now this Editor doesn’t mean to pile on. As a professional in two fields, she does understand the value of the press and leadership being available. But FierceHealthcare’s Heather Landi cleverly got Mr. Gorevic to stake his ground for growth yet again on “holistic, integrated solutions” that combine multiple care services from primary to complex care as the ‘longitudinal’ way to go. Yet Ms. Landi does have the nerve to bring up recent history and their long-time competitors like Amwell and Doctor on Demand (now Included Health) in the same space. Then there are the slices taken by players in the direct-to-consumer and niche target players (she cites troubled Cerebral and Talkspace–I’d offer DTCs like Babylon Health and the ‘white-labels’ like Bluestream Health and Zipnosis, now owned by BrightHealth, which are directly and cost-effectively working with providers). Think of this: in an economic downturn, will providers buy the ‘premium spread’ that requires a big implementation lift, or get by a less comprehensive solution that’s easier to implement and costs less?  Surprisingly, given the ‘everyone wants everything’ strategy, he again blames the cost of paid search advertising and brushes off Microsoft and Amazon. I’m not so sure that so soon after their Q1 bad news in May, with lawsuits centering on statements to investors, and nothing new in good news, this interview was particularly good timing.

VA corralled by Congress on Cerner EHR. The Department of Veterans Affairs now, by Federal law enacted late last week, has to prepare quarterly reports on its transition to the Cerner Millenium EHR to both House and Senate Veterans committees on performance and cost, including a breakdown of program funding sources. The new bipartisan law’s title is the VA Electronic Health Record Transparency Act.  Healthcare Dive

Tunstall Healthcare is now working with a local trust, the Doncaster (UK) Deaf Trust, to provide support for deaf and hearing-impaired children and adults. With Whitley Parish Council, Tunstall is working with the specialist gardening team at Communication Specialist College, part of Doncaster Deaf Trust, to secure over 100 plants for the planters which have been grown at the Trust’s gardens. Tunstall volunteers planted them in the planters across the village. Doncaster Free Press

Cleveland Clinic’s successful spinoff, Centerline Biomedical, closed a $33 million Series B equity financing. Leading it was Cleveland Clinic with participation by GE Healthcare, RIK Enterprises, JobsOhio, Jumpstart Ventures, and G2 Group Ventures. Centerline’s technologies improve visualization and guidance of stents, catheters, and guidewires in endovascular procedures, reducing dependence on radiation and contrast agents with the goal of improving patient outcomes. These include sensors and electromagnetic tracking that create 3-D color visualization and navigation of the human vascular system. Release, Becker’s

‘Bionic clothing’ to aid mobility tested for foot drop in MS patients

June 30, 2022 | by

A combination of smart clothing and an exoskeleton to aid those with mobility issues. The Neural Sleeve uses functional electronic stimulation (FES) to aid walking in those with multiple sclerosis (MS) and similar conditions. In a small clinical trial, it reduced foot drop, which is the inability to dorsiflex, or raise the front part of the foot, due to weakness or paralysis of the muscles in the front of one’s lower leg. This is seen in the gait of those with MS, traumatic brain injury, stroke, spinal cord injury, and cerebral palsy. (This Editor also knew someone for whom leg drop was an initial sign of a brain aneurism.) This disturbed gate dramatically increases fall risk.

The Neural Sleeve works through sensors in the sleeve that monitor movement for muscle firing and limb position, while the analysis, connected to the device through an app, determines the FES to activate the necessary muscles precisely coordinated to the gait cycle. The developer is Cionic, located in the Bay Area of California, still in seed rounds, but marketing to both physicians and direct to consumer. 

Of 34 final participants with a mixture of causes in a small clinical trial:

  • It improved foot angle in 96% of participants, a 3.4% increase in heel-toe time, and a 5.2% increase in dorsiflexion at heel strike
  • Inversion (turning in) of the foot also was reduced by 3.6 degrees on average.
  • After eight weeks of use, mobility improved 30% on average.
  • In addition, the number of patients reporting moderate to severe pain reduced by 60%, and the number reporting moderate to severe anxiety or depression dropped by 75%.

