News roundup: VillageMD sued on Meta Pixel trackers; Cerebral pays $7.1M FTC fine on data sharing, cancellation policy; VA may resume Oracle Cerner implementation during FY2025; Epic-Particle Health dispute on PHI sharing

It’s all about personal health data–sharing, bad sharing, and bad transfers in this roundup.

VillageMD takes another hit, this time on Meta Pixel ad tracker issues. A class-action lawsuit filed on 10 April charges VillageMD (formally Village Practice Management Company), via its Village Medical website, of using the Meta Pixel ad tracker for disclosing user-protected health information (PHI) and other identifiable information generally classified as PII. This included visitors to their website villagemedical.com seeking information and patient users of Village Medical’s web-based tools for scheduling and the patient portal. The lawsuit by a “John Doe”, a patient since January 2023 resident in Quincy, Massachusetts but brought by three Midwest law firms in the US District Court for the Northern District of Illinois, states that VillageMD used trackers that transferred this personal information to Meta Networks’ Facebook and Instagram, as well as other third parties like Google, for use in targeted advertising, in violation of HIPAA and other regulations. The lawsuit seeks 1) an injunction stopping Village Medical from using ad trackers and 2) monetary redress via damages–actual, compensatory, statutory, and punitive for the entire affected class. The suit also alleges that VillageMD violated its own internal procedures. Crain’s Health Pulse, Healthcare Dive

Readers will recall that in June 2022, STAT and The Markup published a study and follow-ups on Meta Pixel and ad tracker use by healthcare organizations. Ostensibly, the ad trackers were there to better track website performance and to tailor information for the patient [TTA 17 June, 21 June 2022], but they sent information to third parties that violated HIPAA and privacy guidelines. Ad trackers were also monetized. Meta blamed the health systems [TTA 16 May 2023] for misuse though they used the data for ad serving.  Congressional hearings, FTC, and DOJ followed later in 2022 and 2023. Multiple class action lawsuits against providers large and small have ensued. Providers have pushed back on FTC and HHS rules on ad trackers, stating the restrictions hamper their ability to build better websites based on customer usage and to serve individuals with useful information. 

Another ‘oversharing’ company, troubled telemental Cerebral, whacked with $7.1 million FTC fine on disclosing consumer information via ad trackers plus ‘negative option’ cancellation policy. The proposed order for a permanent injunction filed by the Department of Justice (DOJ) and docketed on 15 April has to be approved by the Federal District Court for the Southern District of Florida. The fine for the company only penalized the following:

  • Cerebral released 3.2 million consumers’ information to third parties such as practices, LinkedIn, and TikTok. This included PHI and PII such as names, medical histories, addresses, IP addresses, payment methods including insurance, sexual orientation, and more. Even more outrageously, they also used the mail for postcards that had sensitive information such as diagnosis printed on them. The insult on injury was that Cerebral failed to disclose or buried information on data sharing to consumers signing up for their ‘safe, secure, and discreet’ services. Cerebral now has to restrict nearly all information to third parties.
  • Cerebral also set up their service cancellation as a ‘negative option’ cancellation policy, which in reality meant that it was renewed indefinitely unless the customer took action to cancel. It was not adequately disclosed in violation of the federal Restore Online Shoppers’ Confidence Act (ROSCA). Then Cerebral made it extremely difficult to cancel by instituting a complex procedure that required multiple steps and often took several days to execute. They even eliminated a one-step cancel button at their then-CEO Kyle Robertson’s direction. The order requires this to be corrected including deleting the negative option.
  • Former employees were not blocked from accessing patient medical records from May to December 2021. It also failed to ensure that providers were only able to access their patients’ records.

Cerebral’s settlement with the FTC and DOJ breaks down to $5.1 million to provide partial refunds to consumers impacted by their deceptive cancellation practices. They also levied a civil penalty of $10 million, reduced to $2 million as Cerebral was unable to pay the full amount. The decision and fine do not cover charges to be decided by the court against the former Cerebral CEO Robertson due to his extensive personal involvement in these practices. Those have not been settled and apparently were severed from the company as a separate action (FTC case information). Since 2022, Mr. Robertson has consistently blamed company management and investors for pushing for bad practices such as prescribing restricted stimulant drugs. Cerebral countersued him for defaulting on a $49.8 million loan taken in January 2022 to buy 1.06 million shares of Cerebral common stock. More to come, as the order also does not address other Federal violations under investigation, such as those under the Controlled Substances Act.  FTC release, FierceHealthcare  

VA to possibly resume Oracle Cerner EHR implementation at VA sites before the end of FY 2025, even if not in budget. During House Veterans’ Affairs Committee hearings on FY 2025 and 2026 budgets, VA Secretary Denis McDonough last Thursday (11 April) said that the VA intends to resume deploying the Oracle Cerner EHR as part of VA’s Electronic Health Records Modernization (EHRM) before the end of FY 2025. As Federal years go from October to September, FY 2025 starts October 2024 and ends September 2025. When asked if VA plans to maintain the “program reset” as they termed it in April 2023 for all of FY25, Secy. McDonough said that “we do not.”However, there is no budget allocated for additional implementations in either FY. The plan is to use carryover funding.

Oracle Cerner’s Millenium EHR was implemented at five VA locations before suspending in April 2023 for a massive re-evaluation which involved reworking systems such as the Health Data Repository which created critical scheduling and pharmacy problems detailed by the Office of Inspector General (OIG)  [TTA 28 Mar]. The joint VA and MHS/Genesis Lovell FHCC implementation, which went live in March, is not included.  NextGov/FCW, Healthcare Dive

And in another dispute about data sharing, leading EHR Epic cut off requests made by some Particle Health customers, expressing concern about privacy risks. Particle Health is a health data exchange API platform for developers. Both Epic and Particle are part of Carequality, a large scale data exchange group that connects 600,000 care providers, 50,000 clinics, and 4,200 hospitals to facilitate the exchange of patient medical records On 21 March, Epic filed a dispute with Carequality that some of Particle’s users “might be inaccurately representing the purpose associated with their record retrievals.” and stopped responding to some Particle Health customer queries. This has now degenerated into a ‘who said what‘ dispute, with Particle and their CEO alleging that Epic implied that it completely disconnected Particle Health and its customers from Epic’s data, while Epic has said that after a review by its 15-member Care Everywhere Governing Council, they flagged three companies who were using Particle’s Carequality connection to access data not related to patient care or treatment. There’s also a larger concern being brought up by providers on the use of these mass data exchanges for fraudulent extraction of data or use that would violate HIPAA guidelines. FierceHealthcare, CNBC, Becker’s, Morningstar

