TTA’s Steamy Summer 2: fundings come alive for Huma, Thyme Care, Headway, others; Steward’s bottomless mismanagement; Masimo v. Politan rolls on; Walgreens needs a lift; Meta’s Reality Labs gone sideways; VA and AI, more!

 

 

It may be 90º+ out, but summer doldrums haven’t set in yet! Masimo v. Politan will be a summer-long soap opera, fundings have suddenly heated up, VA’s dipping a toe into AI, and payer earnings are looking OK despite the Change and utilization hits. But Walgreens needs some help, stat–there’s no bottom to Steward’s mismanagement–and Meta’s Reality Labs seems to be going sideways.

(What’s EiPaaS? Find out here!)

Perspectives: Embracing the Power of EiPaaS in 2024 and Beyond (A POV from Vorro)
Short takes: fundings for Huma, Truvian, Headway, ThymeCare, Freshpaint; Headspace’s new CEO; UK M&A RLDatix-Carebeans; Elevance earnings news, another Steward shocker; Meta’s Reality Labs AR unit sinking–is Meta? (Funding continues its roll)
News roundup: UHG’s cyberattack hit now $2.3B, Senate bill on cyberattacks intro’d, VA’s AI tech sprint awards, AliveCor’s new CPT codes
Masimo v. Politan goes into extra innings with two-month shareholder meeting delay, mucho maneuvering
(Now playing into September)
Walgreens’ Mound of Misery piles higher with shareholder class action lawsuit, skeptical industry opinion (Needs light at end of tunnel, stat!)

Three themes that will play out into the fall: fundings and M&A are picking up after a deathly 2023, healthcare AI skepticism is on the increase—and the VA faces a Section 508 and 501 Federal lawsuit on accessibility and discrimination in choosing Oracle Cerner. Masimo’s proxy battle drama will crescendo on 25 July, but latest move is to sell off their consumer business. Bubbling under this– Amazon and One Medical’s possible mishandling of older patients.

Mid-week news roundup: HarmonyCares $200M round, Risant to buy Cone Health, Courier Health’s $16.5M Series A; Coalition for Health AI loses HHS/FDA members; Weekend Read–reining in AI’s Wild West? (Signs of funding life–and AI skepticism)
Two debuts of note: Samsung’s Galaxy Ring, Watch upgrades; Alivecor’s InstantQT+KardiaMobile 6L Europe launch 
News roundup: Masimo has offer to JV consumer business for $950M or more, Get Well sold to SAI, One Medical scored on poor handling of urgent calls from Iora patients (Masimo’s many maneuvers before shareholder meeting–and One Medical’s little problem with older adults, a market they may not want)
VA sued in Federal court on Oracle Cerner EHR accessibility issues (A small lawsuit but legitimate big problem for Oracle)

Lots of follow ups this week on the Feds charging more people at Done, Walgreens finally giving up on VillageMD clinic concept in selling off, Boots’ managing director departs, Amwell’s reverse stock split, One Medical absorbing Amazon Clinic, Steward Health’s $7M spy business, MeMD sold to burgeoning Fabric, Masimo’s proxy fight continues.

Done Global Federal probe expands to five more people; company suspended from Google, TikTok ad platforms (Another shoe drops)
Short takes: Fabric buys Walmart’s MeMD telehealth arm, Geisinger data breach via vendor exposed ~1.2M records, UK’s Careium develops resilient rSIM, $50M funding for K Health, India’s Alyve’s $6M Series A, Upside Health closes
Follow up roundup: Amwell to reverse stock split to avoid delisting, Amazon Clinic folded into One Medical, Amedisys divesting to close UHG deal, latest on Steward Health’s antics and spying, Masimo’s shareholder fight 
Walgreens gives up on VillageMD, will sell to reduce stake below majority, closing underperforming stores, revising profit outlook– and in abandoning Boots sale, managing director James quits (Walgreens still sinking–why?)

AliveCor’s Kardia 12L compresses a 12-lead ECG into a single cable assisted by AI. There’s M&A activity at long last with eVisit and Sharecare going private along with some decent raises for Talkiatry, CipherHealth and Heyday. Medtronic tries but fails to keep its layoffs on the QT and Strictly HushHush. NeueHealth resurfaces with another daring loaner. And the Gimlet Eye resurfaces with a take on Cracked SPACS and recent IPOs.

Short takes/wrapup: fundings for Talkiatry, Heyday Health, CipherHealth; Brightside Health now 50 states for Medicare Part B; Neurabody’s sensor based posture therapy; below the radar global layoffs at Medtronic
News roundup: AliveCor launches FDA-cleared Kardia 12L ECG, eVisit buys UPMC’s inpatient teleconsult, UPMC and MedStar invest; NeueHealth gains $150M loan–with caveats–and NYSE non-compliance notice
A Gimlet Eye view on IPOs and Cracked SPACs: Altaris’ buys Sharecare for $518M, takes it private; a look at Waystar and Tempus AI post-IPO (Gimlet returns from the Remote Pacific Island–virtually, of course)

The first Federal prosecution on telemedicine prescribing against the leaders of Done. VA extended Oracle Cerner’s EHR implementation for another year. The UK Synnovis hack was ransomware, still affecting London hospitals. Still around Verily gets in on the GLP-1 craze. Pepper the Robot resurfaces in San Diego for mental health. And closing the week, Change/UHG finally getting required data breach notifications out along with three fundings.

Week-end short takes: Change Healthcare/UHG breach notification starting; fundings for Pomelo Care, Marigold Health, Humata Health (Green funding shoots?)
A lighter update: Pepper the Robot’s comeback at San Diego State University–now AI-equipped for mental health
News roundup: VA extends Oracle Cerner for 11 months; Amwell founders swap jobs; Alphabet’s Verily pivots to Lightpath with GLP-1, retiring Onduo; UnitedHealth hasn’t notified on Change breach
Done CEO, president arrested, charged with $100M fraud on Adderall distribution in first Federal case on telemedicine prescribing (updated) (First of many?)
UK pathology services Synnovis hacked by Qilin ransomwareistes, demand $50M, justify attack due to UK involvement in “wars” (One system, lots of vulnerability)

A week of ‘further developments’. Teladoc replaces its CEO in two months–record time. Waystar finally IPOs after two years. Steward Health gets the DIP bucks at the last minute to continue until it’s sold off. Devices and app systems like Dexcom and Aktiia make significant improvements that improve their marketability. Category consolidations in telemental health and behavioral health risk analytics. And are these the last appeals for Theranos’ Holmes and Balwani?

Short takes: Dexcom G7 now directly connects to Apple Watch, Brightside Health acquires Lionrock, Aktiia CALFREE gains CE Mark for optical BP monitoring not requiring calibration (Further telemental consolidation and digital health device upgrades)
Oracle’s Q4/FY 23 earnings push Cerner to background, stock price soars on AI deals; 81% of VA clinicals really can’t stand Cerner (Can this EHR be saved?)
News roundup: Teladoc’s new CEO from major payer, Steward Health lives with $250M injection, Waystar’s IPO raises $968M, NeuroFlow acquires Owl (A record time for CEO replacement)
Theranos’ Holmes and Balwani appeal fraud convictions, $450M investor restitution (One last try on appeal?)

NHS England made a lot of not-good news this week, with ‘serious harm’ linked to their multiple EPRs and by midweek, a third-party vendor ransomware attack crashing pathology systems in London hospital trusts. Theranos’ Elizabeth Holmes’ defense in court next week for appeal. Steward Health running out of operating money while being sold off in Federal Bankruptcy Court. Ascension breach scares health execs, but 1/3 don’t have contingency plans especially for vendor hacks. On the sunny side–some strong fundings for Eko, Sword, and Plenful.

Short takes: Holmes legal team appealing Tuesday 11 June; Steward Health asset sale OK’d, needs funding; fundings for Sword Health, Eko Health (Them’s that got, has $)
Breaking: multiple London hospitals, borough GPs declare ‘critical incident’ from ransomware attack via third party pathology vendor (Who’s responsible?)
News roundup: Change responsible for data breach notices; 37% of healthcare orgs have no cybersec contingency plan; health execs scared by Ascension breach; CVS continues betting on health services; Plenful’s $17M Series A
NHS electronic patient records linked to 100 ‘serious harm’ issues, with ~50% of NHS England trusts reporting patient issues: BBC News (Many fixes needed here before AI arrives)

 


Have a job to fill? Seeking a position? See jobs listed with our new job search partner Jooble in the right sidebar!


Read Telehealth and Telecare Aware: https://telecareaware.com/  @telecareaware

Follow our pages on LinkedIn and on Facebook

We thank our advertisers and supporters: Legrand, UK Telehealthcare, ATA, The King’s Fund, DHACA, HIMSS, MedStartr, and Parks Associates.

Reach international leaders in health tech by advertising your company or event/conference in TTA–contact Donna for more information on how we help and who we reach. 


Telehealth & Telecare Aware: covering the news on latest developments in telecare, telehealth, telemedicine, and health tech, worldwide–thoughtfully and from the view of fellow professionals

Thanks for asking for update emails. Please tell your colleagues about this news service and, if you have relevant information to share with the rest of the world, please let me know.

