TTA’s Royal Visit Week: OpenEvidence goes dark in UK & EU, UK Biobank and Medtronic hacked, RapidSOS’s well-done docu-video, ‘fetching’ fundings, more!

May 1, 2026 | by | No Comments

 

Friday, 1 May 2026

This week saw King Charles III and Queen Camilla on our shores, from Washington to NYC to Virginia, before flying off to (hopefully) warmer Bermuda. Perhaps the pomp made for a quieter healthcare week. Perhaps the three most important stories were almost lost in the circumstance. “IT” clinical info app OpenEvidence stumbled over compliance with the EU AI Act–and chose to go dark in UK and EU. 500K UK Biobank records were hacked–by trusted Chinese researchers. Medtronic had what they depicted as a not-terribly-consequential breach of their corporate IT systems–we’ll see. A well-done docu-video on what happens when you call 911–and emergency services. Some fundings that ‘fetch’. And more!

Please feel free to comment on the articles and pass along this Alert. Let me know if this is worth it to you!

A quickie news roundup: ChatGPT for Clinicians unveiled, UHG to invest $1.5B in AI, Aidoc raises $150M, TriFetch raises $1.9M pre-seed, Boehringer Ingelheim & Eko Health partner on canine heart murmur detection

Breaking: OpenEvidence app access terminated in the UK and EU

(Updated) Medtronic reports corporate IT systems cyberattacked. 500K UK Biobank records breached in inside job. Are med device and research organizations the new hacker happy hunting ground?

‘Behind the Emergency’–a well-done presentation about and approach to a specialized healthcare market

Last Week

Weekend Must Read: The 10 point pattern of failure of healthcare tech companies

News roundup: (breaking) IKS Health finalizes TruBridge buy, Hims shares rise on independent Rx fills, Cala Health scores $50M, Joyful Health $22M, Tava Health $40M, actor Jeremy Renner partners with RapidSOS

Even famous doctors have their identity stolen: Dr. Eric Topol “authors” an apparently fake, AI-generated paper (This Editor’s investigation)

Teleprescriber Zealthy–and CEO Kyle Robertson–accused of asset fraud; DOJ moves to freeze assets and put company in receivership

Chutes & Ladders: Vendor protest filed against VA-OIT, Teladoc stock touted as ‘best buy’, Treehub ‘founder residency’ launches, AcuityMD raises $80M to near-$1B valuation

29th ISfTeH International Conference announced for 11-13 November in Germany–submit your proposal now!

Perspectives: What Healthcare Can Learn from Formula One About AI

 * * *
Advertise on Telehealth and Telecare Aware
Support not only a publication but also a well-informed international community.

Contact Editor Donna for more information.

Help Spread the News

Please tell your colleagues about this free news service and, if you have relevant information to share with the rest of the world, please let me know!

Donna Cusano, Editor In Chief
donna.cusano@telecareaware.com

Telehealth & Telecare Aware – covering news on latest developments in telecare, telehealth and eHealth, worldwide.

(Updated) Medtronic reports corporate IT systems cyberattacked. 500K UK Biobank records breached in inside job. Are med device and research organizations the new hacker happy hunting ground?

April 30, 2026 | by | No Comments

Medtronic’s cyberattack apparently contained. The company reported in a corporate statement on 24 April that an unauthorized party accessed data in certain Medtronic corporate IT systems. Medtronic has not identified, to date, any effects on, as specified: products, patient safety, patient needs, connections to customers, manufacturing and distribution operations, or financial reporting systems. They are determining any intrusion into patient information. According to their most recent SEC filings, Medtronic does not anticipate any effect on its business or financial needs.

The criminal hacker organization taking credit for it is the interestingly named ShinyHunters (what, not Shiny Stockings?) which claims it exfiltrated 9 million patient records with personally identifiable information (PII), 38 million records in total, as well as “terabytes” of internal corporate data. This immediately contradicts Medtronic’s anodyne corporate statement. However, the leak is no longer published on their dedicated leak website, according to Cybernews reported in TechRadar, which may indicate that some negotiations are going on. We’ll see if Medtronic will be changing their statement.

ShinyHunters is indulging in some chest beating, bragging on its leak website that they’ve stolen data from primarily consumer companies such as Zara, Carnival, 7-Eleven, Pitney Bowes, The Canada Life Assurance Company, and Hallmark. 