The clinical trial is in preprint 6 June in Medrxiv as Augmenting gait in a population exhibiting foot drop with adaptive functional electrical stimulation.

The Neural Sleeve received FDA Class II medical device clearance in March. However, it is still in pre-orders, selling out 2022, with 2023 to open later this summer. Multiple Sclerosis News Today, Medium post on foot drop in the Cionic blog, other Medium posts  Hat tip to TTA founder Steve Hards

Wednesday news roundup: PicnicHealth $60M Series C, can a downturn be good for digital health, Cerebral ran wild, a tart take on HIMSS and where it’s going

June 29, 2022 | by

PicnicHealth had a bit of one, even in this down market. This company which uses machine learning to build data sets for life sciences by working directly with patients and giving them single-source access to their data raised a $60 million Series C via new investor B Capital Group, with existing investors Felicis Ventures and Amplify Partners. The new funding will be used to build 30 new patient-centered real-world data cohorts. Adam Seabrook, Partner at B Capital Group, will be joining the PicnicHealth board of directors. Their total raise to date is $97 million since 2014 (Crunchbase). The platform was launched in 2020. FierceBiotech, release

Funding news may be a little light nowadays, and if you’re public, you’re looking at double digit share price losses, but couldn’t you guess–the downturn may be good for digital health founders! That’s the view of Big VC General Catalyst’s Hemant Taneja, said at Collision 2022, a Toronto tech conference. Now before you’ve thought the man has totally gone out of his gourd with $5+ gallon gasoline (US), 10% inflation, and rolling blackouts looming on both coasts and the UK, it is true that businesses founded in downturns tend to be tough–my father’s business was founded at the start of the Great Depression. As Mr. Taneja put it, tighter times make for more mission-driven “better founders, better investors and better executives”. Secular trends are in their favor in tech and digital transformation, but there will be another correction coming as the market is over-capitalized. Is it the dot-com boom/bust all over again? Only time will tell, but the crackups are already piling up. FierceHealthcare

Speaking of crackups, Cerebral. A report in the annoyingly paywalled Business Insider tells a tale of Telemental Health Running Wild. Former employees and ~2,000 leaked documents claim that Cerebral had no more than a nodding acquaintance with clinical standards until the Feds stepped in. For starters, they took on patients they should not have, didn’t train their nurse-practitioners and other employees, pushed prescriptions to 95% of patients, disregarded state regulations putting licenses at risk, and generally had more twists than a barrel of pretzels. And this was a company prescribing Schedule 2 drugs that had at peak 210,000 active patients and 4,500 employees.  HISTalk summarizes the article, with our thanks. But it’s par for the course, according to a new JMIR (Journal of Medical Internet Research) study also mentioned that found that “many digital health companies have a low level of clinical robustness and do not make many claims as measured by regulatory filings, clinical trials, and public data shared online.” 

And returning to HISTalk (29 June news), there’s a group of comments from a “HIMSS insider” about how that organization is being managed that long-time observers of this organization will find interesting. Employees thought that HIMSS22 was “awkward”. New and cool conferences HLTH (which initially faltered) and ViVE (which HIMSS didn’t even bother to scout) have taken much of the ‘must attend’ and buzz away from HIMSS. Now this wasn’t supposed to happen with the buy of hipper Health 2.0, to which your Editor was connected–but H2O was HIMSS-ized and effectively killed off even before the pandemic. Regional conferences have disappeared, along with a fair number of employees. HIMSS Analytics is sold. Now this could be all one person’s opinion–but what do you think?