Donna Cusano, Editor In Chief
donna.cusano@telecareaware.com

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

News roundup: UHG’s cyberattack hit now $2.3B, Senate bill on cyberattacks intro’d, VA’s AI tech sprint awards, AliveCor’s new CPT codes

UHG reported earnings, profit reduced by $1 billion due to Change Healthcare cyberattack costs. On Tuesday 16 July UnitedHealth Group reported Q2 (ending 30 June) earnings of $98.9 billion, up $6 billion or 7% versus Q2 last year. Profit though didn’t move the same way, instead taking a hit at $7.9 billion, down from last year’s $8.1 billion. Despite strong performances in the UnitedHealthcare and Optum units, the drag from the Change Healthcare cyberattack is now estimated at an additional $1 billion from last quarter’s guesstimate, now at $2.3 billion. Also affecting the profit bottom line is inflating healthcare costs that are reflected in rising medical loss ratios (MLRs). Change is also obliged to do the patient notification which will start by the end of this month [TTA 21 June], having already started notifications of hospitals, providers, insurers, and other customers. Release, Healthcare Dive

But hey, now the Senate has a bill to coordinate agencies with the purpose of reducing those darn cyberattacks. The Healthcare Cybersecurity Act, sponsored by Senators Jacky Rosen (D-Nev.), Todd Young (R-Ind.), and Angus King (I-Me.), would direct the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services (HHS) to collaborate on improving cybersecurity. One important change would be creating an HHS liaison within CISA to coordinate incident response specifically for healthcare entities. An earlier version introduced by Sen. Rosen in 2022, S. 3904 (117th Congress), never made it into committee.  Sen. Jacky Rosen release, Healthcare Finance   But aren’t there other agencies involved in cyberattacks and ransomware like the FBI and the Department of Justice? And international agencies like the NCA and Europol since so many come from the darker parts of Europe and Asia? (The devil’s in the details…)

The Department of Veterans Affairs (VA) is taking a modest dip into the AI ocean. The award late last week of pilots for an AI-assisted healthcare dictation tool went to Abridge AI and Nuance Communications. The non-competitive, fixed-price contracts are as a result of the two companies winning the first track of the VA’s AI Tech Sprint which launched last October. The tools are designed to generate transcriptions from ambient recordings of patient encounters within specialty care, mental health care, and primary care settings, as well as integrating into the Oracle Cerner EHR. The notice does not specify start or end date. There is also a second sprint around developing an AI system to process documents generated in patient-provider encounters and other complex medical documents for continuity of care and sharing information with VA providers. FedScoop

AliveCor received CPT codes applicable to the company’s Kardia 12L ECG System. The Category III Current Procedural Terminology (CPT) codes are assigned by the American Medical Association (AMA).  The 12-lead system a few weeks ago gained FDA clearance for the combination of the Kardia 12L ECG System (left), a single cable with five electrodes that acquires 8 high-quality diagnostic bandwidth leads, with their KAI 12L AI-assisted diagnostic technology for clinician use only. The three new codes will be effective 1 January 2025 and will be published in the 2025 CPT Code book. Release

TTA’s Summer’s Here: Done prosecuted on Schedule II teleprescribing, VA extends Oracle Cerner 1 year, Synnovis breach was Qilin ransomware, robot Pepper returns, Change starts notifications, 3 fundings, more!

 

 

Lead news this week was the first Federal prosecution on telemedicine prescribing against the leaders of Done. VA extended Oracle Cerner’s EHR implementation for another year. The UK Synnovis hack was ransomware, still affecting London hospitals. Still around Verily gets in on the GLP-1 craze. Pepper the Robot resurfaces in San Diego for mental health. And closing the week, Change/UHG finally getting required data breach notifications out, along with three fundings.

Week-end short takes: Change Healthcare/UHG breach notification starting; fundings for Pomelo Care, Marigold Health, Humata Health (Green funding shoots?)
A lighter update: Pepper the Robot’s comeback at San Diego State University–now AI-equipped for mental health
News roundup: VA extends Oracle Cerner for 11 months; Amwell founders swap jobs; Alphabet’s Verily pivots to Lightpath with GLP-1, retiring Onduo; UnitedHealth hasn’t notified on Change breach
Done CEO, president arrested, charged with $100M fraud on Adderall distribution in first Federal case on telemedicine prescribing (updated) (First of many?)
UK pathology services Synnovis hacked by Qilin ransomwareistes, demand $50M, justify attack due to UK involvement in “wars” (One system, lots of vulnerability)

A week of ‘further developments’. Teladoc replaces its CEO in two months–record time. Waystar finally IPOs after two years. Steward Health gets the DIP bucks at the last minute to continue until it’s sold off. Devices and app systems like Dexcom and Aktiia make significant improvements that improve their marketability. Category consolidations in telemental health and behavioral health risk analytics. And are these the last appeals for Theranos’ Holmes and Balwani?

Short takes: Dexcom G7 now directly connects to Apple Watch, Brightside Health acquires Lionrock, Aktiia CALFREE gains CE Mark for optical BP monitoring not requiring calibration (Further telemental consolidation and digital health device upgrades)
Oracle’s Q4/FY 23 earnings push Cerner to background, stock price soars on AI deals; 81% of VA clinicals really can’t stand Cerner (Can this EHR be saved?)
News roundup: Teladoc’s new CEO from major payer, Steward Health lives with $250M injection, Waystar’s IPO raises $968M, NeuroFlow acquires Owl (A record time for CEO replacement)
Theranos’ Holmes and Balwani appeal fraud convictions, $450M investor restitution (One last try on appeal?)

NHS England made a lot of not-good news this week, with ‘serious harm’ linked to their multiple EPRs and by midweek, a third-party vendor ransomware attack crashing pathology systems in London hospital trusts. Theranos’ Elizabeth Holmes’ defense in court next week for appeal. Steward Health running out of operating money while being sold off in Federal Bankruptcy Court. Ascension breach scares health execs, but 1/3 don’t have contingency plans especially for vendor hacks. On the sunny side–some strong fundings for Eko, Sword, and Plenful.

Short takes: Holmes legal team appealing Tuesday 11 June; Steward Health asset sale OK’d, needs funding; fundings for Sword Health, Eko Health (Them’s that got, has $)
Breaking: multiple London hospitals, borough GPs declare ‘critical incident’ from ransomware attack via third party pathology vendor (Who’s responsible?)
News roundup: Change responsible for data breach notices; 37% of healthcare orgs have no cybersec contingency plan; health execs scared by Ascension breach; CVS continues betting on health services; Plenful’s $17M Series A
NHS electronic patient records linked to 100 ‘serious harm’ issues, with ~50% of NHS England trusts reporting patient issues: BBC News (Many fixes needed here before AI arrives)

This was a big post-holiday week, with Veradigm’s surprising bid for a buyer or ‘strategic alternatives’, a $1B Waystar IPO at last, a $34 million digital therapeutics merger, and an over-the-top Oracle response to last week’s Business Insider article. Clover markets Counterpart Assistant SaaS to other payers, CVS looks for an Oak Street investor, 23andMe looks to go private. Fundings for Wanda Health (UK) and Australia’s Updoc. And Done Health guests on Perspectives.

Short takes: Virtual Therapeutics, Akili in $34M merger; why health clinics are struggling; Dollar General, DocGo call it quits; Clover Assistant AI debuts; fundings for Wanda Health (UK), Updoc (AU); Telstra buys out Fred IT (AU)
Oracle’s Glueck kicks back hard at Business Insider’s ‘deadly gamble’ article, Epic’s Faulkner (A response written at maximum seethe)
Perspectives: How Collaborative Care Combats Physician Burnout (From Done Telehealth)
News roundup: Waystar $1B IPO is on (updated); CVS looking for Oak Street PE partner; 23andMe net loss doubles to $667M, may go private; Otsuka dives into digital therapeutics; HoneyNaps’ $12M no snooze (A big IPO after a year)
Breaking news: Veradigm may sell, merge, or seek ‘strategic alternatives’; appoints new interim CEO effective June (updated) (Parts worth more than whole?)

A light news week before the US Memorial Day remembrance and the UK Bank Holiday, the unofficial kickoffs to summer. What’s hot: Larry Ellison’s gamble on Cerner–are he and Oracle losing big after three years at the gaming table? Walgreens cashes in its Cencora chips, Walmart Health workers’ chips are cashed out, Change looks for chips that aren’t hacked, while Cue Health finally runs out of them. But in the chips: Expressable, Centivo, Transcarent. 

Short takes: Cue Health shuts, Walmart Health lays off, Walgreens sells $400M share in Cencora, $26M Series B for Expressable
News roundup: 100+ medical orgs pile on Change/UHG; Teladoc hit with second class-action suit; Congress demands Oracle EHR improvement–or else; Transcarent intros WayFinding; Centivo buys Eden Health 
Must read: Oracle’s ‘deadly gamble’ on Cerner (new with audio file!) (Can Ellison win at  healthcare’s poker table? And listen to this Editor’s first reading, with a few audio-only extras.)

A TON of news this week breaking before the US Memorial Day and UK’s bank holiday. Boots up for sale breaking up Alliance. Oracle Health will be struggling for the next two years. Cue Health sinking. Legrand is acquiring Enovation, Samsung Sonio ultrasound, and LG jumps into home health. And big VC Venrock issues its predictions for the health tech year.

Short takes 2: Humana’s CEO changeover; Owlet Dream Sock CE Mark, UK approval; TytoCare goes to school; LG enters home health with Primefocus; Samsung $92M buys Sonio (FR); raises by Blackwell in health cybersec, Watershed Health
News roundup: GE Healthcare warns on ultrasound vulnerabilities, Geisinger leverages Best Buy/Geek Squad for RPM, telehealth aids NYC shelter homeless, Fay raises $25M, ClearDATA’s AWS distinction, Validic’s MedTech award
A ‘healthcare prognosis’–from an investor POV (Venrock and ‘smart friends’)
Short takes: Legrand acquires Enovation, FDA nixes Cue Health’s Covid tests, Ascension confirms ransomware attack–who did it? (updated), beware of ‘vishing’ courtesy of ChatGPT
Is Oracle Health’s Big Vision smacking into the wall of Healthcare Reality? Their business says so. (Always be wary of Transformation Promises)
Separation or sale? WBA putting Boots out for bids; Walgreens pharmacists end month-long HQ protest. (End of Pessina’s Big Vision?)


Have a job to fill? Seeking a position? See jobs listed with our new job search partner Jooble in the right sidebar!


Read Telehealth and Telecare Aware: https://telecareaware.com/  @telecareaware

Follow our pages on LinkedIn and on Facebook

We thank our advertisers and supporters: Legrand, UK Telehealthcare, ATA, The King’s Fund, DHACA, HIMSS, MedStartr, and Parks Associates.

Reach international leaders in health tech by advertising your company or event/conference in TTA–contact Donna for more information on how we help and who we reach. 


Telehealth & Telecare Aware: covering the news on latest developments in telecare, telehealth, telemedicine, and health tech, worldwide–thoughtfully and from the view of fellow professionals

Thanks for asking for update emails. Please tell your colleagues about this news service and, if you have relevant information to share with the rest of the world, please let me know.