This fits a pattern of major healthcare hacking. Orthopedic medical device and robotics company Stryker was caught in a massive breach, wiping tens of thousands of systems and servers across the company’s network including applications such as Intune Company Portal, Teams, and VPN clients often used on personal devices. The perpetrator, Handala, is “linked to Iran’s Ministry of Intelligence and Security (MOIS) that targets Israeli organizations with destructive malware designed to wipe Windows and Linux devices.” This makes it political as a primary reason, economic secondary. [TTA 20 Mar]

Corporate IT is more vulnerable than production or patient-facing systems, according to Ensar Seker, chief information security officer at threat intelligence platform SOCRadar, quoted in MedCityNews. Corporate systems have high-value data but are less rigorously segmented and protected. MedTechDive

Another breach with international repercussions is that of UK Biobank. UK Biobank is a non-profit research database with information on 500,000 British citizens who volunteered their history and data. That data was found for sale on three separate listings on the Chinese e-commerce website Alibaba. Apparently no entity purchased the data. Unusually, the Chinese government assisted in the listings’ removal. (See below for the embarrassing reason why.)

Last Thursday (23 April), science minister Ian Murray told the House of Commons that the charity had informed the government about the data breach last Monday and thanked the Chinese government for assisting with the removal from Alibaba. Biobank has referred itself to the Information Commissioner’s Office. The hacker is not identified.

Dame Chi Onwurah, the Labor chair of the science, innovation and technology committee, scored her own Government, saying that it was “another blow to public confidence”, adding that it showed “little progress had been made” in protecting public data. Mr. Murray had assured her back in February that standards of public sector information security and data hygiene would improve.

The subjects joined the study over four years, 2006-2010, and at that time were between 40 and 69 years old. The information could include gender, age, month and year of birth, socioeconomic status, lifestyle habits, and measures from biological samples. The deidentified  information did not include names, addresses or contact details but what was included–genome sequences, hospital diagnoses, and biological measures–could be cross referenced and re-identified in experts’ view.

According to the Independent (via Yahoo UK), UK Biobank is the world’s most comprehensive dataset of biological, health and lifestyle information. It is used internationally and has been used to achieve improvements in the detection and treatment of dementia, cancers and Parkinson’s. DataBreaches.net

Update: the breach was apparently an Inside Job. The data was leaked dozens of times via GitHub. Three Chinese research institutions with legitimate access violated their data-sharing agreements. FTA: “It was not a hack. It was a contract violation by trusted researchers, and that distinction makes it worse, not better, because it exposes a vulnerability that no firewall can fix: the entire model of open research data sharing assumes that everyone who receives the data will follow the rules.” TheNextWeb

News roundup: Microsoft debuts a rebooted Copilot Health, Stryker whacked by Iranian cyberattack, Amazon buys Rivr robotics for delivery, Turquoise Health’s $40M raise, Verily raises $300M to shake off Alphabet control

March 20, 2026 | by

Microsoft joins the AI health chatbot club with a rebooted Copilot Health. Copilot Health will be much like its competitors:  OpenAI/ChatGPT for Health and Anthropic’s Claude for Healthcare [TTA 28 Jan]. It allows consumers to upload their medical records, health histories, and data from wearables and connected devices, then draw on that information to organize, analyze, and provide guidance to individuals. It’s a reboot because, as Sergei Polevikov of AI Health Uncut revealed, Microsoft debuted Copilot for Health last October. The earlier iteration lacked access to EHRs and medical records other than personally held. Copilot Health now uses HealthEx to connect to EHRs, hospitals, and patient portals, and pull that information after consent–same as Claude for Healthcare. (ChatGPT uses b.well) Mr. Polevikov makes the logical argument that the HealthEx API (and b.well’s) already have the full framework standards and compatibility to be marketed DTC, for the consumer to do as he or she pleases. Unlike ChatGPT and Claude, there is no provider version. (ChatGPT’s consumer version is still in slow rollout.) Healthcare Dive, AI Health Uncut (subscription required)

Orthopedics device and robotics giant Stryker cyberattacked, recovering, Iranian hacktivists identified. Last Wednesday (11 March), Stryker revealed that a severe, global cyberattack disrupted its customer support, ordering, manufacturing, and shipping operations, wiping information from . It affected operations within the Microsoft environment. It has not affected products including connected products.  As of Tuesday, Stryker reported that it had been “contained” on the damage they are aware of and that systems are starting to be restored, though the full scope of the disruption is not yet known. Other reports indicate disruption and wiping on multiple systems. 

