Breaking: Hospitals sending sensitive patient information to Facebook through website ‘Meta Pixel’ ad tracker–study

June 17, 2022 | by | 2 Comments

Meta Pixel tracker sending appointment scheduling, patient portal information to Facebook–likely to become the Hot Story of next week. A study published jointly by The Markup and STAT examined the patient-facing areas of Newsweek’s 100 leading hospitals’ websites. It found that 33 of them permit the Meta Pixel ad tracker to send sensitive patient information back to Facebook. Ostensibly the reason is to better serve the patient with more tailored information, but what is not disclosed is what else Facebook is doing with the information. At a minimum, the information is the IP address–which HIPAA considers one of 18 identifiers that when linked to other personal information, can constitute data as protected health information.

Ad trackers like the Meta Pixel are used to target website visitors and also to track ads placed on Facebook and Instagram. Developers routinely permit these snippets of code as trackers for better performance and website tracking.

  • For 33 hospitals, the Pixel tracker is picking up and sending back to Facebook information from users of the hospital’s online appointment scheduler: the user’s IP, the text of the button, the doctor’s name, and the search term. In testing the sites using a team approach facilitated by a plug-in called Mozilla Rally, the testers found that in several cases, even more identifiable patient information was being sent: first name, last name, email address, phone number, zip code, and city of residence entered into the booking form.
  • Seven hospitals have the Pixel deep into another highly sensitive area–the password-protected patient portal. These go by various names, but a popular one is Epic’s MyChart. One surveyor found that for Piedmont Healthcare, the Pixel picked up the patient’s name, the name of their doctor, and the time of their upcoming appointment. For Novant Health, the information was even more detailed: name and dosage of medication in our health record, notes entered about the prescription about allergic reactions, and the button clicked in response to a question about sexual orientation. (Novant has since removed the Pixel.)

None of the hospitals using the Pixel have patient consent forms permitting the transmission of individual patient information, nor business associate agreements (BAAs) that permit this data’s collection.

The reaction of most of these hospitals was interesting. Some immediately removed it without comment. Others maintained that no protected information was sent using Pixel or otherwise defended its use. Houston Methodist was almost alone in providing a detailed response on how they used it, but subsequently removed it.

Facebook maintains that it does not use this information in any identifiable way and that from 2020 it has in place a sensitive health data filtering system and other safeguards. The New York Department of Financial Services, in a separate action monitoring Facebook in this area, questioned the accuracy of the filtering system. Even when the information is ‘encrypted’, it’s easy to break. Internal leaked Facebook documents indicate that engineers on the ad and business product team admitted as late as 2021 that they don’t have “an adequate level of control and explainability over how our systems use data, and thus we can’t confidently make controlled policy changes or external commitments such as ‘we will not use X data for Y purpose.” (quoted from Vice)

The study could not determine whether Facebook used the data to target advertisements, train its recommendation algorithms, or profit in other ways, but the collection alone can be in violation of US regulations. 

On the face of it, it violates patient privacy. But is it a HIPAA violation of protected health information? No expert quoted was willing to say that was 100% true, but a University of Michigan law professor who studies big data and health care said that “I think this is creepy, problematic, and potentially illegal” from the hospitals’ point of view. Some of the hospitals in their comments say that they vetted it. One wonders at this tradeoff.

To this Editor, Meta Pixel’s use in this way walks right up to the line and puts a few toes over.

If this is true of 33 major hospitals, what about the rest of them–smaller and less important than Columbia Presbyterian, Duke, Novant, and UCLA? What all of us have suspected is quite true–social media is collecting data on us and invading our privacy at every turn, and except for exposés like this, 99% of people neither know nor care that their private information is being used.

The Markup is continuing their “Pixel Hunt” series with childrens’ hospitals. A previous article is about Pixels tracking information from crisis pregnancy centers, about as sensitive as you can get. Also HISTalk.

Thursday news roundup: FTC now investigating Cerebral, Balwani’s Theranos trial rests at last, Proscia pathology AI $37M Series C, health data breaches pile up

June 16, 2022 | by

Telemental health Cerebral’s miseries pile on. The Federal Trade Commission (FTC) is now investigating Cerebral on deceptive advertising and marketing practices. The Wall Street Journal (may be paywalled) reviewed the 1 June letter sent to the company. The letter requests the usual preservation of documents and asks ‘dozens of questions’ related to their business. Of particular interest to the FTC is the ‘negative option’ practice that continues the subscription fee unless the subscriber takes positive action to cancel it. Subscribers have complained that Cerebral did not cancel their subscriptions after repeated attempts to do so and did not refund their money. Reuters, FierceHealthcare

Also of interest to the FTC will be the dodgy advertising claims about ADHD and obesity which ran on TikTok and Instagram [TTA 10 May]. The WSJ reported that their ad spend topped $65 million for this year–$13 million on TikTok alone from January to May this year, making Cerebral the third-largest advertiser behind HBO and Amazon, according to research firm Pathmatics.

The FTC action follows the Department of Justice (DOJ) investigation of their prescribing of controlled (Schedule 2, high potential for abuse) substances such as Adderall and Xanax, CVS and Walmart refusing their prescriptions, the unceremonious booting of the CEO and co-founder, and a wrongful dismissal lawsuit by a former VP of product and engineering, Matthew Truebe. Certainly, its investors led by SoftBank, which raised $300 million in December less than six months after a raise of $127 million, are unhappy at watching their $4.8 billion baby crash and burn.