Donna Cusano, Editor In Chief
donna.cusano@telecareaware.com

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

Week-end short takes: Change Healthcare/UHG breach notification starting (updated); fundings for Pomelo Care, Marigold Health, Humata Health

Change Healthcare finally starting notifications, but not yet to consumers. A press statement today from Change/UnitedHealth Group confirmed that the long process of notifications has started with hospitals, insurers, and other customers. Individuals and practices will not be notified until late July. Change confirmed that the Blackcat/ALPHV cyberattack exposed names, addresses, health insurance information, and personal information like Social Security numbers, but at the individual level investigation isn’t finalized. At this point, they have reviewed over 90% of impacted files and have not seen signs that doctors’ charts or full medical histories were taken. Technically, UHG has made the 21 June deadline stated in the Hassan/Blackburn Senate letter [TTA 19 June] but not within the 60-day HHS-OCR window, which opens them up to an HHS fine. After paying a cyberransom of $22 million in bitcoin and uncounted (to us) millions in rebuilding systems, HHS’ fine may look like the lesser cost of doing business. The Change website also contains a very carefully worded ‘HIPAA Substitute Notice’ that reads like a consumer data breach notification. AP via Yahoo! News UK   One wonders if there’s a fair amount of ‘buyer’s regret’ going on at UHG in fighting so hard to buy Change. Due diligence would have helped over that year-plus.

Update: The Centers for Medicare & Medicaid Services (CMS) announced earlier this week that the provider financial assistance program will be ending 12 July as billing activities have largely resumed. It has advanced over $2.55 billion in payments to Medicare Part A providers and $717.2 million to Part B providers. FierceHealthcare

Fundings this week:

Virtual maternity support platform Pomelo Care scored $46 million in Series B funding. Lead investors are Andreessen Horowitz (a16z) and First Round Capital with participation from Stripes, BoxGroup, Operator Partners, and SV Angel. Pomelo’s markets for virtual fertility, pregnancy and newborn care from preconception through a baby’s first year services are employers, health plans and providers. The company claims 3 million covered lives across 46 states through their commercial and Medicaid health plan partners. Release, Mobihealthnews

Telemental health provider Marigold Health now has an $11 million Series A. Marigold is structured as an anonymous social network where people with mental health and substance use conditions provide peer-based support. Lead investors for the Series A are Rock Health and Innospark Ventures. Additional participants are the Commonwealth Care Alliance (CCA), Wavemaker360, Stand Together Ventures Lab, Epsilon Health Investors, Koa Labs, VNS Health Plan and KdT Ventures. Their substance use disorder (SUD) programs are currently available to 25,000 members in Delaware, Rhode Island, and Massachusetts. The new funding will be used for expansion to at least four additional states by the end of 2025. Release (Marketwatch), Mobihealthnews

Humata Health, which has developed AI-based technology to automate prior authorizations for payers and providers, closed an unlettered $25 million funding round. Lead investors are Blue Venture Fund (representing the majority of BCBS plans) and LRVHealth (representing nearly 30 health systems and payers), with participation from Optum Ventures, .406 Ventures, Highmark Ventures, and VentureforGood. The funding will be used to broaden its generative AI technologies, expand their provider base, and begin to partner with payers and delegated entities. Humata bought the base prior authorization technology from Olive AI out of its bankruptcy [TTA 31 Oct 2023]. Its founding chairman and CEO is Jeremy Friese, MD, who had been Olive AI’s president for their payer business after selling Verata Health, also in the prior authorization automation area, to Olive.  Release, FierceHealthcare

News roundup: VA extends Oracle Cerner for 11 months; Amwell founders swap jobs; Alphabet’s Verily pivots to Lightpath with GLP-1, retiring Onduo; UnitedHealth hasn’t notified on Change breach

To no one’s surprise, the Department of Veterans Affairs (VA) extended its contract with Oracle Cerner for another 11 months. This is per the new contract relationship that started last year, resetting from the original five-year contract that started in 2018 to five one-year terms, with mandatory annual reviews and renewals [TTA 18 May 2023]. Technically, the contract expired in May but VA extended it for one month as discussions continued over the next one-year term. This second option period expiring May 2025, according to the VA release, is focused on the following for the EHR modernization (EHRM):

  • Supporting the existing six facilities with the Oracle Cerner EHR
  • Achieving the goals of the reset and driving towards future deployments
  • Increased accountability across a variety of key areas, including minimizing outages and incidents, resolving clinician requests, improving interoperability with other health care systems, and increasing interoperability with other applications to ensure an integrated health care experience
  • Supporting value-added services, such as system improvements and optimizations
  • Achieving better predictability in hosting, deployment, and sustainment
  • Fiscal responsibility 

The plan is to resume site deployments in FY 2025, likely in year 2025, after reset goals are met. Seema Verma, Oracle Health’s new executive vice president and general manager, said that “VA’s intent to resume deployments in the next fiscal year is a significant milestone that reflects the hard work our collective teams have done to improve the system today, as well as confidence in our shared ability to continually evolve the EHR over time to meet the needs of both practitioners and patients.” NextGov/FCW, FierceHealthcare, Healthcare Dive, Oracle release

Is there much choice for the VA in the matter? Not really. VistA can be updated but remains non-interoperable with the Military Health System’s (MHS) Cerner-Leidos EHR. But can Oracle Cerner be fixed up and debugged to work for VA’s vastly different needs and smoothly deployed within the contract duration? That jury is still out in the view of the VA and Congress.

The Brothers Schoenberg swap positions at Amwell. Roy Schoenberg, MD, MPH, will transition immediately from his role as president and co-CEO to move to executive vice chairman of Amwell’s board of directors. Ido Schoenberg, MD, will become the sole CEO. The brothers co-founded the company in 2006. Ido’s quote closing the release is interesting in demonstrating the shift from investment without profits to getting on the path to profitability:  “This transition represents a natural evolution for our company as we shift from a period of intense R&D investment to an operational focus aimed at achieving greater efficiencies, optimizing cash flow and delivering profitable growth while maintaining our dedication to enabling our clients’ aspirations.” Roy is credited with developing Converge which is their next-generation integrated platform. If Teladoc is finding it difficult to transition from the stand-alone, transactional, urgent care service they and Amwell pioneered, into an evolved market that has incorporated virtual capabilities into multiple types of care models, whither Amwell’s future? More thoughts in TTA 2 May, 9 April

Alphabet (Google)’s once-visionary Verily now jumps on the GLP-1 bandwagon with Lightpath. Verily’s latest pivot to the highly trendy weight loss area is termed as a metabolic solution as part of a “personalized chronic care solution for health plans and members”.  Lightpath will start as Lightpath Metabolic, a four-part program that includes Metabolic Intensive (diabetes management), Weight Loss Intensive, Metabolic Improvement, and Metabolic Achievement. The Verily platform integrates data from health records, connected devices, and other care points to deliver “personalized pathways, suggestions, and nudges to health plan members” virtually along with health coaches and an advanced licensed clinical team. The current virtual chronic care management platform, Onduo, will be retired by 2025.

Once upon a time (2021, sigh), Verily was Google’s skunk works for advanced health tech with Google Health being the marketing and merchandising arm for clinical and consumer products. Google Health was broken up in August 2021 and Verily faded into the Alphabet background with the occasional joint venture and clinical pilots, with Onduo being their most marketable product. Google seems to have little direction for Verily other than to keep it alive. And given the competition plus a greater understanding of the long term effects of the GLP-1 drugs in the weight loss area, the GLP bandwagon is up for a shaky ride in the next year. Release, FierceHealthcare

And very strangely, UnitedHealth Group hasn’t notified Health and Human Services’ Office of Civil Rights (HHS-OCR) about the ransomware data breach at Change Healthcare, nor the individuals affected. The notification to OCR is required under HIPAA to be within 60 days of the date of the incident. UHG is over the deadline by two months, calculating from 21 February. CEO Andrew Witty wilted before double-barreled Senate and House hearings in May and UHG lost a fight to put the notifications for the breach onto providers [TTA 5 June]. Senators Margaret Wood Hassan (D-NH) and Marsha Blackburn (R-TN) sent a joint letter on 7 June to Andrew Witty, CEO of UnitedHealth Group, urging him to send a breach notification letter that notifies OCR, state regulators, Congress, the media, and health care providers that it intends to complete all breach notifications on behalf of all HIPAA-covered entities, individuals and businesses affected, by 21 June. That’s Friday. UHG continues to maintain that they still do not know the extent of the breach. The Medical Group Management Association (MGMA) also sent a letter to Mr. Witty on 12 JuneDon’t hold your breath for UHG sending millions of letters. Becker’s, HealthExec

News roundup: Change responsible for data breach notices; 37% of healthcare orgs have no cybersec contingency plan; health execs scared by Ascension breach; CVS continues betting on health services; Plenful’s $17M Series A

HHS agrees with providers that the data breach notification is on Change Healthcare, not them. Health and Human Services’ Office for Civil Rights (OCR) moved quickly to formally change the FAQs that kicked off the 100+ provider letter [TTA 23 May]. Now “Covered entities affected by the Change Healthcare breach may delegate to Change Healthcare the tasks of providing the required HIPAA breach notifications on their behalf.” “Covered entities” in this case refers to the providers. Only one entity–Change or the provider–“needs to complete breach notifications to affected individuals, HHS, and where applicable the media.” Providers must contact Change Healthcare for the delegation. 

Chad Golder, general counsel and secretary at the American Hospital Association (AHA) said in their statement, “As we explained then, not only is there legal authority for UnitedHealth Group to make these notifications, but requiring hospitals to make their own notifications would confuse patients and impose unnecessary costs on providers, particularly when they have already suffered so greatly from this attack.” HHS notice, Healthcare Dive

Meanwhile, UHG still does not know the extent of the breach which started in late February. Knowing the extent of the breach is needed to start notifications. It has not formally notified HHS of the breach long past the 60-day mandated window (see #3 in the HHS FAQs). This may create an ‘unreasonable delay’ (see #6). Not all Change systems are back up either–see the Optum Solutions page that has plenty of red Xs.

Only 63% of healthcare organizations have a cybersecurity response plan in place, leaving 37% without a plan. This is based on a survey of 296 IT/data security/management executive respondents working at healthcare organizations in the US performed by Software Advice, an advisory and consulting firm. Other findings:

  • Nearly 1 in 3 have had a data breach in the last three years
  • 42% of practices have experienced a ransomware attack, and of those, 48% say the attack impacted customer data
  • 34% failed to recover data after the ransomware attack
  • 55% of medical practices allow access to more data than employees need to do their job which makes them more vulnerable to attacks
  • While 41% of data breaches are attributable to malicious hacking, another 39% are due to malware, 37% are due to social engineering and phishing scams, 36% are due to software vulnerabilities, and 30% are due to employee error.