UHG’s Optum UK closes £1.24B buy of EMIS Group

UHG and Optum wasted no time. A year after their bid yet less than one month after approval by the Competition and Markets Authority (CMA), EMIS Group is now part of Optum Health Solutions (UK) Limited. The £1.24 billion transaction became effective on Friday 27 October when shares were suspended from trading on the London Stock Exchange. The sale was formally to Bordeaux UK Holdings II Limited, an affiliate of Optum Health Solutions UK Limited.

As we noted on 2 October, EMIS is the leading EHR system used by NHS GPs throughout the UK. EMIS also has systems for business intelligence, pharmacy, EDs and urgent care, and to identify patients for clinical trials.  It started as Egton Medical Information Systems by two Yorkshire physicians, back when IT was called MIS 35 years ago. In their statement, EMIS will remain HQ’d in Leeds and remain primarily a UK-based company. “…there will be no material changes to our existing operations or locations. Optum UK intends to continue EMIS’s technology development investments, such as EMIS-X, without any material changes to our focus on the key areas of interoperability, elite partners, community pharmacy and data analytics.” There is no indication in the statement about changes in management, more about reassurance in continuity of operations. MarketScreener

CMA clears £1.2B EMIS acquisition by UnitedHealth Group’s Optum (UK)

It took a year, but it’s approved. The Competition and Markets Authority (CMA), the UK agency tasked with approving acquisitions, approved the acquisition of UK healthcare tech systems developer EMIS by UnitedHealth Group (UHG)’s Optum. The actual acquisition will be made by Bordeaux UK Holdings II, a UK Optum unit. 

The £1.2 billion bid for the private company was made in June 2022. In March 2023, CMA moved its review to an independent group for a Phase 2 review due to EMIS’ engagement with the NHS. The Phase 2 review determined that the acquisition by Optum did not raise competitive concerns. Optum is currently a supplier to NHS and GP practices in pharmacy prescription, advisory services, and data analytics. The acquisition of the EMIS system was found to not effectively restrict other entities’ access to data or population health services, and that any restriction could be regulated by the NHS to prevent its use by Optum as a business strategy. Further discussion is presented in the CMA release.

EMIS is the leading EHR system used by NHS GPs throughout the UK. EMIS also has systems for business intelligence, pharmacy, EDs and urgent care, and to identify patients for clinical trials. 

This final approval indicates that the acquisition will close before the end of this year.  Becker’s Payer, CMA release, Medical Buyer (India), Reuters

Mid-week roundup: Holmes turns herself in, ChatGPT as good ER explainer, VA Spokane to cut staff to pay for Oracle Cerner EHR problems?, former Cerner campus conversion

Holmes’ time at Bryan begins. Today (30 May) in a Texas morning, Elizabeth Holmes self-surrendered to the Federal Prison Camp (FPC) at Bryan to begin her 135-month sentence (11 years+). With good behavior and enrollment in certain programs, she may serve about 85% or about 9.5 years as No. 24965-111. The ‘shakycam’ video link here from Sky News (scroll to 3:18) initially from across the street then at the fence shows her delivery in a NY state-plated Ford Expedition to the facility parking lot. Her parents give her paperwork to the officers, then she with the officers walk into the camp facility, with a goodbye wave by partner Billy Evans (ballcap by the car). After all the drama, the denouement is bog-standard save for the paparazzi. She is wearing glasses, a tan sweater and blue jeans, the latter two which will be exchanged for a uniform. Many might be surprised that the prison camp has green grass lawns and trees, without towers or impenetrable fences. This is a low security facility for 650 women on 37 acres, but it remains a prison with all the schedules and restrictions that entails.

Her appeals to the Ninth Circuit Court on her conviction and sentencing, with now the restitution, continue as does the puzzle of how to compensate the victims identified by the US District Court as being owed $452 million payable jointly by her and Sunny Balwani. The order of restitution is here (PDF) There are a dozen identified financial victims from the relatively small (the Eisenmans’ $150,000) to the $125 million of Keith Rupert Murdoch. Both Safeway ($14.5 million) and Walgreens ($40 million) are identified separately. At this point at Bryan, she will be earning between $0.12 and $1.15, earning perhaps $25 every four months based on older data. According to the BBC article today, half of that will go to her victims, said Randy Zelin, a professor at Cornell Law School. The Feds will continue to scrutinize for hidden assets. Mercury News

Our Theranos Saga that started in October 2015 now endeth here, except for news on appeals or changes in circumstances.

On a somewhat lighter note, this non-paywalled Insider article charts the up and downsides of using ChatGPT as an explainer to patients in the ER/ED.  Joshua Tamayo-Sarver, MD, has been an ER doctor for almost 14 years as well as a VP of innovation for two healthcare tech companies, Vituity and Inflect Health. He recently started using ChatGPT4 as an adjunct to treatment, to explain difficult emergency situations to patients and family in simple non-medical language. Dr. Tamayo-Sarver’s article in Fast Company provides a solid narrative of how the simplicity and empathy of ChatGPT’s explaining treatment (in this case of a 96 year old woman with lung edema and dementia) works and helps the staff de-escalate the situation developing with her children and give them a chance to start her correct treatment determined by the doctor, not ChatGPT. (What was her outcome?) As the doctor explains, working with ChatGPT is inadequate for diagnostics, but adequate for ‘hungover intern’ level actions: taking patient history, creating long-form communication for patients and staff, and explaining highly technical information with empathy and compassion.