The second “rerun” Theranos trial of Sunny Balwani rests. This much-muted trial is winding towards its close. Receiving much less breathless and near-sensational coverage than Elizabeth Holmes’, Theranos president Balwani was tried in the same San Jose Federal district court, with the same prosecutor (Robert Leach), just about the same charges (12 counts of wire fraud), and Judge Davila presiding. Holmes was convicted and her sentencing is scheduled for September.

The prosecution rested on 20 May and the defense on 9 June. The trial took some delays due to at least two jurors falling ill from Covid. The defense strategy rested on Holmes’ founding and operating the company without Balwani for a few years and that he never sold his shares, making him as victimized as any ordinary investor. The prosecution is relying on how close Holmes and Balwani were, that he had great power at Theranos–and used it, plus in his position was well aware of the problems with the lab machines and deliberately sought to defraud investors by covering it up. Unsurprisingly, Holmes did not testify at his trial, although she was a looming presence at his as he was somewhat at hers, especially in her testimony about their relationship. Closing arguments took place on Tuesday (14 June) and the jury will be charged after their conclusion. NBC Bay Area, New York Post, Wall Street Journal

Happier news comes from Proscia, a pathology software company, funding a $37 million Series C. Highline Capital Management, Triangle Peak Partners, and Alpha Intelligence Capital led the round along with participation from five earlier investors. Their total funding is up to $72 million. Their AI-enabled Concentriq platform combines “enterprise scalability with a broad portfolio of AI applications to accelerate breakthroughs and unlock clinical insights that advance precision medicine.” Clients include 10 of the top 20 pharmaceutical companies as well as the Joint Pathology Center, Proscia release, Becker’s 

Adding to the tally of healthcare data breaches are several this week. The year-to-date winner, of course, are the 2 million at Shields Health Care Group in Massachusetts [TTA 10 June], but this week, reports have been breaking out like late spring roses:

  •  A clinical guidance software vendor’s breach reported 10 June has exposed the protected health information (PHI) of patients at Omaha, Nebraska-based CHI Health and Sioux Falls, South Dakota based Avera Health. Avera has about 900 exposed patients, but the number at CHI is not yet known. MCG Health is the vendor. Becker’s
  • Yuma (Ariz.) Regional Medical Center reported an April ransomware attack that while short in duration, exposed PHI of 700,000 patients. An unauthorized user removed files from the hospital’s system that included patient health information such as names, social security numbers, health insurance information, and limited medical information relating to care. The hospital went offline until it was resolved, including reporting to law enforcement. Becker’s, Healthcare Dive
  • UChicago Medicine had its employee accounts hacked in March by an unauthorized user. It exposed about 2,500 patient records that included patient first and last names, social security numbers, health information, legacy Medicare beneficiary identification numbers, health insurance policy numbers, and driver’s license numbers. Becker’s
  • And Kaiser Foundation Health Plan of Washington had about 70,000 patient PHIs exposed on 5 April when an unauthorized user gained access to one employee’s emails with information on patient first and last names, dates of service, laboratory test information, and medical record numbers.

Short, but certainly not sweet, and expensive.

Wednesday news roundup: Oracle scrutinizing outside vendors, cloud change coming for Cerner EHRs, audio-only telehealth can continue after PHE–HHS, Proximie connected surgery raises $80M (UK)

June 15, 2022 | by

Oracle moving quickly to change Cerner’s outside vendors to Oracle products and move their EHRs to Oracle cloud services. Will this fly with health systems and providers? An immediate change that will resonate with current Cerner EHR users is Oracle’s immediate moves to replace Cerner’s current third-party vendors with Oracle services and technology. So if your Cerner EHR has something you like but it comes from a third-party vendor, enjoy it while you can. Do expect that Oracle will be selling other products like Enterprise Resource Planning Cloud, administrative systems, and supply chain into providers and health systems–hard. From the earnings call, CEO Safra Katz: “We remain confident in our ability to grow Cerner’s top line and bottom line faster than they were able to do so on their own as these changes are implemented.”

The major and quickest move specified in yesterday’s Oracle earnings call (transcript) will be to move Cerner to OCI–Oracle Cloud Infrastructure. Further down into Mr. Katz’s remarks, Cerner is expected to account for 20 points of their cloud growth in Q1 2023 (starting 1 June 2022). When Cerner has added $15.8 billion of debt to the balance sheets, it’s to be expected.  HISTalk, Becker’s

What happens to audio-only telehealth at the end of the pandemic Public Health Emergency (PHE)? HHS has just issued guidance that will permit telehealth, including audio-only, services to continue. According to the HHS release, “HIPAA covered entities can use remote communication technologies to provide telehealth services, including audio-only services, in compliance with the HIPAA Privacy Rule. ” There are specific requirements such as how the HIPAA Security Rule applies to electronic media and electronic protected health information (ePHI). The full guidance is here.

UK surgical connectivity platform Proximie raises $80 million. London-based Proximie, a system that connects surgeries with pre-operative patient information, collaborative tools, and post-operative content distribution, completed a Series C with participation from Emerson Collective – the impact investor founded by Laurene Powell Jobs, SoftBank Vision Fund 2, British Patient Capital, Mubadala Investment Company, and the Minderoo Foundation, plus previous investors. The raise is unusually large (in this Editor’s opinion) for the UK, particularly at this uncertain time. Proximie has supported over 13,000 surgeries in 100 countries, contracts with over 35 major medical device companies such as Stryker and Abbott, and has been used in 500 hospitals across 50 countries. The company is a partner with Teladoc and Vodafone Business.  Release.  