According to DataBreaches.net and Bleeping Computer, the Iranian-linked Handala hacker group claimed that they had stolen 50 TB of data, then wiped tens of thousands of systems and servers across the company’s network including applications such as Intune Company Portal, Teams, and VPN clients often used on personal devices. Handala is “linked to Iran’s Ministry of Intelligence and Security (MOIS) that targets Israeli organizations with destructive malware designed to wipe Windows and Linux devices.” Their message on Bleeping Computer positions the hack as retaliation against Israeli attacks on Iran and calls Stryker a “Zionist-rooted corporation”, which is rather ‘rich’ for a company founded and HQ’d in Kalamazoo, Michigan. Healthcare Dive 13 Mar, 17 Mar

Amazon buys Rivr to test robot delivery. The Swiss startup has limited information on its website (but plenty of video). It has developed 4 wheeled “General Physical AI” robots with legs that can negotiate steps and drop off packages. Amazon intends to test the Rivr robot for doorstep delivery to assist its third-party delivery contractors who perform the arduous and highly pressured ‘last mile’ delivery from Amazon warehouses to customer doors. Amazon has been investing in robotics since 2012 for warehouse operations. It previously invested in Rivr’s $22 million seed round last March through its Industrial Innovation Fund and Bezos Expeditions, Jeff Bezos’ VC firm, for a valuation of $100 million. Rivr tested the delivery robots last year in Austin with Veho, a package delivery service, though the final outcome (scaling to 100 robots) is not confirmed.  CNBC, TechCrunch

Turquoise Health scored a $40 million Series C funding. Turquoise is a pricing and payment platform that connects data, contract intelligence, and revenue cycle workflows for clear pricing transparency and to reduce the cost of errors in administration, claims, and reimbursement. The round was led by Oak HC/FT, with participation from existing investors including Andreessen Horowitz, Adams Street Partners, and Yosemite, for a total raise of $100 million. Release, MedCityNews 

And winding up the week, Verily raises $300 million–and independence from Alphabet. Now rebranded as Verily Health Inc., it is now a precision health solutions company. It has pivoted since at least 2016 from various iterations as originally the Google X life sciences ‘skunkworks’–devices, bioelectronics, smart contact lenses, smartwatches, smart diapers…  The funding was led by Series X Capital, with participation from Alphabet, UCHealth, the University of Colorado Anschutz and other investors. Alphabet remains a significant minority investor in Verily, while no longer having a controlling stake.  Release 

Masimo names new CEO, new board chair and vice chair. And confirms a fresh direction.

January 22, 2025 | by

After a dramatic 2024, Masimo settles in a new CEO and board. Joining from BD (Becton Dickinson) is Catherine (Katie) Szyman for the top spot and a board seat. With new board positions are interim CEO (since October and the resignation/ousting of Joe Kiani) and independent director Michelle Brennan as chairman of Masimo’s board and as vice chairman, lead independent director from Politan Capital Management, Quentin Koffey. The changes are effective on 12 February.

Ms. Szyman’s background in medical device and related is impressive, especially in joining a $1.5 billion company from a $6 billion one. She was briefly worldwide president of Advanced Patient Monitoring at BD after nine years at Edwards Lifesciences where she was corporate vice president and general manager, Critical Care, their unit for device and predictive analytics software. She is credited with Edwards obtaining the first AI clearance from the FDA for patient monitoring.  Edwards was acquired by BD last September. Prior to Edwards, she was at Medtronic for 24 years, rising from finance to president of their diabetes care unit. She has also held and still is on multiple board positions and is a Harvard MBA. According to the release and Ms. Brennan’s statement, Ms. Szyman will be “prioritizing our pipeline to focus on large opportunities, while developing a clear strategy for bringing our next generation patient monitoring platform to market”, which promises more professional monitoring products.

The double-down on the professional health side is backed by the makeup of the now nine-person board. Ms. Brennan is retired from a global leadership position at J&J. Tim Scannell and Bill Jellison both retired from Stryker as president and CFO respectively. Wendy Lane has extensive financial and investment background. Darlene Solomon was a chief technology officer and VP of Agilent Technologies in life science and chemical research. Strata-gee 21 October 2024. Holdovers from the Kiani era are former Disney CEO Bob Chapek and Craig Reynolds, a former COO of Philips Respironics.

With Ms. Szyman at the helm, one can easily predict that Masimo’s professional vital signs monitoring medical devices won’t stay concentrated in pulse oximetry and more on ‘large opportunities’, perhaps incorporating predictive analytics and AI. More will be changing at Masimo. Under the vague language of ‘alternatives’ and ‘strategic review’, Sound United will be sold, sooner rather than later as it will not be reported in their 2025 financials [TTA 17 Jan]. The release also confirms that the consumer healthcare business that encompasses smartwatches, fingertip pulse oximeter, a wearable thermometer, baby and infant monitors, and ‘hearables’ (the latter two with no product on the website), is on the block. Unless the consumer side can be developed, it’s too competitive. Politan is signaling wants to grow this investment big time.  A hat tip and bow to Ted of Strata-gee today for breaking this.