It would have been helpful if Software Advice in its report had broken down the type of practices surveyed. Healthcare Dive

Meanwhile, healthcare executives were ‘scared’ by the Ascension Health breach, as they should have been. Katie Adams’ piece in MedCityNews explores reactions from five different C-suite hospital executives about the recent attack on Ascension. The IT and data officers are from MD Anderson, Yale New Haven Health, CommonSpirit Health, Allegheny Health Network, and UPMC. The overall take was that threats are more common than ever, bad actors are abundant and getting better (using tools that can make amateurs into pretty good “bad actors” via “LLM products and have them help you build ransomware code.”), managing weaknesses in third-party vendors that live in the cloud is a Herculean task, phishing, and the need for ‘government’ to be involved. 

This Editor notes that the rush for providers into generative AI, given this environment, is perhaps premature. Yet here they go; researchers from Mount Sinai’s Icahn School of Medicine used structured data, such as vital signs, and unstructured data, such as nurse triage notes, to develop models predicting hospital admissions using ChatGPT-4. It supposedly can learn from fewer examples than other machine-learning models currently used and use data from traditional models. Becker’s

Ascension is slowly coming back, now projecting that all their locations will have their EHRs restored by the week of 14 June. Currently, only Florida, Alabama and Austin are up and running. Ascension Rx retail, home delivery and specialty pharmacy sites are now open as well. They will have some ‘splainin’ to do to HHS OCR. Ascension update site

CVS is confident in the future of its retail health despite their struggles with Minute Clinics and Oak Street.  Despite the struggle of retail health clinics at other providers such as Walgreens/VillageMD and the shutdown of Walmart Health, Sree Chaguturu, MD, CVS Health’s executive vice president and chief medical officer, expressed complete confidence at a recent industry conclave, thINc360 – The Healthcare Innovation Congress. This is despite the closures of dozens of Minute Clinics in Southern California and New England [TTA 31 May] out of their 1,100 total plus that CVS seeking an investment partner for Oak Street [TTA 29 May]. Dr. Chaguturu returned time and again to the 10,000-odd CVS Pharmacy locations and their leverage within communities, leaning very hard on the 5 million people coming in daily and the ‘opportunity for their pharmacists to engage’. As a CVS customer at a small location, those busy pharmacists aren’t engaging with me unless I have a script to fill or need an OTC decongestant that’s on the state signoff list due to an ingredient. In fact, CVS locations have rather few people nowadays, including behind checkout counters. Then again, it was a meeting speech. FierceHealthcare

Concluding on a brighter note, Plenful’s Series A came in at a tidy $17 million. Plenful developed and markets an AI-assisted workflow-automation platform for pharmacy and healthcare operations, claiming that it automates over 95% of the work for disparate administrative workflows. Features include 340B audit, document processing, contracted rates optimization and inventory planning, and pharmacy cycle revenue and reporting. Founded in 2021, the company has already lined up some impressive clients. Lead investor TQ Ventures was joined by Mitchell Rales (cofounder and chairman of Danaher), Susa Ventures, Waterline Ventures, and Bessemer Partners, the lead for last September’s $9 million seed funding for a total of $26 million. Crunchbase, Mobihealthnews

News roundup: 100+ medical orgs pile on Change/UHG; Teladoc hit with second class-action suit; Congress demands Oracle EHR improvement–or else; Transcarent intros WayFinding; Centivo buys Eden Health

The fallout from the Change cyberhack hangs like smog over UHG. On Monday, the American Medical Association (AMA), along with about 100 other signatories from nationwide medical associations including CHIME and AHIMA, sent a strongly worded letter to Health and Human Services Secretary Xavier Becerra. It requested a clear delineation of responsibilities for breach reporting requirements created by the 21 February Change Healthcare ALPHV/Blackcat ransomware attack. Reporting is required by HHS’ Office of Civil Rights (OCR) under HIPAA.

Specifically, the AMA letter requested 1) more public clarity around reporting responsibilities to patients for the data breach and 2) that all reporting and notification responsibilities will be handled by Change Healthcare, not the providers. “OCR should publicly state that its breach investigation and immediate efforts at remediation will be focused on Change Healthcare, and not the providers affected by Change Healthcare’s breach”. To date, this doesn’t seem to be OCR’s position.

  • The AMA and signatory organizations maintain that it “is the responsibility of the covered entity which experienced the breach—UHG—to fulfill its obligations in regard to reporting the breach to OCR, notifying each affected individual, as well as any further HIPAA breach reporting requirements that may be applicable, such as notifying state Attorneys General and media outlets.”
  • OCR, on the other hand, has gone on the record in April as stating in their FAQs that “while the covered entity is ultimately responsible for ensuring individuals are notified, the covered entity may delegate the responsibility of providing individual notices to the business associate. Covered entities and business associates should consider which entity is in the best position to provide notice to the individual, which may vary, depending on the circumstances, such as the functions the business associate performs on behalf of the covered entity and which entity has the relationship with the individual.” (Providers can be considered business associates)

In other words, the providers want the full responsibility of contacting patients, state attorneys general, media, and others (e.g. class action lawyers) to be Change Healthcare’s. They do not want to be forced to contact their patients and, in all fairness, at this point do not know which patients were affected because they are not privy to Change Healthcare’s information. UHG has not yet produced a breach report to OCR. AMA letter to Becerra, Healthcare Finance News

When the stock falls, blame the marketing spend! The latest class-action lawsuit filed against Teladoc blames the company for spending money in digital and other media advertising promoting BetterHelp, their telementalhealth unit. The suit cites Teladoc’s public statements such as a “long runway” for BetterHelp’s membership growth and that spending would be inefficient due to the saturated category. Yet spending increased in 2023. The lawsuit charges that this directly deteriorated the company’s revenue, leading to a substantial fall in its stock price. Charged are Teladoc, and at the time CEO Jason Gorevic and CFO Mala Murthy. Stary v. Teladoc Health, Inc. et al., was filed on May 17 in the US District Court for the Southern District of New York. No response yet from Teladoc. Docket on Justia, Mobihealthnews

The House and Senate Veterans’ Affairs Committees jointly introduce legislation on VA’s EHR modernization. The Senator Elizabeth Dole 21st Century Veterans Healthcare and Benefits Improvement Act would require the Department of Veterans Affairs to exercise even greater oversight of the Oracle Cerner implementation in these areas:

  • The quarterly reports to Congress would include additional quality metrics on user adoption, employee satisfaction, and employee retention/turnover where the Oracle Cerner EHR is introduced. This adds to existing required reporting on spending and performance.
  • Regarding additional rollouts, the VA secretary must certify that the sites are ready. He also must furnish corroborating data to Congress “demonstrating that all facilities currently using the Oracle Cerner EHR system have recovered to normal operational levels.”
  • If there is no improvement (presumably to this standard) at Oracle Cerner locations within two years of the bill’s enactment, the program will be terminated.
  • VA must also report on the status of VistA with details about “the operation and maintenance costs and development and enhancement costs” of the software and “a list of modules, applications or systems” within VistA that VA plans to retire or continue to use. 

HIStalk 17 May, NextGov/FCW

‘Not for sale’ Transcarent introduces an AI-assisted platform, WayFinding. The platform designed for end users of Transcarent’s enterprise health navigator combines generative AI with instant access to care providers to integrate benefits navigation, clinical guidance, and care delivery on a single platform. The personalized guidance enables the member to find a provider, find out costs, and guides to the best clinical action to take next. It then connects them to medical professionals or provides direct access into digital point solutions. It integrates information on details of the employer plan, ancillary benefits, the member’s medical history, and connection to clinical specialists. There is no information in the overly padded release on when the new platform will be available or how it will be offered to existing and new customers. This follows on Transcarent’s $124 million Series D funding two weeks ago.  FierceHealthcare, Mobihealthnews, TTA 8 May

Centivo acquires Eden Health virtual care. The purchase price was not disclosed. Centivo, headquartered in Buffalo NY, is  a health plan for self-funded employers. Eden, also providing services to employers, is a concierge provider that offers through a mobile app primary care, mental health, and care navigation services, plus workplace pop-up clinics. Eden also has technology that connects providers’ EMRs to their app. Eden’s services will be fully integrated into Centivo, which will enable it to expand to 50 states and increase from its current 120 employer base to 160. The combined organizations cover about 2 million eligible patients in companies ranging from Fortune 100 size to small businesses. Eden’s CEO will serve as a senior advisor to Centivo, but there is no other indication of employee transition.  Release, FierceHealthcare

News roundup: UHG CEO’s Bad Day at Capitol Hill; Kaiser’s 13.4M data breach; Walgreens’ stock beatup; Cigna writes off VillageMD; Oracle Cerner shrinks 50%; Owlet BabySat gets Wheel; fundings for Midi, Trovo, Alaffia, Klineo

It was a Bad Day at Boot (Capitol) Hill for UnitedHealth Group’s CEO Andrew Witty. On May Day, he was the Man In The Arena facing two Congressional grillings–the first from the Senate Finance Committee in the morning, and the second in the afternoon from the House Energy and Commerce Committee’s Subcommittee on Oversight and Investigations. The precipitating event was the Optum/Change Healthcare data breach and system hacking by ALPHV/BlackCat, a disruption which is as of today not fully resolved.  Millions of patients may have had data stolen and exposed–a number that has yet to be determined, but an outcome for which UHG, while paying the ransomwaristes, has prepared. Already, the VA has notified 15 million veterans and families of that possibility.

This Editor will be linking below to multiple articles and Mr. Witty’s prepared testimony. Interested Readers can also refer to YouTube for extensive links to video testimony. Highlights:

  • Both houses criticized the slow response and amount of financial assistance given to providers after the shutdown of Change’s systems prevented (and still is preventing) timely claims processing and payment. While ‘near normal’ volumes of medical claims and 86% restoration of payment processing sounds good, that leaves a lot of wiggle room on over two months of totally disrupted processing and payment. The billion or so cited sounds impressive but much of this is in loans. Most practices and groups simply do not have the financial cushion or billing skillset to bridge this disruption, to pay back loans, or to bookkeep this.
  • Also criticized at this late date was UHG being unable to determine how many individuals had PHI exposed in the breach.
  • As to cause, the description of UHG finding that surprise, surprise, Change’s systems were way out of date, stored on physical servers versus the cloud, and used Citrix remote access without multi-factor authentication (MFA) was utterly savaged. According to Mr. Witty, ALPHV after days of knocking around got in on the one server that did not have MFA authentication.

