Week-end news roundup: Fold Health launches OS ‘stack’; admin task automator Olive cuts 450 workers; 38% of UK data breaches from cyber, internal attacks; hacking 80% of US healthcare breaches; does AI threaten cybersecurity?

Startup Fold Health launched this week. It’s developed a suite of modular tools that are interoperable with existing EHRs or platforms to enable them to work better, together. Fold’s main claim is to “move primary care beyond the constraints of a 15-minute visit and provide a revolutionary consumer first experience through micro, automated workflows and campaigns of care.” There is an athenahealth connection, in that the founders were from Praxify, a virtual assistant/patient engagement app bought by athenahealth for $65 million in 2017. It has a $6 million seed investment from athenahealth. FierceHealthcare

On the other side of the funding mountain,  Olive, an AI-enabled data cruncher that automates routine administrative healthcare processes such as revenue cycle management, has pink-slipped 450 employees, about one-third of its staff. In a letter to employees excerpted in Axios, Olive cites ‘missteps’ and ‘lack of focus’. It follows hiring freezes, major staff departures, and overpromising/underdelivering, including not using AI or machine learning for automating tasks, featured in an April Axios investigation. Olive has gone through over $850 million in nine rounds of funding (the last July 2021, Series H–Crunchbase). FierceHealthcare

Cyber attacks with internal breaches account for 38% of UK organizations’ (of all types) data losses in 2022. This is based on the Data Health Check survey of 400 IT decision makers compiled by Data Barracks, a cloud-based business continuity organization. The second and third reasons for data loss are human error and hardware failure. Of those surveyed, over half have experienced a cyber attack, most commonly caused by ransomware. 44% paid the ransom, 34% didn’t and used backups. Their recommendations include frequent backups and keeping track of how many data versions–both will minimize downtime and data loss. Release, full report

By contrast, returning to the US and healthcare, malicious hacking activity accounts for nearly 80% of all breaches. Fortified Health Security’s mid-year report on the state of healthcare cybersecurity, reviewing HHS Office for Civil Rights (OCR) data,  noted that in first half 2022:

  • Healthcare data breaches primarily originated at providers– 72%. The remainder were at business associates at 16% and health plans at 12%.
  • The number of records affected was 138% higher than the first half of 2020 at over 19 million records
  • Breaches were concentrated in relatively few organizations: Seven entities experienced breaches of more than 490,000 records each, in total 6.2 million records or 31% to date.  
  • OCR’s data breach portal recorded 337 healthcare data breaches that each impacted more than 500 individuals, a small decline from 2021’s 368
  • Hacking incidents rose to 80% from 72% in 2021. Unauthorized access/disclosure incidents totaled 15%; loss, theft, or improper disposal accounted for only 5 percent of breaches.
  • AI and ML-enabled security offerings can bolster cyber infrastructure. Organizations should also look at how IT staff shortages impact their planning and security.    HealthITSecurity

Can AI (and machine learning-ML) lessen breaches–or open the door to worse problems, such as algorithmic bias, plus data privacy and security concerns? Vast quantities of data pumped through AI or ML algorithms are harder to secure. If the algorithms are built incorrectly–such as eliminating or underrepresenting certain populations–what comes out will be skewed and possibly misleading. In the Healthcare Strategies podcast, Linda Malek of healthcare law firm Moses & Singer, who chairs their healthcare, privacy, and cybersecurity practice group, discusses the problems. She suggests some best practices around transparency, security, privacy, and accuracy when developing an AI algorithm, including collecting as much data as possible, and as diverse as possible, for accuracy. Additionally, the design should incorporate privacy and security from the start. HealthcareExecIntelligence

Lightning news roundup: AI for health systems Olive scores $400M, VA’s sticking with Cerner EHR, Black+Decker gets into the PERS game

As here in the US we are winding up for our Independence Day holiday (apologies to King George III)….

Olive, a healthcare automation company for healthcare organizations, scored a venture round of $400 million from Vista Equity Partners. To date, it’s raised $856 million through a Series G plus this round and is now valued at $4 billion according to the company release. Olive’s value proposition is automating via AI routine processes and workflows, such as benefit verification discovery, prior authorizations, and billing/payments for health systems. About 900 US hospitals have adopted Olive’s systems. Mobihealthnews.

Breaking: The US Department of Veterans Affairs will be staying with Cerner Millenium for their EHR modernization from VistA. This follows a 12-week review of the implementation following failures within the $16 billion program itemized by the Government Accountability Office (GAO) in February [TTA 19 Feb]. Secretary Denis McDonough is scheduling two further review weeks to determine additional changes to the program. The intent is to build a cloud-based system fully interoperable with the Department of Defense’s Military Health System (MHS) also built with Cerner. FedScoop, Healthcare IT News

And in the What Are They Drinking in Marketing? I want some of that, stat! department…

Black + Decker is now becoming a PERS provider with the introduction of Black+Decker Health and the goVia line of mobile and home-based PERS with optional fall extension and call center monitoring through Medical Guardian . The devices are a fairly predictable line of cellular-connected (Verizon, AT+T) with a ‘classic’ home landline unit. The units are being sold through Amazon. B+D release

From a marketing perspective, the Black+Decker name, identified for decades with home and power tools, on a PERS line is also a classic–a classic mistaken line extension like Cadbury mashed potatoes or Colgate frozen entrees. Buy a PERS, get a drill? Relevance and fit to a older, female-skewing group?  It surely looks like their parent Stanley, which is a leading company in institutional alarm and location services. offloaded this legacy business to them. (Judging from the website, someone’s in a rush as some pages still have ‘greek’ copy under headings.) Hat tip to a Reader who wishes to remain anonymous.