Theranos Summer Rerun: Sunny Balwani trial verdict countdown analysis (updated)

June 28, 2022 | by

Our last update on the Summer Rerun of the Theranos trial, a/k/a Rock and Hard Place or Blood Out Of A Stone, was that the defense rested.  It was definitely souffle-grade–Balwani’s late entry to the company, investment of his own millions, and never selling a share. There is no breathless coverage of the trial–no sensational new revelations of cheated investors or psychological violence claims, just near-identical charges (12) mostly of wire fraud with the prosecution methodically setting up Balwani with full knowledge of the cheating with the labs and defrauding of investors. [TTA 23 Mar, 16 June], 

Now it’s up to the jury. The betting is that there will be a verdict next week. It’s expected that the jury will 1) name a foreman and 2) methodically go through the pile of evidence, sending questions to the judge for clarifications on these complex legal issues when needed. The deliberations will be over the July 4th holiday giving a small delay. Will they heap guilt on Balwani’s head with multiple or nearly all counts, or keep them to low single digits as they did with Elizabeth Holmes? We will likely know sooner rather than later. If you want some informative analysis by an attorney, you’ll have to go to YouTube for this video by “Lawyer You Know” Pete Sargos. There’s also a light update on Yahoo Finance.

Update 29 June: The jury has sent two notes back to the court so far. On Day Three, Tuesday afternoon, the jury sent a note asking if the jury cannot agree on a specific count, is there an option other than guilty or not guilty. On Wednesday morning, another note was sent, contents unknown. There are ten wire fraud charges and two counts of conspiracy to commit wire fraud.  NBC Bay Area  This part of the article will be updated as it’s reported until a verdict is reached.

US International Trade Commission initial determination: Apple infringed AliveCor’s patents (updated)

June 28, 2022 | by

If affirmed, a David versus Goliath win. AliveCor, the developer of the KardiaMobile ECG devices, announced late today that Administrative Law Judge (ALJ) Cameron Elliot of the US International Trade Commission (ITC) issued an Initial Determination that Apple infringed certain AliveCor technology patents. If affirmed by the full ITC in a Final Determination by 26 October (!), it could lead to an exclusion order barring the importation of certain Apple devices infringing on AliveCor patents from the US.

The initial complaint was filed in May 2021 [TTA 29 April] concerning Apple’s infringement in the Apple Watch 4, 5, and 6 of three AliveCor ECG technology US patents: No. 10,595,731 (“the ’731 patent”); No. 10,638,941 (“the ’941 patent”); and No. 9,572,499 (“the ’499 patent”). Last February, AliveCor successfully moved with the ITC to have the investigation terminated on certain claims on the three patents, but a considerable number remained. This is what ITC terms an “unfair import” or Section 337 investigation. These regard intellectual property rights, including “allegations of patent infringement and trademark infringement by imported goods.”

Updated for links: AliveCor press release, ITC Public Notice which details what parts of what patents have been infringed. Both the 731 and the 941 patents have been found to be infringed under Section 337. The 499 patent has not been violated. This Editor will assume we have to wait till October for any exclusion orders.

Catching up with ISfTeH (International Society for Telehealth and eHealth): three courses and a report

June 24, 2022 | by

It’s been awhile since this Editor has heard some news from the ISfTeH but suddenly there’s quite a bit!

Upcoming ISfTeH webinars and courses
Over the course of the next week, the ISfTeH presents several online events. Here’s just a short reminder of those events and a link to the free registration pages (agenda can be found on the registration page):

ISfTeH Student Contest and Award
Friday, June 24th
https://us02web.zoom.us/webinar/register/WN_1mbkNqXOSRGXlGhTya0Tsg

Standards and accreditations for telemedicine and telehealth services in the international space
Monday, June 27th
https://us02web.zoom.us/webinar/register/WN_m6hoQvkuSe2Ui2XsWJigdw

Digital health education: why and what professionals need to know
Thursday, June 30th
https://us02web.zoom.us/webinar/register/WN_FJo8rtedR7CqIgc-lpYICA

The Future of Virtual Health and Care–report
 
The report delivers a roadmap that describes which policies have enabled a rapid uptake of virtual health and care during the pandemic, to serve as recommendations to help governments and other stakeholders ensure that virtual health and care drives access and equity, rather than entrenching or exacerbating existing divides. Thee is also an analysis of virtual health and care policies in 23 countries. The Working Group is chaired by the Novartis Foundation and the World Health Organization.
76% of patients want virtual care visits to be a standard part of their care regimen
83% of health and care providers intend to continue using virtual delivery post the COVID-19 pandemic
 
The ISfTeH also contributed to the report as part of a panel of external experts. A downloadable full copy, executive summary, and more are available here.
 