The blunt fact is that UHG had close to two years (January 2021-Oct 2022) before the buy closed. Due diligence consisting of a full audit had to have been done on Change’s IT systems. They processed what UHG wanted to buy. In this Editor’s estimation, Job #1! for UHG should have been ensuring that Change’s systems were hardened, then upgrading to what Mr. Witty called UnitedHealth’s standards. This Editor will go further. A minimum requirement for the sale should have been security hardening. There was time before the closing.

Senator Thom Tillis, R-North Carolina, had the best riposte. He brought a copy of “Hacking for Dummies” to the hearing, highlighting MFA. I doubt he was much moved by UHG now bringing in cybersecurity company Mandiant to both investigate and harden their systems, nor by UHG having to pay ransom, without knowing whose data was compromised.

  • Beyond the breach, UHG was called ‘monopolistic’ by both Republican and Democrat Members. There were calls to break up UHG as not ‘too big to fail’. UHG has grown by acquisition and consolidation of services. As this Editor has speculated, this is likely coming to an end with the new, much more stringent Merger Guidelines. This sentiment paints a large, unmissable target on UHG’s back for aiming FTC’s and DOJ’s missiles. (DOJ also has a huge score to settle with UHG dating back to the failure to block the Change sale.)

By the end of the day, Mr. Witty looked quite the worse for wear–tie and collar askew, slightly sweaty, versus the perfect poses of the various Members. Becker’s, FierceHealthcare, Axios, HealthcareDive    Mr. Witty’s Senate testimony statement, House testimony statement

Speaking of data breaches, Kaiser Permanente reported a big one to Health and Human Services (HHS). This relates to ad tracker information shared with third-party advertisers such as Google, Microsoft, and X. Kaiser used it in secured areas of their website and mobile apps. Information disclosed could be name and IP. Kaiser reported it on 12 April but only disclosed on 25 April that 13.4 million records may have been affected. The ad trackers have since been removed. TechCrunch, FierceHealthcare 

Walgreens stock not recovering. April was WBA’s worst month in five years and May is no better, with the stock muddling around $17.50. The month slid around 18%. Their 52-week high was $33. As of now, CEO Tim Wentworth’s actions such as closing locations and writing down VillageMD haven’t convinced Mr. Market of WBA’s worth, but in fairness it’s early in his tenure. In the Insult to Injury Department, it was revealed that the IRS is seeking to claw back $2.7 billion in unpaid 2014-2017 taxes. Crain’s Chicago Business

Cigna is also writing down its interest in VillageMD. Almost forgotten is that in late 2022, Cigna invested $2.5 billion into VillageMD. They have now written down $1.8 billion of that ‘low teens’ ownership. The planned tie was connecting Village Medical into Evernorth, Cigna’s medical services area. It was also supposed to provide Cigna with an annual return on investment, but one assumes it did not. The writeoff threw Cigna’s Q1 into the red with a net loss of almost $300 million versus a prior year profit of $1.3 billion, despite a strong quarter that grew revenue 23% versus prior year to $57.3 billion. Healthcare Dive

Oracle Health has been successful–in shrinking Cerner by close to half. Records of employment at Cerner’s Kansas City-based operation have declined from 11,900 people in 2022 (Kansas City Area Development Council) to a current 6,400 (internal documents). Cerner itself reported 12,778 local full-time-equivalent employees in 2022. Oracle had multiple layoffs of Cerner affecting Kansas City workers and has consolidated multiple office buildings and campuses. Becker’s

In more cheerful news:

Baby monitor Owlet announced a strategic partnership with Wheel for Owlet’s BabySat. BabySat is Owlet’s FDA-cleared prescription vital signs monitor for infants 1-18 months. Wheel clinicians can now prescribe BabySat which enables parents to order BabySat from Owlet and other suppliers. With Wheel, BabySat also integrates with durable medical equipment (DME) suppliers who accept and can bill for the product through many insurance providers for partial or full reimbursement. Wheel is a virtual care platform and physician/nurse-practitioner online network available direct to consumer and to enterprises. Owlet release

And rounding up funding:

MidiHealth closed a $60M Series B funding. This was led by Emerson Collective with participation from Memorial Hermann, SemperVirens, Felicis, Icon Ventures, Black Angel Group, Gingerbread Capital, Able Partners, G9, and Operator Collective for a total of $99 million in funding. Midi provides virtual support for women going through peri- and full menopause. The fresh funding will help them expand national insurance coverage, hire and upskill an additional 150 clinicians by end of year, diversify service lines, and scale to care for 1 million+ women per year by 2029. Release

Trovo Health launched with $15 million in seed funding, led by Oak HC/FT. The NYC-based AI-powered provider task assistance platform will use the funding to build its technology platform, clinical operations, and leadership team. Mobihealthnews 

In the same roundup, NYC-based Alaffia Health scored a $10 million Series A round. This was led by FirstMark Capital with participation from Aperture Venture Capital. Alaffia creates generative AI solutions for payment integrity in health insurance claims operations, with the aim of eliminating insurance fraud, waste, and abuse for health plans, third-party administrators, self-insured employers, stop-loss carriers, and government agencies. Their total raise to date is $17.6 million. Paris-based Klineo also raised €2 million for its oncology clinical trials search platforms, assisted by AI, for the use of doctors and patients. BPIFrance and business angels participated in the round.

Midweek news roundup: Optum exiting telehealth, laying off; Advocate Health selling MobileHelp; VA notifying 15M veterans re Change PHI breach, Oracle moving to Nashville–maybe? (updated)

Optum Virtual Care closing, staff layoffs in progress. Optum Everycare CEO Jennifer Phalen on an 18 April internal conference call announced that the unit would close. According to sources, some employees would have layoff dates in July. No further details were available on other layoffs or plans for integrating Virtual Care’s capabilities into other Optum units, except for generalities. “We are com­mit­ted to pro­vid­ing pa­tients with a ro­bust net­work of providers for vir­tu­al ur­gent, pri­ma­ry and spe­cial­ty care op­tions,” and “We con­tin­u­al­ly re­view the ca­pa­bil­i­ties and ser­vices we of­fer to meet the grow­ing and evolv­ing needs of our busi­ness­es and the peo­ple we serve.” a spokesper­son for Unit­ed­Health said to End­points, a biopharma publication from the University of Kansas which broke the story.

For Optum, this is the second shoe drop about layoffs and closures in less than two weeks. Reports from social media and layoff-specific boards indicated that thousands were being laid off, from their plans to urgent care and providers [TTA 23 Apr]. These were not confirmed by Optum nor by UnitedHealth Group. It’s not known if this unit’s closure was included in the total. 

The larger picture is that it is symptomatic of the sudden growth, then equally sudden consolidation, of general telehealth. Optum opened the unit in April 2021 as the pandemic entered year 2. Utilizing existing capabilities, UHG claimed it facilitated more than 33 million telehealth visits in 2020, up from 1.2 million in 2019. The number looks sky high but in that time of practices closing it was a free-for-all in telehealth–and ‘facilitating’ is a nebulous catchword that could mean a practice using Facetime, telephones, or an EHR/population health platform module. Commercial claims for telehealth have remained at 4 to 5% since (FAIR Health, Jan 2024). Even during the pandemic’s first year, telehealth claims hit a peak of 13 percent in April 2020 that dropped fast to 6% by August 2020. Well over 60% are for behavioral telehealth claims.

A leading indicator: Last June, Optum Everycare’s CEO from their 2021 start, Kristi Henderson, a former Optum SVP for digital transformation, departed to become CEO of Confluent Health, a national network of occupational and physical therapy clinics. It was about as far away as one could get from telehealth, digital transformation, and Amazon Care, her former employer that expired in 2022.

Apparently, UHG and Optum see no further need for a virtual care specialty unit, instead integrating it into plans and other Optum services. According to MedCityNews, industry analysts aren’t surprised. Both Amwell and Teladoc have had well-known struggles. The latest: Walmart, after investing millions into their unit that included full clinics and a virtual care service, also made news on 30 April that it is closing both. Also greatly on UHG’s mind: cleanup after the Change debacle, making Mr. Market happy, and the looming antitrust action by DOJBecker’s, Healthcare IT News, 

In another sign that healthcare investors are selling off ancillary businesses, Advocate Health is selling PERS provider MobileHelp. It “no longer fit the strategic priorities of Advocate Health” according to their 22 April audit report (see document pages 10 and 13) and was authorized last December.

Advocate, through its investment arm Advocate Aurora Enterprises, acquired both MobileHelp, one of the earliest mobile PERS, and sister company Clear Arch Health, a remote patient monitoring provider, in April 2022. Cost was not disclosed at that time but later was reported to be $290.7 million. The plan at the time was to combine both MobileHelp and Clear Arch with a senior care/home health provider earlier acquired by Advocate for $187 million, Senior Helpers. That company was sold in March to Chicago-based private equity firm Waud Capital Partners for an undisclosed amount. The MobileHelp sale is expected to close later this year. Buyer and price are not disclosed. The expected loss on the MobileHelp sale was figured into FY 2023 as part of an asset impairment write-down of $150 million, which Advocate said was “related to the expected loss on the sale of MobileHelp.” The PERS and RPM business is a largely consolidated ‘cash cow’ type of business that (Editor’s prediction) will be snapped up by another player like Connect America, Alert One, or a smaller player like ModivCare. Milwaukee Business Journal, Becker’s, Crain’s Chicago Business (requires subscription)

VA admits that some veterans may be affected by Change Healthcare data breach, PII/PHI disclosure. While Department of Veterans Affairs Secretary Denis McDonough at this time believes that “there’s no confirmation yet” that veteran data was exposed, the scope of the Change Healthcare breach has led VA to formally alert via email 15 million veterans and their families of the possibility. The email also included information “about the two years of free credit monitoring and identity theft protection” that Change Healthcare is offering to those affected by the attack. The VA maintains that the attack resulted in only a temporary delay in filling 40,000 prescriptions but did not cause “any adverse impact on patient care or outcomes,” according to a department spokesman. NextGov/FCW 26 April, 23 April 