Will the Spokane VA location which proved to be The Last Straw for the VA with Oracle Cerner from October 2022 pay for it with cuts in staff? This year, Mann-Grandstaff VA Medical Center is projected to run a budget deficit of about $35 million. In a March email, the Mann-Grandstaff director Robert Fischer stated that the Northwest VA VISN (regional) director said this will require Mann-Grandstaff to cut about 15% of staff. Yet the VA chief of VA health care, Shereef Elnahal, has denied this. The controversy around this has prompted VA’s secretary, Denis McDonough, to issue a statement that he will look into these reports but stopped short of confirming that no staff would be cut. Spokesman-Review (Spokane)  Hat tip to HISTalk 31 May

Cerner’s Continuous Campus in Kansas City, Kansas, apparently will be redeveloped. Two local developers are in contract with Oracle to buy the empty 63.5 acre property with twin nine-story office towers. Last week, local authorities approved rezoning with an amended master plan. Developer plans are to convert the north tower to 224 to 232 market-rate apartments above ground-floor commercial space. While the plan for the south tower is to stay as 660,000 square feet of office space plus parking, no interest has come from lessees. According to reports, Oracle’s purchase of Cerner and shutdown of many operations in the area dumped 4.1 million square feet of real estate in the area.  Fox4KC

VA renews Oracle Cerner EHR contract, but with multiple caveats, metrics, and annual renegotiations

VA finally gets tough with Oracle Cerner–when things are not peachy at the latter. The Oracle Cerner EHR contract with the Department of Veterans Affairs (VA) was renewed with 28 key performance metrics attached to monetary credits. Instead of another five-year term, there are five one-year terms that allow VA to revisit the contract annually. It was not a ringing vote of confidence in the relationship, with good reason, as the EHR implementation has ground embarrassingly to a halt over five years with only five deployments in VA medical centers, of 166 centers plus their medical clinics [TTA 26 Apr, 18 Mar].

The renegotiated contract holds Oracle accountable in four key areas, according to a VA update document obtained by Bloomberg Government:

  1. Reliability: Minimizing outages (time when the system crashes completely), incidents (time when one component of the system isn’t working), and interruptions (time when the system is operating slowly) of the system.
  2. Responsiveness: Quickly and reliably resolving help tickets and clinician requests.
  3. Interoperability with other health care systems: Ensuring that VA can quickly and reliably access patient health records from private sector hospitals when necessary, so we can provide informed, world-class care to those we serve.
  4. Interoperability with other applications: Ensuring that the EHR system interfaces with VA’s website, mobile app, and other critical applications, so Veterans have a seamless and integrated health care experience.

With 28 performance metrics that if not met will result in Oracle paying a monetary credit to the VA, there’s a big monetary incentive for Oracle. For instance, in the VA update document, they claim that Oracle would have paid approximately a 30-fold increase in credits for the system outages, which is only one of the metrics. “The amended contract lays the groundwork for VA and Oracle Cerner to resolve the EHR issues identified by the “assess and address period” and optimize EHR configuration for future sites.” Becker’s, Healthcare IT News

The contract negotiations were a hot button in recent weeks for both the House and Senate veterans’ committees, with multiple bills proposed and hearings. The 9 May hearing by the House Subcommittee on Technology Modernization Oversight (Committee on Veterans’ Affairs) was no love-fest, with chair Matt Rosendale (R-MT) once again concluding that the best thing for the VA would be, as he proposed in his bill H.R. 608, to cut Oracle loose and start over. VA obviously did not agree, being between a rock and a hard place, but this hearing put Oracle’s Mike Sicilia on the hot seat about the EHR’s pharmacy software to support the VA’s role as both prescriber and prescription filler–which he previously committed to having fixed by this past April. Carol Harris, Director, Information Technology and Cybersecurity, Government Accountability Office (GAO), responding to Rep. Rosendale’s questions, described a system that is not fully functioning and puts veterans at risk with failings by both Oracle and VA. In the current state, VA users are extremely dissatisfied. The present workarounds and ad hoc processes outside of the system are not sustainable and are set to fail. She also pointed out that VA needs to set goals for what constitutes user satisfaction with clear and objective measures before future deployments. VA must take a leadership role in change management beyond what Oracle does in the deployment. Hearing on YouTube (2.01:50) Witnesses and support documents

The added scrutiny comes at a bad time for Oracle Health with turmoil reportedly festering within the Cerner acquisition. Oracle has laid off 3,000 workers, pausing raises and promotions. Don Johnson, who once was a successor to CEO Larry Ellison, departed from leading Oracle Health and AI. Reportedly, Dr. David Feinberg who briefly headed Cerner prior to the sale, is now a ‘ceremonial’ chairman of Oracle Health. Cerner’s signature buildings in Kansas City are being sold and emptied. If Mr. Ellison wants to transform healthcare, he needs to start at home, rebuilding Cerner-Oracle Health rather than decimating it, and fixing VA as Job #1. Business Insider

Additional recent coverage: 28 April, 20 April, 19 April, 31 March

Mid-week roundup: DEA extends telehealth prescribing waiver to November; telehealth usage continues to erode; NextGen EHR hacked, 1M records breached

The answer: 11 November. The question: how long was the Drug Enforcement Administration (DEA) planning to extend their telehealth waiver of in-person prescribing requirements on Schedule II and higher controlled substances?  Both the DEA and the Substance Abuse and Mental Health Services Administration (SAMHSA) issued the “Temporary Extension of COVID-19 Telemedicine Flexibilities for Prescription of Controlled Medications”rule on 9 May before the Public Health Emergency (PHE) expired on 11 May. It’s a six-month reprieve for the beleaguered telemental health providers/prescribers and their patients–and sure to be hotly debated over the next few months as a final rule must replace the temporary extension rule and the Ryan-Haight Act isn’t going away. DEA release, TTA 4 May

FAIR Health’s tracking of telehealth medical claims has languished in the Fives–as in 5%–since last year. February is the latest month of tracking and it declined from 5.9% in January to 5.5% in February. Again, the vast majority of claims are for mental health codes (66.7%) far ahead of diagnosis #2, acute respiratory diseases and infections, where Covid-19 once resided. However, the latter accounted for 25.6% of asynchronous (store and forward) telehealth diagnoses. A new metric on the report is audio-only telehealth, which is only slightly more popular in rural versus urban areas. The greatest difference from the national norm is in the West, where February telehealth claims were 7.6%. Monthly national summary, FAIR Health main page for monthly and regional summaries.

