Short takes: Legrand acquires Enovation, FDA nixes Cue Health’s Covid tests, Ascension confirms ransomware attack–who did it? (updated), beware of ‘vishing’ courtesy of ChatGPT

Legrand Care acquires Enovation. Enovation is a Netherlands-based digital health company with a connected care platform for care monitoring across prevention, early detection, medication checks, and remote healthcare. Its customer base includes ambulances, pharmacies, clinics, hospitals, and home care. With distribution in healthcare organizations across 18 countries, including Scottish Digital Telecare [TTA 11 Aug 2021], it will join the equally international Legrand’s Assisted Living and Healthcare (AL&HC) business unit with Intervox, Neat, Tynetec, Jontek, and Aid Call. Acquisition cost was not disclosed. Release   Legrand and Tynetec are long-time supporters of TTA.

The hammer drops on embattled Cue Health. The US Food and Drug Administration (FDA) has invalidated Cue Health’s Covid-19 Tests for Home and OTC Use and for the authorized lab test version. Home users were advised to discard unused kits in household trash. Both consumers and providers were advised to retest if symptoms persisted after a negative test result. This followed an FDA inspection of their operations that determined that unauthorized changes to the test kit design were made along with failures in performance testing. A Warning Letter was issued to Cue on 9 May. The company has not yet responded. FDA Safety Communication

Cue was one of many biotech manufacturers that marketed Covid-19 point of care/lab, and home testing kits after obtaining Emergency Use Authorizations (EUA) in 2020 and 2021. It exploded in size and went public in September 2021 at $200 million and $16/share with a valuation of $3 billion. Today HLTH shares trade on NasdaqCM at a little bit over $0.13. Their headquarters facilities in San Diego that once had 1,500 employees must be a lonely place, as the company reported another layoff of 230 employees, about half of remaining staff, after earlier layoff rounds of 245 in February and 880 in 2023. Their remaining test is one for Mpox on a EUA. Two other tests developed for flu and RSV are still under FDA review.  Cue Health’s financial reports for 2023 were dismal with revenue down to $71 million, an 85% reduction versus 2022, and a net loss of $373.5 million. Recent reports indicate that the company will refocus on marketing its Cue Health Monitoring System. Management and board changes have also been drastic, with a CEO change in March (Yahoo Finance) and the CFO departing this past Monday. MedTech Dive

Ascension Health finally acknowledged that its cyberattack was ransomware-based. On Saturday 11 May, their website event update confirmed that the cyberattack was ransomware. The Saturday and Monday 13 May updates also confirm that system operations will continue to be disrupted with no timetable set for restoration to normal status. Impacted systems include their EHR, MyChart, and some hospitals are diverting emergency care. The update page now has 12 regional updates and a general + patient FAQ. Update: in these states, Ascension’s retail pharmacies cannot fill prescriptions: Florida, Wisconsin and the District of Columbia. Their website recommends that patients bring paperwork and prescription containers. Lab and imaging results are delayed. Since the hospitals are on manual systems, overall there are delays in admissions–bring documentation. And the class-action suits have started, with reports that three have been filed already. Healthcare IT News

Who dunnit? DataBreaches.net reported over the weekend that Ascension’s hack has been attributed to interestingly named ransomwareistes Black Basta. Late last week, the US Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on Black Basta. It’s another charming ransomware-as-a-service (RaaS) with bad news affiliates like BlackCat/ALPHV wreaking havoc on over 500 organizations globally. No word on whether Ascension has paid ransom. 