In related news, HHS as of 19 April had not received any notification from Change Healthcare nor UHG. They are required to file a breach report as providers and also as covered entities. They have 60 days from the breach occurrence on 21 February to report, which is coming right up. Becker’s

If Larry said it, it must be true…assemble the moving boxes. At an Oracle conference in Nashville last week, Oracle chairman Larry Ellison said to Bill Frist of investment firm Frist Cressey Ventures that he planned to move the company to that city as “It’s the center of the industry we’re most concerned about, which is the healthcare industry.” It’s their second public Larry and Billy meetup in the last few months, the last in November at the Frist Cressey Ventures Forum where Ellison had previously touted Nashville. Ellison is investing in and building a 70-acre, $1.35 billion campus on Nashville’s riverfront. Oracle is currently HQ’d in Austin, Texas having moved in 2020 from Redwood City, California but with extensive facilities remaining in the state. Texas and Tennessee have one thing in common–a superior business climate. Both are long on lifestyle, though Austin is not as temperate (read, hot) as Nashville. What Nashville has that Austin doesn’t is being a healthcare hub. At least in Ellison’s view, healthcare is where it’s at and so is Nashville. So as long as he’s running Oracle from his manse on Lanai, Oracle does what Larry says. Healthcare Dive, Healthcare IT News, The Tennessean

More fun facts about Larry Ellison and Nashville: David Ellison, his son, is founder of Skydance Media, a major Hollywood production company (Mission: Impossible and others) and negotiating a zillion-dollar merger with Paramount Pictures. David’s wife is a singer trying to make it in Music City and they have a home there. Kind of like the age-old trend of moving the HQ near where the CEO’s living. On moving the HQ to Nashville from Austin, this would affect perhaps 2,500 workers based there currently. Most of Oracle’s workers are dispersed and work remotely. 6,400 of former Cerner-ites are still in Missouri and 7,000 remain in California. Big hat tip to HIStalk—scroll down and see more about Larry and Billy’s talk, which also covered cybersecurity, the NHS (which uses Cerner), and automating hospitals and the hospital-payer interface.

Breaking: UnitedHealth admits to paying ransomwareistes on Change stolen patient data (updated)

Admitted, finally, to CNBC on Monday. UnitedHealth told CNBC in a statement. “A ransom was paid as part of the company’s commitment to do all it could to protect patient data from disclosure.” UHG’s release alludes to this but without specifics as to what entity was paid (ALPHV? RansomHub?) nor the amount. It vaguely states that it reviewed 22 screenshots “some containing PHI and PII, posted for about a week on the dark web by a malicious threat actor” and that “it is likely to take several months of continued analysis before enough information will be available to identify and notify impacted customers and individuals”. This seems to point to the most recent RansomHub offer of 4TB of Change Healthcare PHI/PII for sale, not the original breach, but UHG’s information is inconclusive for the reader. Also Becker’s.

However, the admission that Change files were breached and a ransom was paid is substantial and points to multiple leaks of the PHI and PII on multiple sites. Despite no identification and notification of customers yet, UHG is offering a support hotline to individuals concerned about the cyberattack, offering free credit monitoring and identity theft protections for two years plus “emotional support.”

Another fun fact that DataBreaches.net points to in its short article is that the Wall Street Journal (also cited by TechCrunch) said that its research indicated that the original breach came from stolen remote access credentials. It took only a week for ALPHV’s hackers to explore the system before deploying the cyberransom and hacking software through Change’s systems. Updated: the WSJ pins the original breach to 12 February but the hackers didn’t ‘detonate’ the ransomware till 21 February. Also multi-factor authentication is standard operating procedure for remote access, but MFA wasn’t enabled on this.  Developing and will be updated. Our article posted on Monday here with links to our prior articles.

Who really has the 4TB of Change Healthcare data 4 sale? And in great timing, Optum lays off a rumored 20K–say wot?

The data is for sale! And the top does not go down, but the price definitely goes up! That old antique auto auction cry is paraphrased here because the 4TB of patient data hacked from Change’s systems is up for sale, since Change/Optum didn’t buy it. Interested parties should stroll over to the dark web and see RansomHub’s listing for details.

Unlike some news sources that got confused, this apparently is the same 4TB that BlackCat/ALPHV affiliate ‘notchy’ stole (technically, exfiltrated) posted about on a dark web site shortly after the attack [TTA 7 Mar]. According to those early reports, ‘notchy’ was dissatisfied that he didn’t get a cut of the $22 million ransom that Optum supposedly paid the BlackCat/ALPHV group.

For their $22 million ransom, which Change has not, repeat NOT, confirmed, ALPHV gave Change a decryptor key. But, they didn’t have the good manners to 1) return the stolen data to Change or delete it, which included highly sensitive data from multiple Change customers including active military PII (from Tricare), patient PII, payment and claims data, and much more, and 2) pay a cut to the affiliate. And then ALPHV shut down and ran out of town.

Here’s the latest updates from DataBreaches. net

Over a month later, an outfit called RansomHub posted, again on the dark web, that it has the 4TB of data. 

As reported here on 10 April, there was an announcement on the RansomHub website, not signed by ‘notchy’, that if Change wasn’t interested in paying for the data, it would be up for sale. There was some confusion, based on a WIRED report, that this was a second breach. The RansomHub information seemed to point to only ‘notchy’s’ data.

DataBreaches followed up with RansomHub to 1) verify they had the data, asking if 2) was it ‘notchy’s data’, and 3) how did RansomHub obtain it if not ‘notchy’? RansomHub also leaked some screenshots of  2011-2013 Medicare claims data. This old data raises even more questions on why this data was even available online and not stored offline…unless…. RansomHub’s 15 April posting included this statement, “The more we go through the data the more we are shocked of the amount of financial, medical, and personal information we find and it will be more devastating than the first attack itself.” 

By 16 April, DataBreaches reported that the listing read:

Change HealthCare – OPTUM Group – United HealthCare Group – FOR SALE

The data in now for sale. Anyone interested in the purchase should contact RansomHub. 

But does RansomHub actually have it? Are they ‘notchy’, in it with ‘notchy’, brokering ‘notchy’, or is it a second 4TB breach? Stay tuned.

Thousands at Optum won’t care one way or another. Reports since last Thursday have been that first hundreds, then thousands, then up to 20,000, have been laid off. These are based on social media postings on LinkedIn and boards like The Layoff where anyone can post. Optum has not confirmed any layoffs to industry media such as FierceHealthcare and Becker’s Hospital Review / Becker’s ASC Review which published reports starting last Friday. Federal and state WARN notices, which usually confirm mass layoffs by state, have been oddly empty. 

Across the reports, Optum has laid off staff from their California care division (400), home health provider Landmark Health (500), urgent care MedExpress (all as of 18 July), Genoa (OptumRx-unknown). Notices range from immediate, to two weeks into May, and forward. Types of jobs eliminated have been at all levels of regional and corporate, affecting engineers, care management, clinical, case directors, data operations, and integration managers. This LinkedIn post claims up to 20,000. Optum’s silence has let the rumor mill run overtime.

CMS has lowered Medicare Advantage reimbursement, but other insurers factored this in earlier this year. The major whack was the Change Healthcare cyberattack. Though the public posture of UnitedHealth Group is that most of the systems are back or being worked around, the financial truth is that the Change disaster will cost them $1.6 billion in 2024 as announced last week. It does lead one to wonder about how mighty UHG, on an acquisition tear for years through today, always doing well and pleasing Mr. Market, got quite so overstaffed. How would it be overstaffed by thousands or the rumored 20,000 who are suddenly, dramatically unnecessary? That may boost the stock, but it gives the Feds yet another ax to grind, what with the House savaging an absent UHG on the cyberattack handling and their payments to providers [TTA 18 April], DOJ taking a hard cold look into UHG’s business practices, specifically around antitrust between the payer group and Optum [TTA 6 Mar], and approvals for the Amedisys buy stalling.

Here’s a view at variance, not about the layoffs but about how UHG is really doing. STAT’s analysis of UHG’s financial report is that the Change losses barely dent the overall picture and won’t affect 2024 earnings. Q1’s loss was mostly the Brazil writedown. It also confirmed that CEO Andrew Witty had a certain gall to say in prepared remarks that the Change situation would have been so much worse had they not been owned by UHG. Mr. Witty will have some ‘splainin’ to do before the House and the Senate, 30 April and 1 May, respectively.

News roundup: Congress hammers absent UHG on Change cyberattack–and more; 10% unhinged at Hinge Health; Steward Health nears insolvency; Two Chairs $72M Series C

UnitedHealth Group facing direct Congressional criticism–and didn’t show up to answer it. The House Energy and Commerce Committee held a hearing yesterday on the BlackCat/ALPHV cyberattack on UHG/Optum’s Change Healthcare systems. Representatives of the American Hospital Association, which we noted led the earliest efforts to assess the situation, help health systems, and then lobby Health and Human Services to assist providers, the College of Healthcare Information Management Executives, and the Healthcare Sector Coordinating Council testified to a restive group of House representatives. Though reports have said that UHG had previously briefed the committee and CEO Andrew Witty will appear before the Senate Finance Committee on 30 April, both Republicans and Democrats didn’t spare the criticism. Other issues, such as healthcare provider consolidation, cybersecurity coordination, and vertical integration through acquisitions as represented by UHG and Change, entered into the hearing. And it went pretty far. Rep. Buddy Carter (R-GA): “The FTC has failed the American people by allowing vertical integration to happen, and it needs to be busted up.” Rep. Anna Eshoo (D-CA): “The attack shows how UnitedHealth’s anti-competitive practices present a national security risk because its operations now extend through every point of our healthcare system,” and called it “outrageous”. 

The current administration’s proposed $800 million investment in hospital cybersecurity protections was typed as “woefully insufficient.” 