NextGen’s EHR/practice management system hacked, 1.05 million patient records breached. Information stolen included patient name, dates of birth, addresses, and Social Security numbers. This was revealed in a filing with the Maine attorney general’s office since it included over 4,000 Maine residents. The hack of the NextGen Office system took place between 29 March and 14 April 2023. It’s been a bad year for NextGen’s IT and security teams, as it also experienced a short-term ransomware attack in January by AlphV/BlackCat. (The two couldn’t be related…could they?) No word yet on class action lawsuits or Federal penalties.  TechCrunch

VA EHR update: four deaths traced to Oracle Cerner EHR; four safety issues identified by VA EHRM Sprint Team

The Senate Veterans Affairs Committee is unhappy. Very unhappy. With good reason. The ongoing problems with the Department of Veterans Affairs (VA) rollout of the Oracle Cerner EHR multiply. There were six instances of ‘catastrophic harm’ attributed to a feature of the EHR modernization program since the rollout, four of which resulted in the death of a veteran patient. According to information given to the staff of Senator Richard Blumenthal (D-CT), one fatality was at Spokane’s Mann-Grandstaff VA Medical Center and the other three died as patients in the VA Central Ohio Healthcare System, launched in April 2022. The nonfatal cases happened to veteran patients in the Inland Northwest (also Spokane).

While Senator Patty Murray (D-WA), the chair of the powerful Appropriations Committee, threatened to withhold further funding for the EHR migration, Senator Jon Tester (D-MT) is not fed up enough to be in favor of terminating the contract, as the House Veterans Affairs technology subcommittee head, Rep. Matt Rosendale (R-also MT), proposed in January in H.R. 608, [TTA 1 Feb] now in the House Subcommittee on Oversight and Investigations. The VA has paid Oracle Cerner $4.4 billion on the contract so far, with a refund of $325,000 paid as compensation for ‘incomplete technology and poor training’. Obligations through the contract are at least $9.4 billion. It comes up for renegotiation on 17 May and VA’s contracting officer, Michael Parrish, has testified he will push for a more favorable contract

The Government Accountability Office is also unhappy. The GAO, which calculated the above obligations, told the committee that the EHR contract “as currently written, has not sufficiently motivated Oracle-Cerner to perform better,” and that the current terms of the contract are “not necessarily in the best favor of the government in this particular case.” The GAO surveyed VA users of the Oracle Cerner EHR and found that only 6% agreed the system enabled quality care. Some of this may be reluctance to change technologies after 40 years of VistA, as Senator Marsha Blackburn (R-TN) pointed out in what this Editor expects is a ‘devil’s advocate’ statement, but there is also a fatigue factor–it’s the fourth attempt at replacing VistA.  Federal News Network 16 March, Spokane Spokesman-Review, Becker’s HealthIT

The VA’s EHRM Sprint Team identified four main issues in the EHR Modernization Sprint Report (PDF) released on 10 March.

1) Unknown queue and related issues (including medications)
2) No show and cancelled appointment orders failed to route to scheduling queues
3) Add Referral button not creating visible external site referral for worklist action
4) Usability issues with the EHR application, allowing providers to order procedure charge codes for imaging without ordering the actual clinical imaging

There were 30 safety issues examined by the team (pages 6-7) of 450 submitted. The report also identified EHR workarounds for VA medical centers that conduct medical research, an issue that surfaced publicly with Ann Arbor Healthcare System in delaying their go-live until 2024 [TTA 1 Mar]. They also examined the Data Collection Workbooks (DCW) process to better ensure consistency with VA standards through moving to a standardized approach. The VA is developing an Enterprise Site Readiness Dashboard for determining if a site is ready to migrate their EHR. Federal News Network 13 March

Mid-week roundup: another hurdle for Oracle Cerner VA delay, Walmart builds out clinic infrastructure, Cerebral round 3 layoff of 15%, Evolent Health’s 9% layoff, Quil Health age-in-place tech shuts

Oracle Cerner EHR rollout faces yet another hurdle. The Department of  Veterans Affairs (VA) announced that the next go-live, Ann Arbor (Michigan) Healthcare System, originally scheduled for completion by July 2023, would be delayed until much later this year or even early 2024.  It turns out that a key reason for the delay is that Ann Arbor is a VA research center, and there are major concerns that the EHR changeover won’t blend well with their medical research. VA Under Secretary for Health Dr. Shereef Elnahal told FedScoop during a media roundtable that “…there are many VA medical centers that are heavy with clinical research because of their academic affiliations, and so those centers will need this research functionality. It’s not just an issue with the Ann Arbor Hospital.” In the article, Dr. Elnahal also lamented that the VA health system running on two separate EHRs, VistA and Oracle Cerner, presented additional risks to security. Also FedHealthIT   Hat tip to HISTalk 24 Feb

Walmart’s 32 clinics are building out their infrastructure. Working with their Epic EHR, all the clinics are now operating on the Horizon Cloud on Azure platform paired with VMware cloud infrastructure and digital workspace technology services. A blog published by VMware interviewing BreAnne Buehl, director of life sciences solutions for VMware, and David Rhew, MD, global chief medical officer at Microsoft, details the ambitions of Walmart to move beyond ‘minute clinic’ to broader primary care and chronic disease management, into proactive predictive analytics. Becker’s Hospital Review, VMWare

And on the less cheerful side:

  • Beleaguered telemental health/ADHD provider/prescriber Cerebral announced another 15% layoff, cutting 285 people. It is its third layoff in one year, following a 20% cut last October.  Cerebral is also closing its medication-assisted treatment (MAT) program for opioid use disorder (OUD). A Cerebral spokesperson said the decisions were made to reorganize the company to “refocus on the most important service offerings for our patients.” Another reason for the MAT program closing is the pending renewal of requiring in-person visits for certain mental health medications. For instance, the Drug Enforcement Agency (DEA) is proposing that buprenorphine can be prescribed via telehealth for treating OUD for 30 days but then an in-person exam would be required.  Last year, Cerebral faced still-unresolved DOJ and FTC actions on their telehealth prescribing of ADHD and other controlled Schedule 2 medications, from deceptive advertising (FTC) to overprescribing (DOJ) [TTA 18 Nov 22]. Topping this off are dueling lawsuits with former CEO Kyle Robertson [TTA 30 Nov 22]. Cerebral at the end of 2021 was valued at $4.8 billion by Softbank and other investors, but no one wants to talk about its worth today.  Reuters, Layoffs Tracker, Behavioral Health Business
  • Payer/provider management services organization Evolent Health quietly laid off 460 positions in its Chicago operations, about 9% of their 5,100 person staff, starting in December 2022 into last month.  Their Q4 net loss doubled to $11.25 million on $382 million in revenue, doubling 2021’s $5.65 million loss, though full year 2022 closed with a final loss of $19 million, about half of 2021. The company projects Q1 revenue of $420 million to $440 million, with 2023 revenue of $1.92 billion to $1.96 billion with a shift of emphasis to specialty care, bolstered by its closed acquisition in January of Magellan Specialty Health from Centene. Layoffs Tracker, Washington Business Journal
  • Quil Health shut down operations, with employees departing 10 February and executives 24 February. The Philadelphia-based Comcast-Independence Blue Cross joint venture was founded in 2018 to support older adults and caregivers in ‘aging-in-place’ alert and monitoring technology. The sole report in HISTalk states that the website is offline plus their CEO Carina Edwards updated her LinkedIn profile for Quil with a February 2023 end date and changed the company description to past tense, pushing up her board positions. Their Facebook page is still live but no posts after 16 January after announcing their joining the AARP AgeTechCollaborative. In 2019, this Editor wrote that they were developing pre- and post-care support through TV (!) with Comcast working on an ambient sensor-based device to monitor basic vital signs and fall detection, which launched in 2020 as Quil Assure. To this Editor, it sounded like a home version of QuietCare circa 2009 with multiple sensors and diagnostics. 

Healthcare cyberattack latest: NextGen EHR ransomwared by AlphV/BlackCat, back to normal – 93% of healthcare orgs had 1-5 ransomware incidents

Cyberattacks on healthcare continue their drip-drip-drip. The latest is on an EHR/practice management platform used by small to enterprise-sized specialty practices, NextGen Healthcare. The hacker group associated with the AlphV/BlackCat ransomware moved into the system on 17 January. For a short time, they reportedly exhibited NextGen information on their extortion site but later took it down. NextGen reported a short-term disruption to operations. A NextGen spokesperson stated that “We immediately contained the threat, secured our network, and have returned to normal operations,” the spokesperson said. “Our forensic review is ongoing and, to date, we have not uncovered any evidence of access to or exfiltration of client data. The privacy and security of our client information is of the utmost importance to us.”  NextGen has also stated to this Editor that no patient data was affected.

NextGen is used by about 2,500 practices in the US, UK, India, and Canada, including over 20 specialties.

The group behind AlphV/BlackCat ransomware has an infamous history. Reputedly, the gang has been kicking around since 2012 and was the same group of charmers that attacked the Colonial Pipeline in 2021, using the Darkside ransomware in May 2021 that dried out gas stations across the US East Coast. Their next ransomware edition, BlackMatter, targeted agriculture during fall 2021. Healthcare IT News, The Record/Recorded Future News

More severe attacks affecting 93% of healthcare organizations. While NextGen contained the attack quickly, both the Censinet/Ponemon Institute and Fortified Health Security’s 2023 Horizon Report tracked 2022 healthcare data breaches and concluded that while the number of incidents didn’t change much, their severity ramped up. More according to SC Media in these reports: 

  • Over a dozen of the biggest incidents in 2022 each impacted well over 1 million records
  • Nearly half of the respondents experienced a ransomware attack in the last two years
  • 93% faced between one to five ransomware-related incidents
  • Outages lasted upwards of 35 days

The common ground with NextGen is danger to patient safety, because electronic record damage can translate quickly into unavailable patient care.

Updated PharmaCare Services, a pharmacy management company based in Texas, is listed as a victim on BlackCat’s extortion site. They were exhibited with NextGen and remained when NextGen’s listing was challenged and then taken down. PharmaCare is staying mum on any ransomware disruptions, according to GovInfoSecurity.

One ray of hope is improved medical device security, included in the ‘omnibus’ budget package approved in late 2022. FDA will be required to enforce new standards for premarket device submissions. One is a software bill of materials, adequate evidence to demonstrate the product can be updated and patched, and a description of security testing and controls. This was before Congress in the Protecting and Transforming Cyber Health Care (PATCH) Act which didn’t go far, but elements of which found their way into the omnibus. A needed change for medical devices and long expected by manufacturers. SC Media

Oracle talks to banks to increase loans funding Cerner buy; VA delays Cerner deployments to June 2023

Oracle’s Cerner buy proving to be more expensive–and complicated–than expected. Oracle is reportedly going to its banks to increase their term loan against the Cerner purchase from the current $4.4 billion. The increase would refinance short-term debt and reduce refinancing of the existing bridge loan into longer-term bonds and loans. According to reports, the bridge loan, originally $15.7 billion of debt, was reduced to about $11 billion by the term loan. The bridge loan was originally used to finance the Cerner purchase.

Under the existing agreement, the term loan can be extended up to a maximum of $6 billion. This avoids the dicey situation the bond market is currently in with yields and access by companies.

According to Bloomberg Intelligence, Oracle’s over $90 billion in debt is one of the largest debt loads in tech. Oracle’s credit rating by S&P Global Ratings places it two steps above junk (Baa2/BBB/BBB+) but it may sidestep a downgrade by this action. Yahoo!Finance (Bloomberg), Becker’s 

Oracle announced last week modernizations to Cerner which would have greater interoperability and introduce more cloud-based features. This follows on Larry Ellison’s pronouncements during their September Q1 2023 earnings call. During the Oracle Cerner Health Conference last week, four were announced: Seamless Exchange (eliminating duplicate patient health information), Advance (dashboard), virtual models of care (virtual nurses capturing information), and RevElate (billing). Becker’s

Will the modernizations help Oracle’s VA migraine with the Cerner Oracle Millenium implementations? The prior week (13 Oct), the VA announced that deployments are being pushed from January to June 2023. The release cites the multiple problems with technical and system issues that were uncovered in August (outages), discussed extensively in Senate hearings in July, and the OIG report released in July on the ‘unknown queue’ and more.