Oracle’s Big Healthcare Transformation: it’s all about ‘better information’ (sigh) (updated)

June 14, 2022 | by

“Better information is the key to transforming healthcare,” he [Larry Ellison] said. “Better information will allow doctors to deliver better patient outcomes. Better information will allow public health officials to develop much better public health policy and it will fundamentally lower healthcare costs overall.”

Larry Ellison’s Big Vision, now that Oracle’s acquired Cerner, has a distinct and familiar ring. ‘Better information’ was also the mantra of IBM Watson Health. It’s the meme of every healthcare company, from education to data analytics, that better and more accessible information means better outcomes and lower cost of care. For those of us who’ve hung our caps in healthcare for the past decade, it’s the dawning promise that like Andrew Wyeth’s Christina’s World, is on the top of the beautiful hill, within our sight, yet out of our reach. But we keep trying.

Mr. Ellison is smarter and richer than most of us, so let’s defer to his Vision and what seem to be the most obvious obstacles to interoperability and mass scaling:

  • A national health record database, in an open standards-based system, will be built by Oracle. It will sit on top and pull information from thousands of hospital and presumably practice-based EHRs. Once completed, in the non-defined future, a hospital or practice anywhere would be able to access patient information.
    • Obstacles: data fragmentation, health records not in an EHR, cooperation in providing information, security, Federal/state privacy regulations, and buy-in from other EHRs which were at last count 500 or so with hospitals running at least 5-10 different EMRs/EHRs.
  • From the national database, disease-specific research using anonymized data from it and AI-enabled analysis
    • This is potentially a big winner, as smaller models are already in use, e.g. between Ronin, a clinical decision support solution, and MD Anderson to create a disease-specific AI model for cancer patients in treatment. 
    • Gathering, anonymizing, and securing the data are the main challenges, plus those above

Big Visions don’t thrill us the way they used to because other than the newest among us, the new Big Promises sound all too familiar. It’s not that long ago that first EHRs, then health information exchanges were supposed to be the clearinghouses to make information interoperable. 21st Century Cures, which allowed members/patients to obtain their health information from payers and providers to the individual, was supposed to fix that portability gap in its next phase. The government also has its own national data exchange framework as part of the Cures Act. So what about that?

Updated. Lest this Editor be considered an outlier, a skeptic, and a general killjoy, there are other smart people far better grounded in IT Reality who are equally skeptical. Patrick Murta, who is now with BehaVR but formerly was co-chief architect for the Office of the National Coordinator for Health IT’s FHIR at Scale Taskforce (FAST), is quoted in FierceHealthcare. “Saying that you’re going to build a national database and bringing that to fruition is a different story. This particular model is going to face the same barriers that have been there for many years and there’s no easy path to overcome those barriers quickly.” His opinion is echoed by at least three others in the article. In short, Oracle is actually behind other vendors in the data interoperability area and the goal to knit together thousands of systems that don’t talk to each other may be admirable, but is likely to be the classic Bridge Too Far.

Tony Blair and his nonprofit Tony Blair Institute for Global Change, already partners with Oracle to use its cloud technology to tackle health issues.

Oracle did not answer queries on timing, cost, and access. 

The cynics among us will need no reminder that Cerner is having interoperability issues between DOD’s MHS Genesis and VA’s Cerner Millenium, both national systems that Oracle has now inherited.

In the short term, Cerner will be updated to include a built-in voice interface, more telehealth capabilities, and disease-specific AI models. It’s nice to have the short-term needs recognized while the Big Vision is being built. Healthcare Dive, FierceHealthcare

Weekend review: FDA clears Apple Watch ‘AFib History’, OS9 adds health features; Amwell’s new CMO; 2M records breached at New England provider, largest this year

June 10, 2022 | by

Apple Watch adding first-ever ‘AFib History’ in watchOS 9 software release. Announced 6 June, Apple received their FDA 510(k) clearance for this new feature which adds on to the existing ECG app and irregular rhythm notification. The History feature includes an estimate of how frequently a user’s heart rhythm shows signs of atrial fibrillation, including additional weekly notifications to understand and track this on a printable PDF. According to their release, users can view a detailed history in the Health app, including lifestyle factors that may influence AFib, like sleep, alcohol consumption, and exercise, which can be downloaded and printed.

Other health-related features on the watchOS9 release include:

  • Medications app for managing medications, vitamins, and supplements, including a medications list, schedules and reminders, and directly view medication information in the Health app
  • Sleep Insights, an add-on to the existing sleep tracking that informs users of sleep stages. Using signals from the accelerometer and heart rate sensor, it will detect and track when users are in REM, core, or deep sleep.

Apple release 6 June, FierceHealthcare

Amwell names new chief medical officer. Carrie Nelson will be working with payer and provider organizations in care delivery from Amwell’s new platform, Converge. In addition, she will be heading up the Amwell Medical Group, their clinical partner. Dr. Nelson was formerly Advocate Aurora Health’s senior vice president and CMO for Population Health and Health Outcomes, where she was also chief clinical officer for Advocate Physician Partners, their value-based care physician group. Amwell is transitioning practices from its prior platforms and needs to maintain their presence with both groups as many are finding alternative telehealth systems. Amwell release, Healthcare Dive

And what week wouldn’t be complete without a massive healthcare data breach? The leading event so far this year took place over two weeks in March at 60 healthcare facilities affiliated with Massachusetts-based Shields Health Care Group. While it was only 7 to 21 March and discovered 28 March, apparently the quaintly-titled ‘unknown actor’ was able to compromise data. The investigation by Shields and Federal and state regulators is ongoing as to what data was accessed and taken; to date, there is no evidence to indicate that any information from this incident was used to commit identity theft or fraud. The difference in breaches between now and the past is how rapidly it’s discovered.  Shields Health notice, Healthcare Dive

Remote health monitoring a winning strategy…for sports?