There is also a video of Dr. Michele Griffith, ISfTeH President, addressing the 75th World Health Assembly (#WHA75) in May 2022.

Let the lawsuits begin: Meta sued by health system patient for Meta Pixel info gathering

June 23, 2022 | by

That was fast. Class action game on! Today’s reports of a class action lawsuit being filed against Meta Friday in the US District Court for the Northern District of California in San Francisco is going to be only the first. The ‘John Doe’ plaintiff, a patient of Baltimore-based Medstar Health System and a Facebook user, claims that he is filing on behalf of “millions of other Americans whose medical privacy has been violated by Facebook’s Pixel tracking tool.” Four law firms are involved in the lawsuit. It follows on last week’s investigative report by The Markup and STAT on the Meta Pixel tracker being used by 33 of the top 100 hospital systems [TTA 17 June].

The study indicates that the information gathered in the appointment booking form included IP address, doctor’s name, patient name, email address, phone number, zip code, and city of residence. When it’s put together with outside information, it can be considered a HIPAA violation.

The lawsuit alleges that the information was collected without consent. Neither Meta nor Facebook have a Business Associate Agreement (BAA) agreement in place covering them for gathering this information in any one of the 664 health systems using the Meta Pixel cited in the suit.

The suit requests compensatory and punitive damages for breach of contract, constitutional invasion of privacy, violation of the Electronic Communications Privacy Act, violation of the California Invasion of Privacy Act, and other allegations. The filing was captured by ReclaimTheNet.org. If you look at page 18, there are multiple statements from Meta/Facebook stating that advertising based on health is ‘inappropriate’, but then illustrates how Facebook goes ahead and does it anyway (!)

A small wrinkle: In a statement to HIPAA Journal, Medstar Health Systems claimed it does not use the Meta Pixel or any Facebook code on its website. It creates an issue of the plaintiff’s standing and harm.

FierceHealthcare, Becker’s, HealthITSecurity

Wednesday news roundup: March telehealth claims down to 4.6%, state telehealth waivers expiring, UnitedHealth’s Optum bids for EMIS, Talkspace reportedly rejected Amwell, Mindpath bids

June 22, 2022 | by

Telehealth usage continuing its downward trend. At 4.6%, telehealth medical claims in March were off over 6% (0.3 points) versus February’s 4.9%. Again, 65% of claims were for mental health conditions, and social workers were the leading providers of telehealth at 32% for primarily one hour of psychotherapy at 26%. FAIR Health monthly US tracker.

One possible contributing factor is states pulling back on the broad telehealth provider location and other waivers (such as platforms) that were enacted during the Covid emergency. These waivers primarily permitted out-of-state providers. The expiration of waivers thus return telehealth delivery to in-state licensed providers unless covered by other regulations, for instance Medicaid. Last year, 26 states waived in-state licensure requirements; this year, only 12 states have these waivers. California and New Jersey are due to expire soon.  NBC News with a hat tip to HISTalk.

Optum bids to buy UK health software provider EMIS. The bid of £1.24 billion ($1.5 billion) was announced last Friday. A UK affiliate of Optum, Bordeaux UK Holdings II Limited, is the actual entity for the acquisition, recommended by the EMIS board. The offer is in cash and represents a 49% premium to the current share price. EMIS is a leading provider of software and systems to the NHS, serving primary care, community care and pharmacy, acute care, and the Patient.info website. When completed, EMIS would be UnitedHealth’s largest acquisition in the UK and Europe. FierceHealthcare 

Troubled telementalhealth provider Talkspace reportedly rejected a bid from Amwell pretty much out of hand, leading to speculation that it’s up for sale but being picky-picky-picky.  According to the report in Behavioral Health Business, from Seeking Alpha, their talks did not even reach number discussions. This is after Talkspace rejected another bid in May from another telementalhealth provider Mindpath, backed by Centerbridge Partners and Leonard Green & Partners. Sources were split on whether $500 million was offered or not (Axios).