Deputy Secretary of Veterans Affairs Donald Remy stated that “VA will continue to work closely with Oracle Cerner to resolve issues with the system’s performance, maximize usability for VA health care providers, and ensure our nation’s Veterans are served by an effective records system to support their healthcare. During this “assess & address” period, we will correct outstanding issues—especially those that may have patient safety implications—before restarting deployments at other VA medical centers.” VA will also concentrate on the existing five facilities already deployed on fixing the multiple issues they have. Veterans treated at these sites will receive letters asking them to call the VA if they experienced delays in prescription filling, appointments, referrals, or test results. One wonders if all the steps Oracle’s Mike Sicilia said Oracle is taking [TTA 28 July] to fix the performance, design, and functionality issues are achievable even in the longer time frame–and certainly in the five live systems.

Thursday’s short takes: Walmart’s delivery drones expand, AWS lands Geisinger for AI and cloud, UHG-Kaia Health partner for virtual MSK therapy

Look, up in the sky! If you live in Arizona, Arkansas, Florida, Texas, Utah, and Virginia, you might be seeing a Walmart delivery drone sooner than you think. By end of 2022, the DroneUp delivery service will be expanding to 34 sites in six states, including Orlando and Tampa, covering 4 million households. What stores in those states will fill these orders between 8am and 8pm haven’t been disclosed, but Walmart estimates that delivery may reach 1 million packages. They will be limited in weight to 10 lbs, promise a 30-minute turnaround, and the delivery fee will be a modest $3.99. “Certified pilots” will be flying these drones. A side business for DroneUp is aerial photography for city and state governments’ construction projects. Color this Editor skeptical, as she wonders how many packages will be dropped and drones shot at. Also, they need to stay clear of restricted airspace. Walmart release, Epoch Times, The Verge

Amazon Web Services (AWS) continues its foray into healthcare with a prime partnership with Geisinger Health, a regional (PA) integrated health system.  They will be transitioning to AWS as their strategic cloud tech provider including their EHR, over 400 applications, plus workflows, after a multi-year review. Geisinger has estimated that post-implementation, they will save several million dollars. Their EHR migration will be one of the largest AWS migrations to date. AWS for Health is rivaled by Microsoft with Teams, Azure IoT, and chatbots for clients such as Humana, plus Google’s partnerships with healthcare giants such as Mayo. FierceHealthcare, Geisinger release

UnitedHealthcare and Kaia Health are partnering for a musculoskeletal (MSK) virtual therapy program. United Healthcare members recovering from surgery or injury will be assessed and referred to the Kaia program when appropriate. These members will then be able to download the Kaia app for physical therapy, tailored to them via “artificial intelligence”. Progress is monitored by that person’s smartphone camera to record motion in real-time and offer suggestions via coaches either 1 to 1 or through the app’s chat feature. At this point, UHG will offer it only to their self-funded employer clients. FierceHealthcare

News, deals, rumors roundup: Cerner’s DOD and VA go-lives, Akili’s ADHD therapy SPACs, Talkiatry’s $37M raise, Alto sings a $200M supper–and the Cigna-Centene rumors don’t stop

While Cerner’s acquisition by Oracle is winding its way through regulatory approvals, their EHR implementations are moving forward through both the Military Health System (Department of Defense) and the Department of Veterans Affairs (VA).

  • Within the MHS, Brooke Army Medical Center and Wilford Hall Ambulatory Surgical Center, both in the San Antonio (Texas) Market, went live with MHS GENESIS on 22 January. The change most visible to patients is the transition from TRICARE Online to the MHS GENESIS Patient Portal which enables 24/7 access for visit notes, secure messaging, test results, appointment scheduling, and online prescription renewal. MHS covers military retirees, active military, and family beneficiaries. According to the MHS’s website, the goal this year is to get to halfway–to implement MHS GENESIS in more than half of all military hospitals and clinics. It’s been taking place since 2017 and, in true military fashion, it’s planned in waves. Coming up are Naval Medical Center Camp Lejeune in South Carolina on 19 March and William Beaumont Army Medical Center in El Paso in summer.
  • VA is moving far more slowly, just getting to its second hospital. The Columbus VA go-live has been pushed back from 5 March to 30 April, citing training slowdowns due to a spike in staff COVID cases. Walla Walla, Washington is set for after Columbus, but the date is to be confirmed. The first, failed implementation at Spokane’s Mann-Grandstaff VA Medical Center in late 2020 was the subject of Federal hearings and a complete redo in VA’s plans and procedures in cutting over from VistA to Cerner Millenium. TTA 28 July and previous. Federal News Network

Akili Interactive, which has developed tech-driven, game-based cognitive therapies for ADHD and other psychiatric and neurological conditions, has gone public through a SPAC via a merger with Social Capital Suvretta Holdings Corp. I, The transaction is expected to close in mid-2022. Akili will be listed on the Nasdaq stock market under the new ticker symbol AKLI.

The SPAC is expected to provide up to $412 million in gross cash proceeds and value the company at over $1 billion. Investors in the $162 million PIPE are Suvretta Capital Management’s Averill strategy, Apeiron Investment Group, Temasek, co-founder PureTech Health, Polaris Partners, Evidity Health Capital, JAZZ Venture Partners, and Omidyar Technology Ventures. The funds raised will support the commercial debut of EndeavorRx, a FDA-cleared and CE-marked prescription digital therapeutic for pediatric ADHD. The technology is termed the Selective Stimulus Management Engine (SSME) and will be rolled out for ADHD, ASD, MS, and MDD treatment.

TTA noted Akili last year in a trial of AKL-T01 at several hospitals for treatment of long-COVID-related cognition problems. Unfortunately, the writing in their SPAC release made this Editor feel like she needed a few treatments.