Returning to the main issues, Larry Bucshon, MD (R-IN) stated that both the government and private companies were slow in assisting providers. John Riggi, AHA’s national adviser for cybersecurity and risk testified that “The federal government did not step in for weeks. Needed flexibilities under Medicare were not immediately available. It took 18 days for CMS to begin allowing providers to apply for advancing accelerated payments.” On how it affected providers, 94% of respondents in an AHA provider survey felt a financial impact from the attack, over half reported a “significant or serious” impact, and 74% of hospitals reported a direct effect on patient care. Payers are resisting advanced payments. UHG was even accused of exploiting the cyberattack to purchase additional practices by Rep. John Joyce, MD (R-PA). Becker’s, Chief Healthcare Executive, STAT

This Editor has previously noted that UHG is taking a $1.6 billion charge for the cyberattack and is separately facing a DOJ investigation on multiple antitrust issues between the payer group and Optum, including their Amedisys buy [TTA 6 Mar]. UHG is also facing multiple class-action lawsuits from practices currently and expected from patients affected by the theft of PHI and PII [TTA 28 Mar]. It’ll be a busy spring and summer for UHG’s legal department.

Hinge Health cuts 10% of staff. Reasons given were the standard tropes of ‘long-term sustainable business’, ‘accelerate our path to profitability, speed up decision making, and better focus our investments’ plus ‘realign our organization’. Their employee group is estimated at 1,700 on LinkedIn, making this about 170 staff released in various functions including engineers. The company is preparing for an IPO, which may not be this year, since they claim to have $400 million in cash on the books. Hinge’s last raise was an October 2021 $400 million Series E led by Tiger Global and Coatue Management for a total funding of $826.1 million over 10 raises (Crunchbase). At that time, their valuation was a bubbly $6.2 billion. Their virtual musculoskeletal rehabilitative therapy for back and joint pain care has since then expanded to rehab for pelvic pain, bowel, and bladder control. TechCrunch  As predicted in our Rock Health Q1 review, Hinge is a perfect example of companies “pursuing IPO and M&A exit pathways concurrently to keep options open” by presenting their financials as if they were already public companies. 

Steward Health Care nears bankruptcy court. And the Optum buy of Stewardship Health practices won’t save it in time. Steward’s lenders are giving the health network until the end of April–two weeks away–to prove it can repay its considerable debts. Its recovery plan which included the Stewardship sale has been criticized as unworkable given the volume of debt and the regulatory implications of selling their hospital assets. The Optum acquisition is required to undergo a 30-day review by Massachusetts’ Health Policy Commission (HPC)–and while it was announced at the end of March, it had not started by mid-April. Given UHG’s other problems and scrutiny of practice purchases by the DOJ and FTC, Optum may walk away or wait. No purchase price had been announced but it would be a drop in a bottomless well anyway. The mounting problems of Steward Health Care are detailed in Healthcare Dive’s analysis.

And to end on a more optimistic note, Two Chairs, a telemental health provider out of San Francisco, scored a $72 million Series C. Lead investors are Amplo and Fifth Down Capital with debt financing from Bridge Bank. The new raise, majority equity, brings Two Chairs’ total funding to $103 million. Their hybrid virtual and in-person therapy model is available at present in California, Florida, and Washington and markets to consumers, payers (Aetna nationally, Kaiser Permanente in Washington and Northern California), providers, and employers. The company states it will use the fresh funding to expand its markets and improve its technology platform. Currently, they have more than 500 clinicians on staff, most of whom are full-time. Their differentiator in the crowded telemental health category is their emphasis on measurement-based care, aided by a “matching consult,” facilitated by a proprietary 300-variable algorithm that creates the right therapist-client match (the ‘two chairs’ of the company’s name), which studies indicate is the most important factor in determining a good outcome.  Release, FierceHealthcare, MedCityNews

Mid-week short takes: UnitedHealth’s $1.2B Q1 loss from Change attack, another Walgreens layoff, Dexcom-MD Revolution partner, Kontakt.io $47.5 raise, GeBBS Healthcare may sell for $1B

UnitedHealth Group rang up Q1 revenue of $99.8 billion, with adjusted earnings from operations $8.5 billion, but had a net loss of $1.22 billion (WSJ). (Ed. note–Becker’s has $1.4 million) The loss was created not only from the cyberattack on Change Healthcare’s systems ($0.74/share) but also a $7 billion charge due to the sale of UHG’s Brazil operations.

  • Q1 revenue was up $7.9 billion versus same quarter 2023.
  • Their year 2024 forecast of the damage done by the ALPHV cyberattack on Change is $1.6 billion ($1.15 to $1.35 per share).
  • Optum’s Q1 revenues of $61 billion grew by $7 billion over prior year, led by Optum Health and Optum Rx due to continued strong expansion in the number of people served

Someone at HIStalk did some counting and noted that the Optum Solution Status dashboard for Change Healthcare shows 109 of 137 applications remain down, not much different than when we eyeballed it on 3 April. CNBC, UHG release, HIStalk, Becker’s, MSN/WSJ

Walgreens continues to cut staff–this go-around, it’s corporate support center employees both in Chicago and working remotely. No total was provided by the Walgreens spokesperson contacted by Crain’s Chicago Business. This adds to 900 corporate staff laid off in several waves earlier this year and last fall, VillageMD staff due to 140 closures, and 646 distribution center staff laid off last month. Walgreens stock is down 33% this year. 

In cheerier news, Dexcom is partnering with remote patient monitoring (RPM) provider MD Revolution to add its continuous glucose monitoring (CGM) system to MD Revolution’s RPM platform. MDR is a startup company marketing its RPM platform to large practices, health systems, and healthcare organizations. Current raises date back to 2015 totaling under $60 million mostly from venture round funding (Crunchbase). Release

Inpatient data analytics company Kontakt.io raised a Series C investment of $47.5 million, led by Growth Equity at Goldman Sachs Asset Management (Goldman Sachs). This adds to a modest $21.5 million from various investors from 2013 to 2022 (Crunchbase). Kontakt provides patient flow analytics to health systems to optimize patient, staff, and resource flows, improving safety, coordination, and service delivery. It uses a combination of RTLS property tracking, cloud, and AI to provide real-time location data and orchestrate staff, equipment, and clinical spaces around a patient’s care journey. The additional funds will be used for sales expansion and AI development. HIStalk, Release 

GeBBS Healthcare Solutions on the block, may fetch $1 billion. The LA-based business process outsourcing (BPO)/revenue cycle management (RCM) company, currently owned by ChrysCapital of New Delhi, is on the market for a reported $800 million to $1 billion. This would be a tidy payday for ChrysCapital which back in 2018 acquired an 80% stake in GeBBS for $140 million with a valuation then of $175 million. ChrysCapital is India’s largest home-grown PE investor. Economic Times-India Times, HIStalk

News roundup: Now Clover Health faces delisting; BlackCat/ALPHV affiliate with 4TB of data puts it up for sale; $58M for Biolinq’s ‘smallest blood glucose biosensor’

Clover Health takes another pass at Nasdaq delisting. Once again, Clover’s Class A shares (CLOV) have been trading with an average closing price of below $1.00 over a consecutive 30 trading-day period, which violates Nasdaq’s continued listing minimum price criteria for the Nasdaq Global Select Market. This was announced in their most recent 8-K filed with the SEC 2 April. Clover has until 30 September to remedy the situation. An additional 180-day period may be elected if Clover transfers to the Nasdaq Capital Market. FierceHealthcare, Becker’s

The delisting is a rerun of their situation last year at this time. Clover considered a reverse stock split to be approved by shareholders but the share price improved on its own and the action was not necessary. This year, it may be. Clover is currently trading at $0.7365. Last August, it hit a high of $1.55 before sliding to below $1.00. An example of a SPAC through Social Capital Hedosophia Holdings, it hit a high of over $15 on 8 January 2021 before cracking that year based on revelations that Clover did not reveal a Department of Justice investigation starting the prior year, which prompted an SEC investigation [TTA 9 Feb 2021], triggering seven shareholder lawsuits that were not settled until December 2023. Clover Health exited the advanced value-based primary care program, ACO REACH, at the end of the 2023 performance year after two years to focus on their Medicare Advantage and Clover Assistant businesses [TTA 6 Dec 2023]. Financially, Clover closed 2023 with revenue of $2.033 billion (down from 2022’s $3.5 billion), net loss of $213.4 million, and an adjusted EBITDA loss of $44.7 million, with the losses improved over 2022. Clover release 

As predicted, 4TB of Change Healthcare data is up for sale. In a typical ransomwareiste move, the affiliate making nasty comments about BlackCat/ALPHV and claiming it had 4TB of data now has put the specs out on a dark web site called Ransomhub. The post first accuses ALPHV of stealing the $22 million ransom paid by UnitedHealth Group and not sharing it with the affiliate. It then claims it has highly sensitive data from multiple Change customers including active military PII (from Tricare), patient PII, payment and claims data, and much more. If Change/UHG isn’t interested, it will be up for sale to the highest bidder. Readers will recall the claims of ‘notchy’ early in the Change Healthcare attack [TTA 7 Mar] though UHG has not confirmed any payment to ALPHV. The demand for payment for the 4TB of data that ‘notchy’ claimed to possess was hardly unexpected. DataBreaches.net

A non-invasive “smallest ever” transdermal biosensor in development may turn the CGM business upside down. Biolinq’s latest round of $58 million will fund a pivotal clinical trial and FDA submission of its intradermal glucose sensor. The funding was led by Alpha Wave Ventures, with participation from Niterra’s corporate venture capital fund jointly operated with Pegasus Tech Ventures and existing investors RiverVest Venture Partners, AXA IM Alts, Global Health Investment Corporation, and four others, for a total since 2014 of $254 million. Crunchbase Current blood glucose sensors penetrate the skin with tiny needles. The Biolinq biosensor uses electrochemical sensors to measure glucose levels from the intradermal space just beneath the surface of the skin, on top of the capillary layer avoiding scarring. To access the intradermal layer, the sensors must be “200 times smaller than a human hair filament” according to Biolinq CEO Rich Yang. It also can combine blood glucose information with relative levels of activity in one device to eventually measure other analytes. The device as currently designed displays key information directly on the sensor–yellow light for high blood glucose, blue for normal. Release, MedCityNews

Mid-week news roundup: US offers $10M for BlackCat/ALPHV info; most Change systems still down; Risant closes Geisinger buy; SureScripts exploring sale; DarioHealth 2023 revenue -23%; Amazon Pharmacy same-day delivery NYC and LA