Speaking of cybersecurity, now something else to worry about–‘vishing’. This is ‘voice phishing’, another generative AI-facilitated hack that uses snippets of a human voice to pose as people or representing organizations via phone call or voicemail. Not enough? There’s ‘smishing’–SMS or text phishing which can invade your phone with all sorts of nasty messages. These attacks, according to cybersec firm Enea, are up twelve-fold since the launch of ChatGPT. Vishing, smishing, and phishing (email) attacks have increased by a staggering 1,265%. 76% of enterprises lack sufficient voice and messaging fraud protection. Can we go back to the 1990s? 2000s? When we worried about “Nigerian princes” email scams? Becker’s, Enea survey report

News and funding roundup: BioIntelliSense ‘stickers’ $45M, Exo ultrasound scans $220M, Enovation gets Scotland OK, WellSky snaps up Healthify, Cerner’s good quarter despite VA

Sticker shock? BioIntelliSense, which has been flying under the radar for over a year [TTA 17 July 2020] since inking a deal with Philips to integrate their BioSticker sensors into their post-acute remote patient monitoring (RPM) systems, scored a $45 million Series B funding for a total of $82 million since 2018. Lead investor is Chimera (UAE) with participation from 7wire Technology Partners, Mary Tolan of Chicago Pacific Founders, James Murren, formerly of MGM Resorts International, as well as Pendrell Corporation, Royal Philips, and Fresenius Medical Care North America.

BioIntelliSense has two wearables: the BioSense on-body sensor for 30 days of continuous vital sign monitoring, and the new BioButton for up to 60 days of RPM. The BioButton is touted for Covid-19 monitoring. “Temperature checks have proven to be unreliable and even amplified testing (PCR) has proven to be ineffective in identifying the virus in the early days of infection.” The button will be connected to the BioMobile screening survey app which will feed the user the latest CDC health screener and then scan for ‘subtle physiological changes’ in temperature, respiratory rate and heart rate at rest. The app generates a non-PHI report indicating ‘cleared’ or ‘not-cleared’. The BioSticker is 510(k) FDA-cleared; the BioButton is not, but is being marketed as an enterprise solution for employee health clearance. Mobihealthnews

Hand-held ultrasound gets ultra-funding. The Exo hand-held ultrasound snagged a hefty $220 million in Series C funding for a total of over $320 million since last year. Their point-of-care tool includes nano-materials, sensor technology, and advanced signal processing and computation in a platform called Exo Works. Exo is in a crowded field pioneered by GE Healthcare’s Vscan [TTA 27 March] back in 2010, but including Butterfly IQ, Mobisante, and Philips LumifyMobihealthnews

Enovation also approved by Scotland. With our news from Alcuris last week that they were selected by Scottish Digital Telecare as a security-assessed supplier, Enovation (formerly Verklizan), notified your Editors that they also were selected. Our quote from their management is from Andy Grayland, Chief Information Security Officer, Digital Office for Scottish Local Authorities. “The Scottish digital telecare security-assessed suppliers scheme reviewed a submission from Enovation for an Alarm Receiving Centre application. The assessment panel was very impressed with pre-existing security security culture and standards within Enovation. Both this assessment scheme, and Enovation’s positive response to it, will help ensure that vulnerable telecare users across Scotland are protected against the threat posed by cyber criminals when using these services.” 

WellSky to acquire SDOH provider Healthify. WellSky is a provider of software, analytics, and services for community care. Healthify builds and manages accountable networks for SDOH services, working with health plans, providers, and community partners in all fifty states. Previously, Healthify had raised $25.5 million in five rounds from 2013 (Crunchbase). Healthify is the fifth company WellSky has acquired since 2018, the last CarePort Health for $1.4 billion in 2020 (Crunchbase). Terms were not disclosed. Closing anticipated in Q3. The release does not indicate management transitions or HQ location.  

Despite their VA troubles and layoffs, Cerner had a very good quarter indeed: revenue up 10%, adjusted EPS $0.80 versus $0.63, exceeding analyst expectations for both. They laid off 500 employees in the quarter and eliminated 300 open positions, which will deliver $70 million in annualized savings. plus half their owned space is now unneeded so up for sale. Their Department of Defense EHR rollout is going well with 42 commands and 663 locations with 41,000 activated users. The Coast Guard’s deployment will be completed this year. As to VA, “results of the VA’s strategic review focused on governance, training, and readiness rather than Cerner-caused problems.” More in the lead article in HISTalk 8/2/21. Cerner’s announcement, transcript of earnings call on Seeking Alpha