June 9, 2022 | by | 2 Comments

Like most Americans, your Editor is utterly clueless when it comes to cricket. Bats, pitches, test matches…it sets her to wondering why the far simpler to understand polo hasn’t been popular in the US since the 1930s, because even at the club level, it’s an action sport with thrills and sometimes disastrous spills. Like most press, TTA receives releases, this one from India (published in Cricket World) promoting the use of Ultrahuman M1, a continuous blood glucose monitor (CBGM) out of Bangalore, India which with an app claims to optimize athletic metabolic fitness based on glucose biomarkers and continuous scoring. It factors in food, sleep, workouts, meditation, and daily activities. The news is the endorsement by top Indian cricket player Shreyas Iyer (at left–photo Reuters).

CBGMs such as the Dexcom G6 are not marketed this way in the US. Your Editor found one brand that is, somewhat, the pre-market Signos which also ties in weight loss, but both require a doctor’s prescription. The Apple Watch, or in fact any watch, has famously failed to factor in or have any success with blood glucose monitoring.

But actually ordering the Ultrahuman is rather opaque. You can subscribe to the app with yoga, meditation, and workouts for $25/year, but the “Cyborg” or M1 metabolic part leads you through information screens and to the realization that it’s pre-market and waitlisted. There’s no mention on the website about a prescription, either.

This resonated with your Editor because she recently read a book about 1950s F1 and sports car racing champions Phil Hill and his Ferrari teammate Wolfgang von Trips. von Trips tended to crash a lot (nicknamed Count von Crash) partly because he had a serious low blood sugar problem from childhood, and would suddenly weaken. He would eat or pop glucose tablets during a race. von Trips died at Monza in 1961. What if….

Do any Readers know if CBGMs are currently used in sports? Comment please.

Thursday news roundup: dimming SPACs, hospital-at-home pilots in DFW, Connected Health debuts bespoke home care services configurator in NIR

June 9, 2022 | by

The prognosis for SPACs? Like Lucas electrics, dim. Too many went public on last year’s overdose of moonbeams and celery stalks at midnight, to this year’s plummeting share prices and red ink. Not only are SPACs now targets of Federal, including SEC, scrutiny, but they have Elizabeth Warren, the Senatorial Scourge of Finance, after them promising legislation with even tighter regulations than the SEC. But let’s face it, most SPAC’d companies have yet to stumble their way into profitability. From financing Hero to Zero in two years. This short article in PrivCo’s Daily Stack will confirm all of this.  

Hospital-at-home pilots in the Dallas-Fort Worth, Texas area. Biofourmis is piloting an initiative with Wise Health System for its Hospital@Home end-to-end solution that combines artificial intelligence (AI)-based remote patient monitoring (RPM) technology and clinical support services. This is to qualify for Centers for Medicare and Medicaid Services’ (CMS) Acute Hospital Care at Home program. Select patients can choose to be admitted to home versus the hospital, then monitored by the Biofourmis Virtual Bed Kit based on a wearable biosensor feeding into a digital tablet pre-loaded with the patient-facing Biovitals Hospital@Home app. Wise’s staff will visit the patient at least twice daily to conduct in-person examinations, assessments, and additional testing as needed. Wise Health is a four-hospital, integrated care network. Biofourmis release

What you pick is what you get. Domiciliary care provider Connected Health is debuting Connected Health 2.0, a ‘home care configurator’ which will enable clients and families to build a package of services for home care. Launched during Carer’s Week in Northern Ireland, it custom-packages physical care, wearables, medication devices and virtual care services. Once the client or family member configures the care package, Connected Health calls them to review suitability then follows up with an on-site risk assessment in the home before service begins. The Irish News article is light on details like when it begins in Northern Ireland, but Connected Health’s timetable is to roll it out in the UK and Ireland over the next two years.

A sneak peek at Oracle’s plans for healthcare prior to 9 June’s ‘The Future of Healthcare’ live

June 9, 2022 | by

Gimlet EyeOracle is all set to heal the healthcare system, now that Cerner’s in the fold. Unlike other companies that have promised (ZocDoc and Change Healthcare come to mind), Oracle may actually have the capabilities to do so in many areas. Oracle has the enterprise infrastructure, the analytics, and IT automation; Cerner brings the entreé into patient records, automation, and clinical expertise that Oracle on its own didn’t have.