US State Department pays well for Big Breach information. Interestingly, this US agency through the Diplomatic Security Service has a special program, Rewards for Justice (RFJ), for cyberattacks that are deemed “malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA)”. The activities of the now-disappeared (ha ha!) BlackCat/ALPHV  ransomware-as-a-service (RaaS) group, identified on 29 February as the culprits in the massive Change Healthcare/Optum system takedown, are now listed as qualifying for a reward, presumably as disruptive to US healthcare and not just UnitedHealth Group. Contact Rewards for Justice via the Tor-based tips-reporting channel at: he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad.onion (Tor browser required). That is, if you dare! Rewards for Justice release, Becker’s

Six weeks later, most Change services are still X-d on the Optum Solution Status page. A quick rundown of the hundred or so programs that Change provides to enterprises has a long line of Xs with some triangles containing ! (partial outage) or yellow boxes (degraded performance). The green checkmarks are clustered in high-priority areas such as pharmacy solutions and clinical decision support. Otherwise, they are scattered across categories. The summary on the top of page (dropdown) lists workarounds for specific programs such as batch processing and transitioning over to Optum systems unaffected by the attack. This Editor bets that most of these Change legacy systems will come back only partially if at all–many will be abandoned and replaced by Optum systems. Hat tip to HIStalk 29 March

Risant Health, the non-profit community hospital system founded by but separate from Kaiser Permanente, has closed its acquisition of Pennsylvania-based Geisinger Health as of 2 April.  Jaewon Ryu, MD, JD, currently Geisinger’s president and CEO, will move to CEO of Risant Health, with Terry Gilliland, MD, replacing him at Geisinger. The Risant plan announced last April is that Kaiser will fund $5 billion to Risant, which will acquire now four or five health systems over the next four to five years. The health systems will retain their names and operational areas. The purpose of Risant is to bring community systems it acquires greater access to capital, technology, and resources for facility improvements, innovation, and investment in patient care. Keeping an eye on 109-year-old Geisinger. Risant release

Mega e-prescription system Surescripts is exploring a sale. Silicon Valley investment bank TripleTree is handling the search for buyers. Currently, Surescripts is owned 50% by CVS Caremark and Cigna-owned Express Scripts, with two trade groups, the National Association of Community Pharmacies and the National Association of Chain Drug Stores, owning the other 50%. It isn’t disclosed in the Business Insider ‘reveal’ what group(s) is interested in selling all or part of its ownership. Since Surescripts holds 95% of the e-prescribing market, any buyer or investor would need be mega flush to buy into it. 

DarioHealth didn’t have a great 2023. Net revenue was down 23% versus 2022: $20.4 million to the prior year’s $27.7 million. The chronic condition management company managed to narrow its 2023 net loss of $59.4 million from $62.2 million in 2022. A lot of the problems seemed to center on their Q4, with net revenue that declined to $3.6 million from $6.8 million in Q4 2022 and a net loss that increased to $14.3 million from $12.6 million in Q4 2022.  Dario’s gross profits for 2023 were down 38% to $6 million, a decrease of 38% versus 2022’s $9.7 million. The changing financial picture was attributed to a new private label platform with Aetna launching in 2024, changing from a B2C to a B2B2C model, and February’s “transformational acquisition” of Twill (Happify) in telemental health. As this Editor noted then, it was a feat of funding legerdemain that rivaled a Frank Lorenzo deregulation-era airline acquisition. Their information around 2023 earnings isn’t much different. Dario provides a combined app and in-person approach to musculoskeletal (MSK) therapy, diabetes (including GLP-1 drugs), hypertension, weight management, and behavioral health. Mobihealthnews, Dario release

And speaking of pharmacy, Amazon Pharmacy expanded same-day medication-delivery offerings to NYC residents and the greater Los Angeles area. This adds to same-day prescription delivery available in Phoenix, Austin, Seattle, Indianapolis, Miami, and Texas, including free drone delivery in College Station. How it works: Amazon has small facilities and pharmacists near the areas, ready to fill and deliver medications in minutes using genAI and machine learning tools. Delivery in NYC/Manhattan will be by bike and in LA, electric vans or other commercial vehicles. (Editor’s note: bike delivery in the outer boroughs is like LA–impractical.) Amazon Prime members have additional benefits. Competition here are online companies like Mark Cuban Cost Plus and GoodRx’s prescription service. But perhaps it’s a good time to sell Surescripts? Mobihealthnews

Short takes: PocketHealth, Brightside fundings; VA OIG reports hit Oracle Cerner; Change cyberattack/legal updates; UHG-Amedisys reviewed in Oregon; Optum to buy Steward Health practices

It’s a relatively quiet week before the Easter holiday, with a few fundings, more drama at the VA around Oracle Cerner, updating Change Healthcare’s comeback, and the continuing scrutiny around UnitedHealth’s acquisitions:

PocketHealth garners a US$33 million Series B. The Toronto-based company markets an AI-assisted platform to health systems and providers that allows patients to access their medical imaging and reports as well as for providers to easily share imaging information. The funding was an all-equity round by Round13 Capital with participation from Deloitte Ventures, Samsung Next, and existing investors Questa Capital and Radical Ventures to bring total funding since 2020 to $55.5 million. The fresh funding will be used to grow further within the US and Canada and develop new platform functions. Patients have access to three platforms:  Report Reader to explain medical terms in the patient’s report, Follow-Up Navigator for follow-up imaging recommendations, and MyCare Navigator to equip patients with relevant, personalized questions to ask their doctor. The platform is available in 775 hospitals and imaging centers across North America and is used by more than 1.5 million patients.  PocketHealth release, Mobihealthnews

Brightside Health moves to a Series C of $33 million. This round for the telemental health company was led by S32, along with Kennedy Lewis, Time BioVentures, and Anne Wojcicki (Redwood Pacific) with existing investors ACME, Mousse Partners, and Triventures. Total funding since 2018 is $114 million. Brightside provides telemental health through payers in 50 states such as CareOregon, Blue Cross and Blue Shield of Texas, and Centene. The new funding will be used to expand into the usual new markets and offerings. Trip Hofer, who was former CEO of Optum Behavioral Health Solutions and now with .406 Ventures, will join the Brightside board of directors. Their most recent moves are expansion into Medicare and Medicaid programs for psychiatry, therapy, and their Crisis Care program for individuals with elevated suicide risk. Release

The Department of Veterans Affairs Office of Inspector General (OIG) released three reports last Thursday (20-21 March) that were sharply critical of the new Oracle Cerner EHR. While Oracle Cerner Millenium operates in only five VA locations, not including the joint MHS/Genesis Lovell FHCC, each one has been problematic from training to implementation–and are on hold. The OIG reports available here on the Electronic Health Records Modernization (EHRM) are scathing on the EHR’s scheduling and pharmacy features leading to patient safety and staff usability issues.

  • At VA Central Ohio Healthcare System (facility) in Columbus and elsewhere, this led to inaccurate medication and allergy information transmission from new EHR sites to legacy EHR sites that staff and pharmacists had to work around to provide adequate safety checks.
  • Also at VA Central Ohio, the Cerner EHR system error in 2022 led to a patient’s missed appointment since it was not routed to a queue to prompt rescheduling efforts. Subsequently, a nurse practitioner never evaluated the medication refill request, nor did a psychologist evaluate mental status and critical clinical information. The veteran patient died by accidental overdose approximately seven weeks after that missed appointment.
  • Regarding future implementations, the OIG was specific on what had to be fixed on both: “These concerns include the need for additional staffing and overtime to meet or exceed pre-deployment appointment levels, displaced appointment queue functionality, challenges related to providers and schedulers sharing information, inaccurate patient information, difficulties changing appointment type, and the inability to automatically mail appointment reminder letters. At facilities currently relying on the EHR, these issues have resulted in inconsistent workarounds and additional work, increasing the risk for scheduling errors.” 

Healthcare IT News, Healthcare Dive, EHR Intelligence, TTA 22 Feb

Change Healthcare’s systems are gradually returning. Since our last update on 14 March, UnitedHealth Group confirmed that 99% of pharmacy network services were up and running–and that they have fronted $2 billion to providers. Separately, they launched workaround software for medical claims preparation.

  • On 15 March, the electronic payments platform was restored.
  • On 20 March, UHG restored Amazon Web Services. It was backed up from Assurance, a claims and remittance management program, and claims clearinghouse Relay Exchange.
  • Relay Exchange went back online by 24 March to begin processing $14 billion in medical claims.

But on the legal and Federal fronts, UHG will be keeping its legal department busy. Starting the week of 11 March, the first class action lawsuit was filed by a women’s health practice in Albany, MS–Advanced Obstetrics & Gynecology PC. Another class action suit was filed on 18 March by Gibbs Law Group on behalf of providers to be named. Patients who have had compromised PII and PHI will be next from the 4 or 6 terabytes of payer information held by ‘notchy’ and other affiliates from the BlackCat/ALPHV masterminded attack as this is confirmed. Expect these to multiply like weeds in May. HIPAA Journal  And the American Hospital Association, Senators and House Representatives are jumping all over Health and Human Services (HHS) to ensure that payments are made to Medicare, Medicaid, and Medicare Advantage plans–as well as calls for investigating UnitedHealth. Becker’s, FierceHealthcare

As expected, UHG’s acquisition of Amedisys home health is running into more opposition at the state level. In this case, it’s the Oregon Health Authority (OHA) that will be conducting a full review. The Department of Justice (DOJ) has been investigating the acquisition on antitrust grounds almost since it was announced in June 2023. Shareholders approved the $3.3 billion buy the following September, but it has not closed. UHG’s plan is to merge it into Optum’s home health providers Contessa Health and LHG Group, creating a home health juggernaut. As noted earlier this month when DOJ announced a further antitrust probe of UHG around the UnitedHealth plan relationships with Optum services, “DOJ has a long memory, a Paul Bunyan-sized ax to grind, and doesn’t like losing. One wonders if now UHG has buyer’s remorse after fighting for two years to buy Change.” (And winning versus DOJ!) Fierce Healthcare

Yet UHG goes on buying providers, DOJ scrutiny or not. Optum is bidding for Steward Health Care’s Stewardship Health practices over nine states. For-profit Steward, headquartered in Dallas, needs to raise funds as it is in debt overall and facing major problems in Massachusetts, with several hospitals at risk of closure. In any case, the company wants to exit the state. A purchase price was not announced. The transaction is under review by Massachusetts’ Health Policy Commission (HPC) over the next 30 days. The Stewardship transaction would add to OptumCare’s total of 90,000 physicians–10% of US physicians, a number that is raising red flags on the state and Federal levels. FierceHealthcare, WBUR