Talkspace is one of the poster children for Cracking SPACs. It hit the market in January 2021 at a valuation of $1.4 billion, opening above $8, hitting a peak of about $11 per share. Share price declined to as low as $1.06 before rising on this acquisition talk to $1.58. Current valuation is $58 million, but it is sitting on a reported $184 million in cash. Reportedly their CEO search is going nowhere. Much like Teladoc, one year after their SPAC, investor lawsuits were filed against the company for misleading investors. Look for Talkspace to be sold over the summer.

Facebook Meta Pixel update: Nemours Children’s Health using 25 ad trackers on appointment scheduling site

June 21, 2022 | by

The Meta Pixel tracker study gets a little worse–this time, it’s information on appointments for children. The Markup’s investigation on healthcare use of ad trackers continues with an examination of Nemours Children’s Health, a Delaware-based multi-state health network with 97 locations in Delaware, Pennsylvania, New Jersey, and Florida that serve about 500,000 families. Once again, Meta Pixel and other ad trackers were found to capture personal information and patient/family details entered by an adult on the appointment scheduling site to Facebook that may constitute protected health information.

Meta Pixel was recorded as tracking:

  • IP addresses
  • Scheduled doctor and his or her specialty
  • In some cases, the first and last name of the child being scheduled

It is not this information alone, but in combination with other information that Facebook possesses, that can profile any user’s health conditions, link specific conditions to individuals and parents, and thus constitute a privacy violation. IP addresses are one of the factors that HIPAA cites as when linked to other information, create a violation.

The Markup used a tool called Blacklight to scan Nemours’ websites.

What was Nemours thinking in building their website? In addition to Meta Pixel, the scheduling site is riddled with 25 ad trackers and 38 third-party cookies. These are coded in by Facebook, Amazon, Google, and The Latest Healthcare Transformer, Oracle. Oracle claims it has healthcare data on 80% of US internet users, and one can assume this is how they get it. Ad platforms MediaMath and LiveRamp also captured data. The Markup’s team could detect the trackers, but not determine what information these ad trackers were capturing. 

In addition to the trackers on the scheduling site, Blacklight picked up a session recorder from Mouseflow. This is code that can potentially track what people click on a page. Mouseflow states on its Legal Hub that in order to transmit HIPAA-protected information to a third party, a business associate agreement (BAA) must be in place. Mouseflow did not confirm a BAA agreement to The Markup, but in a statement to them insisted that Mouseflow does not permit the transmission of PII or PHI and masks that information.

Not all health data transmitted constitute HIPAA violations, but capture of appointment scheduling information is right on the line of HIPAA violations, though not 100% conclusive.

Elsewhere on the Nemours website, there were nine ad trackers and ten third-party cookies. 

Even after they were notified by The Markup, Nemours persisted in using Meta Pixel. While many of the trackers on the scheduling site were removed, trackers from Facebook, Google, and Salesforce remained. Facebook’s Meta Pixel was removed after last week’s story.

This is certainly another gap between the suits in the suites and the IT/developers rowing in the galley.

More bad news for Cerner’s VA rollout–draft report cites 150 “cases of harm” due to the ‘unknown queue’

June 21, 2022 | by

A serious revelation that may derail the Cerner Millenium rollout. A draft report by the Department of Veterans Affairs (VA) Office of Inspector General (OIG) states that a flaw in Cerner’s software caused the system to lose 11,000 orders for specialty care, lab work, and other services – without alerting health care providers the orders (also known as referrals) had been lost. This created ‘cases of harm’ to at least 150 veterans in care. Moreover, the flaw was known prior to the Mann-Grandstaff VA Medical Center rollout in October 2020, and Cerner failed to either fix or inform the VA of it prior to the implementation.