Mentalhealthtech (psychtech?) continues to attract funding. Psychiatric care startup Talkiatry topped off its July $20 million raise with an additional $17 million from Left Lane Capital for a $37 million Series A financing round. CityMD founder Dr. Richard Park, Sikwoo Capital Partners, and Relevance Ventures also participated. Talkiatry uses an online assessment for a preliminary diagnosis and then matches you with a participating psychiatrist.  It is in-network with payers such as Cigna, Aetna, UnitedHealthcare (Oxford Health Plan), Oscar, and Humana. Funding will be used to expand beyond NYC. Mobihealthnews

Digital pharmacy is also hot. Alto, which promises same-day filling and courier delivery, raised a $200 million Series E led by Softbank Vision Fund. Their total to date is over $550 million. Alto serves selected areas mainly in California, Nevada, Texas, and NYC (Manhattan, Queens, Brooklyn). Competitors Capsule had another raise of $300 million in April for a total of $570 million and Medly raised a $100 million Series B in 2020. Mobihealthnews

In the wake turbulence of Centene’s dramatic management shakeup last month [TTA 18 Dec], rumors continue to surface that insurer Cigna is interested in acquiring all, or possibly part, of Centene. Bloomberg News in publishing its article earlier this week cited ‘people familiar with the matter’ said that talks took place last year, but that they are not ongoing. Seeking Alpha picked this up, adding market activity boosting Centene. Perhaps the disclosure and the ‘denials’ align with what this Editor has heard–that it’s very much ongoing but under wraps.

A Centene buy makes sense, but only with Cigna. While Cigna is almost double the market value of Centene, it does not have the sprawling business model the latter has, nor do their businesses overlap much. However, some divestiture would be needed to do a deal, given the constrained regulatory environment in the US on the Federal and state levels. Any insurer merger is seen as anti-competitive, unless it is an acquisition of a smaller, struggling plan. 

It certainly would vault Cigna into the top rank of insurers with non-Centene branded exchange, Medicare Advantage and Medicaid plans, a provider network, an established MSO, and other lines of business including Magellan behavioral health management. Cigna might also value Centene’s international holdings, such as private hospitals Circle Health in the UK and Ribera in Spain. A sale would also create a quick and profitable ROI for Politan Capital Management, the activist investor company that initiated the retirement of 25 year CEO Michael Neidorff last month, rather than managing and reorganizing the sprawl of Centene’s businesses to make it more profitable.

Further insights on and thoughts about the Oracle acquisition of Cerner

HISTalk, with its focus on health IT and generally short mentions without opinion on the news, in today’s issue includes some thoughts on the Oracle-Cerner deal, including a rare “Announcements and Requests” inviting reader thoughts on the acquisition’s effect on several issues. Also rare: a lengthy anonymous comment from a healthcare CIO.

A few highlights–your Editor recommends you go to the article for more:

  • Oracle’s free cash is far less than the purchase price at $23 billion. They will need additional financing to complete the Cerner acquisition.
  • Announcements and Requests: will customers on the fence between Epic and Cerner run towards the less uncertain choice? Will the Cerner VA and DOD business be affected? How does this affect Cerner’s implementations of cloud services, currently AWS versus Oracle’s Gen2, as well as healthcare’s usage of  InterSystems Cache versus Oracle’s relational databases? And will Oracle’s Voice Digital Assistant as the user interface to Cerner Millenium really fly?
  • From Change of Control: How key to the deal was CEO David Feinberg MD, who only joined in October? No matter what, he’s now a very wealthy man.
  • From On-Demand: Oracle is buying its way into healthcare. Cerner lost a lot of ground in executive changes and a less than effective CEO. (Editor’s note: This dates back to 2017–the illness and untimely death of Neal Patterson, the co-founder and CEO, at age 67 and president Zane Burke’s departure the following year after 20 years for the CEO spot at Livongo, which undoubtedly made him a wealthy man!)
  • From Anonymous Health System CIO’s Initial Thoughts: Their biggest problems are 1) people and process.”Cerner has struggled to maintain competent staff that understand healthcare and individual customer workflows. Throughout our implementations, we had major challenges with project management, availability of experienced staff, and the ability to help us make informed decisions.”  2) “If Oracle is going to help reduce the cost of healthcare, they also need to help find savings for their customers.” 

All these should be of concern to Cerner as they–and their people–try to maintain momentum until the acquisition closes. Customer uncertainty, staff competence, and Oracle’s lack of background in how healthcare operates (including a history of pulling some ‘fast ones’ around cloud licensing, as well as understanding clinician preferences such as Dragon as a voice assistant) are undoubtedly giving some investors–and hospital systems–pause. Hat tip to HISTalk. Our earlier coverage here.

One final comment from Editor Donna: Never underestimate the power of a CEO’s ego–especially one who is routinely compared to God, at least in TechWorld–in wanting One Last Coup to burnish his escutcheon, before that Long Sail Into The Sunset on his yacht Musashi.

(Breaking) Sold! Cerner to Oracle for $28.3 billion. And is Epic next?

That bombshell came in fast! From the rumor mill to reality, from last Thursday to today (Monday), Oracle and Cerner announced their deal today at 9.37am ET. It is a bracing all-cash deal at $95/share plus debt assumption totaling $28.3 billion, expected to be immediately accretive to Oracle’s earnings. Closing is anticipated sometime in 2022. It is subject to considerable regulatory (SEC and likely DOJ) and shareholder approvals. It’s Oracle’s largest deal ever, but so far their share price is not appreciative of the big move.

According to the Oracle release, Cerner and its EHR plus related systems will be organized as a dedicated Industry Business Unit within Oracle. No transition information was included, although towards the end it’s stated that “Oracle intends to maintain and grow Cerner’s community presence, including in the Kansas City area, while utilizing Oracle’s global footprint to reach new geographies faster.”

Both the Oracle and Cerner releases (headlining their home page in gigantic type) are written totally from Oracle’s POV–no shilly-shallying about how Cerner will guide them into the healthcare arena or a meeting of like companies, et al. It’s all about how Oracle will transform healthcare.