For those Readers not able to join the Oracle Live presentation at 3pm Central Time, 4pm Eastern, and 9pm BST (and miss Tony Blair! s/o), some of the highlights of the preview posted by Oracle’s EVP Mike Sicilia, on the Oracle Health blog:

  • The objective is to deliver “secure and reliable solutions that deliver health insights and experiences to dramatically change how health is managed by patients, providers, and payors”
  • Reduce technology-induced administrative burden that’s burned out clinicians through “a toolset that supports clinical decision making and prioritizes the user experience” via an interface that’s easy to use for care delivery organizations to find patient information
  • Make systems interoperable between organizations so that clinicians can access complete medical histories and records are portable by the patient by creating a collaborative ecosystem that breaks down information silos
  • Using their Fusion application to streamline and integrate back-office systems to drive efficiency and reduce costs, as well as reducing administrative costs, the supply chain, and retaining employees
  • Oracle’s 40+ years in securing vulnerable healthcare data to the standards they have in handling large volumes of cloud-based data for financial institutions
  • Combining existing expertise in areas such as clinical trials, health insurance, and public health analysis with Cerner, they will “support the entire lifecycle of healthcare, going beyond traditional health IT to integrate our infrastructure, platform, and applications capabilities for a more fully connected operational, administrative, and clinical system”

Those cynics among us with Gimlet Eyes have heard each and every one of these points before. Panaceas where everything is there for everybody, all wrapped up with a blue bow, if you buy it all at the usual stunning price, have been tried before in healthcare. Another question is the mesh of Middle America Cerner and Silicon Valley Oracle. Nonetheless, the combo should give the industry a little hope. They’ll be feeling their way through as Cerner is an organization used to doing things their way. If Oracle can straighten out the MHS Cerner Genesis and Cerner Millenium rollout in DOD and the VA, it’ll be worthy of applause.

Wednesday AM roundup all about money: $28B Oracle-Cerner closes today, 9 June strategy talk; Teladoc class-action lawsuits begin; Cigna’s look at loneliness

June 8, 2022 | by

As you read this, Oracle has closed on their acquisition of Cerner Corporation. According to the Oracle release, approximately 204,280,589 shares, or 69.2% for $28 billion, have been validly tendered and other conditions, such as passing antitrust approvals, have been satisfied. If there are other loose ends to tie off, they aren’t impediments to the closing.

Interested Readers can register to hear Larry Ellison, Oracle’s chairman, and other speakers outline Oracle’s strategy to “redefine the future of healthcare” (a song we’ve heard before) on 9 June at 3pm Central Time. If our UK Readers have been wondering what former PM Tony Blair’s been up to, he’ll be on this call. Other UK speakers are David Walliker, chief digital officer of Oxford University Hospitals, and Kevin Jarrold, joint CIO of Imperial College Healthcare. Another outside speaker is Meharry Medical College‘s CEO, James E.K. Hildreth, MD, PhD. Meharry, located in Nashville, is the second oldest medical school founded (1876) to educate black Americans in medicine and dentistry.  

Here we go with class-action lawsuits against Teladoc based on loss of share value and misleading statements. Teladoc, whose stock has taken a long jump off a very tall building (90% loss from the high), is being sued in US District Court for the Southern District of New York by a shareholder, Jeremy Schneider. This is a Federal securities class-action lawsuit (text here) with Mr. Schneider representing shareholders who purchased Teladoc shares between 28 October 2021 and 27 April 2022 (the date of announcing Q1 2022 results). The charges involve materially false statements that Teladoc made on its business, operations, and prospects including minimizing competition leading to increased advertising costs, unrealistic projections for revenue made in the period, and the impact of the Livongo writeoff announced Q1–a noncash goodwill impairment charge of $6.6 billion, or over $41 per share [TTA 4 May recaps Q1].

A lookup on Justia indicates that Mr. Schneider is being represented by Jeremy Alan Lieberman of Pomerantz LLP. The filing names Jason Gorevic, CEO, and Mala Murthy, CFO as individual defendants along with Teladoc. Mr. Schneider is not a large shareholder; his investment was a little over $250,000 from December 2021 to February 2022. Other shareholders may join the suit by contacting Pomerantz.

What usually happens after this is other firms file class-action suits in the same court representing other shareholders. An example of this trolling is this announcement/release from Bernstein Liebhard LLP

If you like risk and volatility, TDOC and AMWL shares remain relatively cheap (the latter below $5) and haven’t recovered. TTA reflected on Amwell’s equally shaky Q1 and growing losses in May 

If and when they’ll recover is anyone’s guess, with increased direct-to-consumer competition from retail (CVS, Walmart) and with providers maintaining their own telehealth systems, homegrown and whitelabeled (Bluestream Health, Zipnosis). Healthcare Dive, Mobihealthnews recap much of what led to this point.

If you feel a little lonelier after your Teladoc (or other telehealth) shares tanked, or you feel like life hasn’t gotten back to normal now that the pandemic is really over (despite the hoo-hah over monkeypox), Cigna’s latest research commissioned from Morning Consult will be on point. Isolation is a function of lower income, lower physical and mental health, and being a single parent or mother. Contrary to the usual assumption, young adults 18 to 24 feel lonelier and more left out (79%) compared to those aged 66 and over (41%). (Your Editor speculates that the office and workplace are more necessary for socialization by those starting their careers than those toward the end who’ve built their networks.) What’s also a little surprising is the increased indication of loneliness among racial lines with black/African American (68%) and Hispanics (72%) feeling significantly lonely. The impact at work is less productivity and more unhappiness with their jobs. The study recommends increases in work and community activities, work flexibility, improved benefits, and workplace inclusion. A bit more along with quotes from Cigna’s Evernorth subsidiary in FierceHealthcare

Thursday news roundup: bet on Oracle-Cerner closing next week, VA EHR progress reports mandated, Homeward-RiteAid rural care, Medtronic-DaVita kidney JV, Withings reenters RPM, Lightbeam buys Jvion AI

June 1, 2022 | by

The Oracle acquisition of Cerner will close as early as Monday next week, no later than mid-June. Mid-June is the prediction of Seeking Alpha. They based it on Oracle-Cerner already passing Australia’s Foreign Investment Review Board, no questions posed by the UK antitrust authority, and the US waiting period expiring in February. As rumored [TTA 25 May], European Commission regulators approved it today (Barrons, paywalled) which predicts the close will be next Monday. Hat tip to HISTalk for their alert yesterday.