The lost orders in the quaintly termed ‘unknown queue’ resulted in delayed care at minimum. The VA patient safety team classified dozens of cases of “moderate harm” and one case of “major harm.” The major harm cited affected a homeless veteran, aged in his 60s, who was identified as at risk for suicide and had seen a psychiatrist at Mann-Grandstaff in December 2020, after the implementation. After prescribing medication to treat depression, the psychiatrist ordered a follow-up appointment one month later. That order disappeared in the EHR and not scheduled. The consequences were that the veteran, weeks after the unscheduled appointment date, called the Veterans Crisis Line. He was going to kill himself with a razor. Fortunately, he was found in time by local first responders, taken to a non-VA mental health unit, and hospitalized.

The draft report implies that the ‘unknown queue’ problem has not been fixed and continues to put veterans at risk in the VA system.

There may be as many as 60 other safety problems. Other incidents cited in the draft report include one of “catastrophic harm” and another case the VA told the OIG may be reclassified as catastrophic. Catastrophic harm is defined by the VA as “death or permanent loss of function.”

The news broke in the Spokane Spokesman-Review today (20 June). Their reporters obtained the draft report from multiple sources. Mann-Grandstaff VA Medical Center is located in Spokane. The final report is expected to be released later this summer.

Those of us who have been following the migration from warhorse EHR VistA to Cerner Millenium recall that a year ago, OIG already had criticized the Mann-Grandstaff implementation for multiple “governance and management challenges” as well as patient safety concerns and system errors, resulting in a grilling of VA Secretary Denis McDonough and Cerner executives before the Senate Veterans Affairs Committee last July. A remark by the committee’s chair, Frank Mrvan, D-Indiana. that the three-month review at the time “raises more questions than it answers,” is proving to be remarkably prescient.

According to the article, “the department did not respond to questions about the draft report, but on Friday, after The Spokesman-Review sent the questions, VA officials told Military Times they would delay the system’s planned launch in Seattle, Portland and other large facilities until 2023″. Military Times noted that the congressional committees were not informed until Friday night. The delays are as follows: Puget Sound VA Health Care System (American Lake and Seattle VA Medical Centers) from August to March 2023 and VA Portland Health Care System (Portland and Portland-Vancouver VA Medical Centers) from November to April 2023. The Central Ohio Healthcare System implementation in May has gone as planned and the VA maintains that the two delays are not indicative of other problems.

Local Representative (R-5th Congressional District, eastern Washington state) Cathy McMorris Rodgers has already had at Cerner since last year. Her press release is illustrative of her activism around Mann-Grandstaff and further rollouts of the Cerner EHR, while Mann-Grandstaff continues to have problems and outages.

Oracle has a great deal riding on a smooth implementation of Cerner Millenium at the VA. More Congressional hearings are not a good look for Oracle and its ambitions of transforming healthcare. Damage control is snapping in place. This Editor noted that Oracle’s SVP for global corporate communications was quoted in the Spokesman-Review article, not a Cerner staffer. Also EHR Intelligence.

 

Breaking: Hospitals sending sensitive patient information to Facebook through website ‘Meta Pixel’ ad tracker–study

June 17, 2022 | by | 2 Comments

Meta Pixel tracker sending appointment scheduling, patient portal information to Facebook–likely to become the Hot Story of next week. A study published jointly by The Markup and STAT examined the patient-facing areas of Newsweek’s 100 leading hospitals’ websites. It found that 33 of them permit the Meta Pixel ad tracker to send sensitive patient information back to Facebook. Ostensibly the reason is to better serve the patient with more tailored information, but what is not disclosed is what else Facebook is doing with the information. At a minimum, the information is the IP address–which HIPAA considers one of 18 identifiers that when linked to other personal information, can constitute data as protected health information.