Changes will be coming to Cerner. Between the lines, they are not painted in the best light. From the Mike Cecelia (EVP, Vertical Industries) quote, “Oracle’s Autonomous Database, low-code development tools, and Voice Digital Assistant user interface enables us to rapidly modernize Cerner’s systems and move them to our Gen2 Cloud. This can be done very quickly because Cerner’s largest business and most important clinical system already runs on the Oracle Database. No change required there. What will change is the user interface. (Ed. emphasis) We will make Cerner’s systems much easier to learn and use by making Oracle’s hands-free Voice Digital Assistant the primary interface to Cerner’s clinical systems. This will allow medical professionals to spend less time typing on computer keyboards and more time caring for patients.”

There is also no mention of Cerner’s challenges with the VA. What are the implications with the Cerner implementations there and with DOD?

Do anticipate much industry speculation on David Feinberg, MD, who only this fall joined Cerner as CEO, and his role in this. The most logical is that he’ll shepherd the sale till the close and exit stage left, well-rewarded, with his future (only 59) still ahead, unless Oracle sees a role for him. In its way, it broke Cerner out of a corner that they were painted into with EHRs. At the end of the day, will there be a Cerner?

And what about Epic? A more complex picture, as Epic Systems is wholly private, on a roll, and dominated by Judy Feinberg, the founder and CEO. However, she is 78, and both personal and corporate considerations on future planning must loom large. What would Epic be worth to an acquirer? And who would it be? Amazon? IBM? (a terrible fit after the Watson Health debacle), Salesforce? Microsoft? Hmmmmm…. CNBCTechCrunch, HealthcareITNews   Our earlier coverage here.

Oracle in negotiations to buy Cerner for $30B (sold!)

2021 may go out with a bang! The Wall Street Journal (paywalled) reported late Thursday that software colossus Oracle was in discussions with EHR giant Cerner to buy it, lock stock dropdown menus and workflows. And soon, according to the WSJ‘s sources. The reported amount is $30 billion.

It would be Oracle’s most expensive purchase ever, much more than PeopleSoft (HR) in 2005 and NetSuite in 2016. Given their valuations, Cerner is a snack at $23 billion for Oracle at $280 billion. But Cerner gives Oracle four-star entree to healthcare and practice systems. Oracle has long seen healthcare as a growth area for cloud computing services targeted to payers, hospitals, and health systems, and has clients like Cleveland Clinic and Kaiser. Back in June 2020, they launched a cloud service collecting clinical data from sensors, patient apps, EHRs, and labs supporting therapy development. 

As our Readers know, David Feinberg, MD left Google Health to join Cerner as president and CEO on 1 October [TTA 21 August] in a $34.5 million compensation package [TTA 24 August]. An acquisition by Oracle, in such a short time, can be interpreted as either a coup he engineered for the shareholders (and for his benefit, as change of control usually vests the package!), or he can be viewed as a placeholder for the top spot on a previously moving deal. Both are mature companies. While Cerner has been losing market share to Epic and has had many woes with its $18 billion VA Cerner Millenium implementation [TTA 3 Dec, 28 July], it also generates $1 billion per year in free cash flow and Oracle can institute operational efficiencies to increase profit margins. In the view of some, Oracle is returning to an aggressive market strategy that most felt it left behind.

Oracle shareholders didn’t like it much today, with shares declining over 6% on Friday to $96.67. But Cerner’s liked it a lot, increasing price nearly 13% to $89.77. Kansas City-based Cerner also had 150 layoffs in November in its 28,000 employee staff. Oracle recently relocated from California to Austin, Texas, shrinking its office footprint. Seeking Alpha 17 Dec, 17 Dec AM; Kansas City Star, Becker’s HealthIT

Updated–see our short article on the sale for $28.3 billion here.

Breaking: Google Health shutting down, most employees scattered to other divisions (updated)

Breaking  Google Health is disbanding, according to an ‘insider’ report in the (paywalled) Business Insider, reported secondarily in Becker’s Health IT and in specialized websites such as Apple Insider. This comes on the heels of the departure of Google Health head and Google VP David Feinberg MD after two years on 1 Sept. He will become CEO and president of Cerner starting 1 October. Healthcare IT News, Healthcare Dive

Reports about the internal memo sent to Google employees from what Apple Insider calls “Google research whiff” (?) Jeff Dean indicates that the teams working on various health projects will be split up to other areas. For instance, Google Health’s clinical group including the EHR tool team will now report to Dean. Based on 2020 numbers, 500 employees will be affected. 

Google Health’s track record since its founding in 2018 hasn’t been superlative, despite the prestigious name and bankroll. They bought a failing Fitbit for $2.1 billion closing only in January, after a bouncy romance starting in 2019  with more than the usual share of controversy, with scrutiny from DOJ to EU regulators. Becker’s reports that Google’s CMO, Karen DeSalvo, MD, leader of clinical initiatives, will now report to the chief legal officer. The AI team on medical imaging will report to Google’s search and AI team. The memo also noted relocation of staff to Search, Maps, and YouTube. 

(updated) In June, Google Health reorganized to shed its consumer focus and focus more on clinical applications such as its controversial Care Studio and health AI, including projects moved from sister company Verily. Even losing 130 or so employees to other areas of the company from a unit high of 700, this apparently was not enough to justify its separate existence. TTA 18 June, FierceHealthcare 

Healthcare ain’t beanbag, as they say in New York, and even Apple with its Watch and innumerable apps has found it rough going. Reports this week stated that Apple is scaling back a specific health team that was focused on an internal health app.

For Dr. Feinberg, former CEO of integrated health regional Geisinger and CEO at UCLA Health, the Cerner position is ‘top of the world’. He is being hired as Cerner’s third CEO in 42 years and will be combining both the CEO and president positions which previously were separately held. He reportedly has been hired to be a strategic CEO, which is a change for the company reflecting its directional change to be a software-as-a-service (SaaS) business rivaling Amazon Web Services, marking a transition away from legacy EHRs. Cerner has had some significant challenges, with the VA implementation sidelined until sometime in 2022, and quite a few executive changes, with the current CEO and chairman departing immediately after three years without an expected transitional period, and a new chairman coming from the board of directors.

As for Google, Dr. Feinberg might agree with “amar99”, one of the commenters on Apple Insider, who said in part: “Great, now can Google please leave Google?”