Scrutiny of Cerner’s $16 billion EHR implementation with the Department of Veterans Affairs by Congress ramps up. New legislation due to be signed by the president shortly will require the VA Secretary to submit regular reports 30 days after the last day of each fiscal quarter on the VA’s Electronic Health Record Modernization (EHRM) program. Content will include spending, performance metrics, outcomes, safety, transitioning from VistA to Cerner Millenium, interoperability, and progress or issues with all. Text of Senate bill, FierceHealthcare  TTA’s previous article on Cerner EHR interoperability problems with DOD and VA

Bringing healthcare to rural America is Homeward with a freshly inked deal with RiteAid. Founded by former Livongo president Jennifer Schneider, MD, Homeward will set up distinctive purple mobile van clinics at up to 700 Rite Aid location parking lots in rural communities starting Q3 this year. Michigan will be the first market. Homeward will accept regional Medicare Advantage plans and Medicare.

The company is targeting the 60 million Americans who live in rural areas and have been losing access to basic medical care as local practices and clinics close. Their technology enablement will be for appointments, checkins, telehealth, remote patient monitoring, and scheduling home visits. Homeward announced its launch at the recent ViVE2022 in March including $20 million in funding from General Catalyst. Other Livongo alumni with the new company are Brian Vandenberg, former general counsel, Amar Kendale, former chief product officer, and Bimal Shah, MD, former chief medical officer at Livongo. Nice to know that they have moved to another healthcare chapter of real need, versus cruising the Caribbean in very large yachts. FierceHealthcare, Homeward release

Medical device giant Medtronic and DaVita are establishing a joint venture by next year to advance kidney care therapies and technologies, including new products to be used in clinics and in the home. The intent of the JV is to increase the availability of kidney care including dialysis. 10% of adults worldwide–700 million people–have chronic kidney disease. 2.6 million have kidney failure. The JV is expected to be formed in early 2023 with each company owning an equal share. Initial investment is not disclosed. According to the release:

  • Medtronic will contribute its Renal Care Solutions (RCS) business including the current product portfolio (renal access, acute therapies, and chronic therapies), product pipeline, and global manufacturing R&D teams and facilities.
  • Both companies will provide an initial investment to fund the new company (NewCo) and future certain operating capital.

FierceBiotech, Medtronic release

Withings reenters remote patient monitoring with Withings RPM. Their initial entry was with MedProCare back in 2019 but apparently in the repositioning of the company since the buyback from Nokia in 2018, it was back-burnered. The new RPM will be based on an app that will:

  • track time for CMS-compliant billing reports and uploadable to the provider EHR
  • support billing for CMS codes 99453, 99454, 99457, 99458
  • a digital patient-facing assistant
  • full connectivity to Withings devices such as scales, blood pressure monitors, and sleep monitors
  • implementation support by their Health Solutions teams

Withings RPM page, Outsourcing-Pharma

Looking hard for an M&A that relates to us in this very quiet market, Lightbeam Health Solutions, a population health software company, is acquiring Jvion Inc. Jvion has AI-enabled prescriptive analytics and social determinants of health (SDoH) solutions which will be combined with Lightbeam’s health analytics and outcomes for payers and providers. Terms of the acquisition and leadership transitions were not disclosed. Lightbeam release

CVS, Walmart refuse Cerebral, Done Health controlled substance prescriptions via telehealth; Cerebral CEO replaced

June 1, 2022 | by

More hot water dumped by CVS Health and Walmart on Cerebral, Done Health. The two retail giants announced last week that they would refuse to fill prescriptions of all controlled substances by telemental health providers Cerebral and Done Health. Cerebral was already under investigation by DOJ on over-prescribing of controlled substances by its provider network as a business practice, including advertising [TTA 10 May]. It turns out that seed-stage Done Health, a telemental provider specializing in ADHD diagnosis and support, is also facing the same scrutiny and treatment. 

Cerebral had already restricted prescribing controlled substance prescriptions for new ADHD patients as of 9 May. They initially continued to prescribe controlled substances for new patients diagnosed with other mental health conditions, according to a memo from their chief medical officer to their clinician network, but stopped that on 20 May with an exception for opioid use disorder. Truepill, Cerebral’s recommended mail order pharmacy, had stopped filling all Cerebral Schedule 2 prescriptions prior to that date. The CVS and Walmart refusals close off two more pharmacies for patients. FierceHealthcare

Earlier in the month, Cerebral CEO and co-founder Kyle Robertson was forced out by the Cerebral board. His replacement by medical officer and president Dave Mou, MD is effective immediately. According to reports, Robertson is fighting their action, calling it illegal and accusing the board of making him the scapegoat for the company’s problems. FierceHealthcare

Companies like Cerebral and Done grew quickly in 2020-21 due to the pandemic-driven loosening of psychiatric patient evaluations, eliminating the usual initial in-person initial visit and permitting online treatment. Restrictions were also loosened for diagnoses permitting the prescription of Schedule 2 drugs (those judged to have potential for abuse) with solely a video visit and follow up. With fast growth came more need to maintain that growth, according to current and former employees.  