Ad trackers like the Meta Pixel are used to target website visitors and also to track ads placed on Facebook and Instagram. Developers routinely permit these snippets of code as trackers for better performance and website tracking.

  • For 33 hospitals, the Pixel tracker is picking up and sending back to Facebook information from users of the hospital’s online appointment scheduler: the user’s IP, the text of the button, the doctor’s name, and the search term. In testing the sites using a team approach facilitated by a plug-in called Mozilla Rally, the testers found that in several cases, even more identifiable patient information was being sent: first name, last name, email address, phone number, zip code, and city of residence entered into the booking form.
  • Seven hospitals have the Pixel deep into another highly sensitive area–the password-protected patient portal. These go by various names, but a popular one is Epic’s MyChart. One surveyor found that for Piedmont Healthcare, the Pixel picked up the patient’s name, the name of their doctor, and the time of their upcoming appointment. For Novant Health, the information was even more detailed: name and dosage of medication in our health record, notes entered about the prescription about allergic reactions, and the button clicked in response to a question about sexual orientation. (Novant has since removed the Pixel.)

None of the hospitals using the Pixel have patient consent forms permitting the transmission of individual patient information, nor business associate agreements (BAAs) that permit this data’s collection.

The reaction of most of these hospitals was interesting. Some immediately removed it without comment. Others maintained that no protected information was sent using Pixel or otherwise defended its use. Houston Methodist was almost alone in providing a detailed response on how they used it, but subsequently removed it.

Facebook maintains that it does not use this information in any identifiable way and that from 2020 it has in place a sensitive health data filtering system and other safeguards. The New York Department of Financial Services, in a separate action monitoring Facebook in this area, questioned the accuracy of the filtering system. Even when the information is ‘encrypted’, it’s easy to break. Internal leaked Facebook documents indicate that engineers on the ad and business product team admitted as late as 2021 that they don’t have “an adequate level of control and explainability over how our systems use data, and thus we can’t confidently make controlled policy changes or external commitments such as ‘we will not use X data for Y purpose.” (quoted from Vice)

The study could not determine whether Facebook used the data to target advertisements, train its recommendation algorithms, or profit in other ways, but the collection alone can be in violation of US regulations. 

On the face of it, it violates patient privacy. But is it a HIPAA violation of protected health information? No expert quoted was willing to say that was 100% true, but a University of Michigan law professor who studies big data and health care said that “I think this is creepy, problematic, and potentially illegal” from the hospitals’ point of view. Some of the hospitals in their comments say that they vetted it. One wonders at this tradeoff.

To this Editor, Meta Pixel’s use in this way walks right up to the line and puts a few toes over.

If this is true of 33 major hospitals, what about the rest of them–smaller and less important than Columbia Presbyterian, Duke, Novant, and UCLA? What all of us have suspected is quite true–social media is collecting data on us and invading our privacy at every turn, and except for exposés like this, 99% of people neither know nor care that their private information is being used.

The Markup is continuing their “Pixel Hunt” series with childrens’ hospitals. A previous article is about Pixels tracking information from crisis pregnancy centers, about as sensitive as you can get. Also HISTalk.

Thursday news roundup: FTC now investigating Cerebral, Balwani’s Theranos trial rests at last, Proscia pathology AI $37M Series C, health data breaches pile up

June 16, 2022 | by

Telemental health Cerebral’s miseries pile on. The Federal Trade Commission (FTC) is now investigating Cerebral on deceptive advertising and marketing practices. The Wall Street Journal (may be paywalled) reviewed the 1 June letter sent to the company. The letter requests the usual preservation of documents and asks ‘dozens of questions’ related to their business. Of particular interest to the FTC is the ‘negative option’ practice that continues the subscription fee unless the subscriber takes positive action to cancel it. Subscribers have complained that Cerebral did not cancel their subscriptions after repeated attempts to do so and did not refund their money. Reuters, FierceHealthcare

Also of interest to the FTC will be the dodgy advertising claims about ADHD and obesity which ran on TikTok and Instagram [TTA 10 May]. The WSJ reported that their ad spend topped $65 million for this year–$13 million on TikTok alone from January to May this year, making Cerebral the third-largest advertiser behind HBO and Amazon, according to research firm Pathmatics.