Upon taking the CEO position, in an email to the prescriber team, Dr. Mou announced that patients on controlled substances would be transitioned as follows: a visit prior to 1 August to establish a treatment plan to transition to a non-controlled medication, titrating off of their controlled substance, or transferring their care to a local provider by 15 October. With the pandemic policies around telehealth ending soon, this is called playing defense, though it well may stop growth. Wall Street Journal, The Verge

Thursday’s short takes: Walmart’s delivery drones expand, AWS lands Geisinger for AI and cloud, UHG-Kaia Health partner for virtual MSK therapy

May 26, 2022 | by

Look, up in the sky! If you live in Arizona, Arkansas, Florida, Texas, Utah, and Virginia, you might be seeing a Walmart delivery drone sooner than you think. By end of 2022, the DroneUp delivery service will be expanding to 34 sites in six states, including Orlando and Tampa, covering 4 million households. What stores in those states will fill these orders between 8am and 8pm haven’t been disclosed, but Walmart estimates that delivery may reach 1 million packages. They will be limited in weight to 10 lbs, promise a 30-minute turnaround, and the delivery fee will be a modest $3.99. “Certified pilots” will be flying these drones. A side business for DroneUp is aerial photography for city and state governments’ construction projects. Color this Editor skeptical, as she wonders how many packages will be dropped and drones shot at. Also, they need to stay clear of restricted airspace. Walmart release, Epoch Times, The Verge

Amazon Web Services (AWS) continues its foray into healthcare with a prime partnership with Geisinger Health, a regional (PA) integrated health system.  They will be transitioning to AWS as their strategic cloud tech provider including their EHR, over 400 applications, plus workflows, after a multi-year review. Geisinger has estimated that post-implementation, they will save several million dollars. Their EHR migration will be one of the largest AWS migrations to date. AWS for Health is rivaled by Microsoft with Teams, Azure IoT, and chatbots for clients such as Humana, plus Google’s partnerships with healthcare giants such as Mayo. FierceHealthcare, Geisinger release

UnitedHealthcare and Kaia Health are partnering for a musculoskeletal (MSK) virtual therapy program. United Healthcare members recovering from surgery or injury will be assessed and referred to the Kaia program when appropriate. These members will then be able to download the Kaia app for physical therapy, tailored to them via “artificial intelligence”. Progress is monitored by that person’s smartphone camera to record motion in real-time and offer suggestions via coaches either 1 to 1 or through the app’s chat feature. At this point, UHG will offer it only to their self-funded employer clients. FierceHealthcare

ElliQ companion robot, NYSOFA partner for NY older adult assistance

May 25, 2022 | by

In a step to move robotics more widely into the home, the recently launched ElliQ voice-controlled small-size companion robot from Intuition Robotics will be offered in a pilot program to about 800 seniors in a NYSOFA (New York State Office for the Aging) program. NYSOFA and Intuition Robotics will work with over 830+ case managers to nominate the best candidates for the program. The NY state office is the company’s first state government partner. This is the second initiative in robotics for NYSOFA, the first being an animatronic pet program from Ageless Innovations/Joy for All that reportedly reduces self-reported loneliness by 70 percent.

As we noted in March, ElliQ responds and ‘learns’ by voice commands and through a connected tablet. It is unusually shaped like a small lamp, is animated in place, and initiates conversation that resembles chit-chat after a learning period. Behind this is interactivity–the companion part–checking in to say “good morning,” pointing towards sleep, but also informing family or friends that you’re OK and helping track appointments and medications. ElliQ release

Wednesday news roundup: Oracle-Cerner reportedly OK’d by EU, VitalTech RPM raises $14.1 M, Aging 2.0 interoperability challenge, what do rough times mean for investors and startups, employees cause 39% of healthcare IT breaches

May 25, 2022 | by

One regulatory hurdle down for Oracle’s $28 billion Cerner acquisition? The EU has reportedly given an unconditional EU antitrust clearance to Cerner, three sources informed Reuters. The formal announcement will be made 1 June. In the US, the long and winding road of Federal antitrust scrutiny and review began in February by the usual alphabet agencies–DOJ, FTC, and SEC–that show no sign of wrapping up [TTA 11 Feb]. Cerner continues to run into headwinds in its VA EHR implementation including spotty interoperability with the Military Health Service DOD version [TTA 18 May].

In a small confirmation that RPM is on the rise, Texas-based VitalTech raises $14.1 million in a Series B equity raise. The company offers an app-based remote patient monitoring platform for vital signs, med and nutritional reminders for use by home and hospital/acute care. Investors were not disclosed and the total offering has about $2.1 million remaining in unsold equity. Their undisclosed Series A funding dated back to 2019 and funded by Concord Health Partners and Stanley Ventures. SEC filing

The international Aging2.0 organization announced the Global Innovation Search (GIS), an opportunity for innovators around the world to showcase innovations that enable and promote a system-level approach to improving quality, continuity, and efficiency of care through interoperability. The eight finalists will participate in a Care Tech Pitch at OPTIMIZE, Aging 2.0’s annual conference on 21-22 September in Louisville, Kentucky. Applications close 12 June. The GIS is associated with the Louisville Healthcare CEO Council (LHCC) and will require the winner to relocate to Louisville. More information here.

What does this mess of a market mean for healthcare investors, startups, and companies looking for equity or VC investment? Industry figure Lisa Suennen, who has been to this rodeo before, has a POV in her Venture Valkyrie blog that HISTalk has summarized neatly, if not cheerfully. Major points: the downturn in funding will lag the market by 3-6 months, VCs will stuff the cash and wait for deals at lower valuations, few exits mean that portfolion companies will be burning through cash and dependent on existing investors, and there will be less-well-funded companies and funds which will go belly-up. This Editor’s disagreement is only that VCs lag downturns. In 2008, heading marketing in an early sensor-based monitoring company running out of funds, funding became scarce months ahead of the downturn.

39% of healthcare data breaches are caused by employees, according to Verizon’s latest cybersecurity Data Breach Investigations Report–more than any other industry at 18%. Incidents hit an all time high in healthcare, with 849 incidents and 571 breaches last year. 76% of breaches centered on basic web application attacks (attacks against a web-facing app–30%), system intrusions (malware, hacking–26%), and miscellaneous errors (mostly unintentional–21%).  Personal data was nearly 60% of the data compromised, while 46% was medical. Much more in the report. Healthcare Dive

To white coat, or not to white coat? That is the telehealth doctor question.

May 25, 2022 | by

A light but thoughtful take on the protocols of the white coat, and how the clinical dress translates to telehealth consults. Dr. Jayne, who writes the weekly ‘Curbside Consult’ column for HISTalk, discussed how wearing a white coat on a telehealth visit may very well be passé. Some companies require it, others don’t, but what’s in those pockets anyway? And in telehealth, does this garb turn off patients? 

Dr. Jayne’s practice, based on her columns, is a mix between office and telehealth, but she has previously worked in the ER/ED. Where the white coat comes from is hospital culture, where the differentiators were short white coats for the medical students and longer white coats for the degreed physicians–except in surgery where short coats were worn by interns (remember interns?) and first-year residents. Men wore ties, and the dress was uniformly professional under those white coats. The white coats descended from laboratory coats. As everyone changed into scrubs during the pandemic and ties were ditched (long ago in the UK, along with long sleeves), who is who in a hospital became even more confusing to outsiders, thus requiring even larger nametags.

Perhaps the precedent for telehealth is psychiatry, where most of the telehealth consults occur at the present time. In my brother’s clinical practice, and at the community hospital where he admitted patients, he and his colleagues didn’t wear white coats over their jackets and ties (or dresses/suits for the women). It was offputting to patients, even if they were already in the psych ward. One concession–short sleeves in summer. He did wear a white coat as a locum tenens in a much larger hospital’s psychiatric ER, mainly to protect his clothing from ER mayhem which was prevalent on the night shift. 

As Dr. Jayne put it, it’ll be interesting to see how the protocol evolves. Curbside Consult with Dr. Jayne 5/16/22

Crime Does Not Pay–especially when defrauding Medicare of nearly $1 billion

May 20, 2022 | by

Ocean’s 11 (or 13) It Ain’t. Back in October, the Department of Justice (DOJ) and other Federal agencies had what was dubbed the  National Health Care Fraud and Opioid Takedown. Many of the takedownees were ‘telemedicine’ fraudsters. Of the over $6 bn of fraud identified, $4.5 bn was specified as relating to ‘telemedicine’ with more than 86 criminal defendants located in 19 judicial districts [TTA 2 Oct 20].

The sentences are now rolling in for this and earlier actions. Becker’s seems to be the only outlet tallying those who will be fined and having a stay in Club Fed. The three ‘telemedicine’ convictions noted by this Editor to date, totaling $958 million, are:

  • Genetic testing fraud: The owner of Scott Global, an Orlando telemarketing call center, was convicted of eight counts and a $2.8 million fraud. Telemarketers would call Medicare beneficiaries soliciting their information for expensive cancer screening genetic testing, or CGx, telling them that it would be covered by Medicare. Mr. Scott then paid bribes and kickbacks to ‘telemedicine’ companies to get physician’s orders authorizing the tests. Becker’s Healthcare 12 Jan   DOJ release
  • Pharmacy fraud: Larry Smith, a Florida resident owner of two pharmacies and a related company, defrauded pharmacy benefit managers of $931.4 million by submitting bills for fraudulent prescriptions purchased from a telemarketing company. The telemarketers improperly solicited patient information, then got approvals from ‘telemedicine’ prescribers, and finally sold the prescriptions to pharmacies like Mr. Smith’s for a kickback. Mr. Smith faces up to 10 years in prison. DOJ Release 21 Jan 21 

(Updated April 2024) In a 2018 related action, HealthRight, a ‘telemedicine’ company, and its CEO Scott Roix pleaded guilty to conspiracy to commit healthcare fraud for their roles in the scheme and agreed to pay $5 million in restitution. Subsequently, other defendants and related companies were sentenced for their parts in the conspiracy. The DOJ release of 20 May 2022 details involvement and sentencing.  DOJ release May 2022

  • The absence of telemedicine–prescribing medication without a patient consult–was what landed New Jersey physician Bernard Ogon, MD, to 33 months in prison, pay restitution of $24.3 million, and forfeit an additional $75,000. He signed preprinted prescriptions and then sent them to specific compounding pharmacies involved in the conspiracy. Becker’s Healthcare 28 Jan  DOJ release

Certainly more to come. This Editor has also checked for any further actions in Humana’s suit against telehealth/telemarketing company QuivvyTech as reported last August, and there are none. Our original report here.