The FTC action follows the Department of Justice (DOJ) investigation of their prescribing of controlled (Schedule 2, high potential for abuse) substances such as Adderall and Xanax, CVS and Walmart refusing their prescriptions, the unceremonious booting of the CEO and co-founder, and a wrongful dismissal lawsuit by a former VP of product and engineering, Matthew Truebe. Certainly, its investors led by SoftBank, which raised $300 million in December less than six months after a raise of $127 million, are unhappy at watching their $4.8 billion baby crash and burn.

The second “rerun” Theranos trial of Sunny Balwani rests. This much-muted trial is winding towards its close. Receiving much less breathless and near-sensational coverage than Elizabeth Holmes’, Theranos president Balwani was tried in the same San Jose Federal district court, with the same prosecutor (Robert Leach), just about the same charges (12 counts of wire fraud), and Judge Davila presiding. Holmes was convicted and her sentencing is scheduled for September.

The prosecution rested on 20 May and the defense on 9 June. The trial took some delays due to at least two jurors falling ill from Covid. The defense strategy rested on Holmes’ founding and operating the company without Balwani for a few years and that he never sold his shares, making him as victimized as any ordinary investor. The prosecution is relying on how close Holmes and Balwani were, that he had great power at Theranos–and used it, plus in his position was well aware of the problems with the lab machines and deliberately sought to defraud investors by covering it up. Unsurprisingly, Holmes did not testify at his trial, although she was a looming presence at his as he was somewhat at hers, especially in her testimony about their relationship. Closing arguments took place on Tuesday (14 June) and the jury will be charged after their conclusion. NBC Bay Area, New York Post, Wall Street Journal

Happier news comes from Proscia, a pathology software company, funding a $37 million Series C. Highline Capital Management, Triangle Peak Partners, and Alpha Intelligence Capital led the round along with participation from five earlier investors. Their total funding is up to $72 million. Their AI-enabled Concentriq platform combines “enterprise scalability with a broad portfolio of AI applications to accelerate breakthroughs and unlock clinical insights that advance precision medicine.” Clients include 10 of the top 20 pharmaceutical companies as well as the Joint Pathology Center, Proscia release, Becker’s 

Adding to the tally of healthcare data breaches are several this week. The year-to-date winner, of course, are the 2 million at Shields Health Care Group in Massachusetts [TTA 10 June], but this week, reports have been breaking out like late spring roses:

  •  A clinical guidance software vendor’s breach reported 10 June has exposed the protected health information (PHI) of patients at Omaha, Nebraska-based CHI Health and Sioux Falls, South Dakota based Avera Health. Avera has about 900 exposed patients, but the number at CHI is not yet known. MCG Health is the vendor. Becker’s
  • Yuma (Ariz.) Regional Medical Center reported an April ransomware attack that while short in duration, exposed PHI of 700,000 patients. An unauthorized user removed files from the hospital’s system that included patient health information such as names, social security numbers, health insurance information, and limited medical information relating to care. The hospital went offline until it was resolved, including reporting to law enforcement. Becker’s, Healthcare Dive
  • UChicago Medicine had its employee accounts hacked in March by an unauthorized user. It exposed about 2,500 patient records that included patient first and last names, social security numbers, health information, legacy Medicare beneficiary identification numbers, health insurance policy numbers, and driver’s license numbers. Becker’s
  • And Kaiser Foundation Health Plan of Washington had about 70,000 patient PHIs exposed on 5 April when an unauthorized user gained access to one employee’s emails with information on patient first and last names, dates of service, laboratory test information, and medical record numbers.

Short, but certainly not sweet, and expensive.