Short takes: Stryker to buy Care.ai, Masimo W1 medical watch clears FDA for oxygen, heart monitoring, Create Health Ventures forms $21M fund

August 16, 2024 | by

Medical/surgical device giant Stryker snapping up Care.ai. Price and financing are not disclosed. Orlando-based Care.ai specializes in sensor-based smart room technologies for hospitals and post-acute care facilities along with virtual care data analysis and workflows. Timing of the closing is based upon the usual regulatory approvals and Care.ai will operate separately until then. After that, it’s projected that it will be integrated into Stryker’s 2022 acquisition Vocera Communications’ platform and devices.  Care.ai may be just the first deal for Stryker’s second half, as their CEO Kevin Lobo promised on the Q2 investor call a “very active deal pipeline” of tuck-in acquisitions. According to HIStalk, Care.ai co-founder and CEO Chakri Toleti sold his previous venture, HealthGrid, to Allscripts (now Veradigm) in 2018 for $60 million. MedTech Dive, Stryker release

Despite the proxy fight, business as usual goes on with Masimo. Their W1 medical watch for remote patient monitoring, integrated into the Masimo SafetyNet telemonitoring platform, received FDA 510(k) clearance. The watch MW-1 module monitors high-resolution SpO2, pulse rate, perfusion index (Pi), and heart rate from an ECG from a single wearable device. Readouts are both on desktop for the clinician and on an app for patients and caregivers. All can receive customized notifications and manage care remotely. The Masimo W1 medical watch and the integrated Masimo MW-1 module are indicated for adults in hospitals, clinics, long-term care facilities, and homes. No cost is provided and it is not available on the website, but the W1 Sport consumer version is $549.  SleepReview, Masimo product page.

Another sign of digital health investment revival–a new venture capital fund not started by Glen Tullman. Create Health Ventures is kicking off its inaugural fund with $21 million. Its focus will be on early-stage startups founded by experienced healthcare veterans on two tracks, according to their announcement release

  1. For payers, improve access to care for everyone, enhance the patient experience, and facilitate better health outcomes
  2. For pharmaceutical companies, technologies they can use to recruit and retain patients for clinical trials, as later-stage trial needs swell in the industry

The two founders and managing partners, who started the firm in Austin and Chicago in 2021, are Emma Cartmell and Amit Aysola. They have advised or invested in over 80 companies. Venture Capital Journal, Mobihealthnews

Connected care keeps expanding: Stryker acquiring Vocera Communications for $3B, Baxter’s close of Hillrom sale for $12.5B

January 12, 2022 | by

Medical device companies that have grown into or acquired tech and analytics are now buying into communications systems to connect it all. Massive medical/surgical/orthopedic device company Stryker is acquiring clinical communications/coordination workflow systems Vocera Communications for a snappy $2.97 billion. The deal is for $79.25 per share and is expected to close in this quarter. Vocera is expected to expand Stryker’s Advanced Digital Healthcare and connect devices and digital communications both for clinical caregivers and with families. Vocera is considered to be an innovator in communications systems that connect clinical and operational systems, and is presently in 2,300 medical facilities internationally. No management transitions were disclosed. Release.

Hillrom, another device company mainly in cardiac and hospital monitoring which last year had broadened its remote patient monitoring and connected care portfolio, was in turn acquired by medtech giant Baxter International last month. Hillrom had acquired Bardy Diagnostics and EarlySense about a year ago [TTA 4 Feb 21], and in 2019 Voalte Communications, directly competitive with Vocera. In 2015, Hillrom bought Welch Allyn which boosted it into digital health from primarily hospital furniture. The purchase price closed at $10.5 billion and including Hillrom’s outstanding debt obligations, the acquisition in total was $12.5 billion. From Baxter’s release, the “legacy” Hillrom and Welch Allyn brands will be introduced into international markets and integrated into Baxter’s technologies. The lack of mention of Hillrom, the ‘legacy’ references, and no mention of Hillrom management transitions in the release, is a sure sign that the brand will be sunsetted very quickly, along with its management team. Medtech Dive. Also a snappy tip o’ the cap to HISTalk.

Is digital health neglecting The Big Preventable–medical errors?

September 6, 2014 | by | 1 Comment

 

Preventable medical errors persist as the No. 3 killer in the US – third only to heart disease and cancer – claiming the lives of some 400,000 people each year.

(US Senate hearing, cited in HealthcareITNews 18 July 2014)

At the end of last month, this Editor questioned the efficacy of our current state of ‘consumer engagement’ in Patients should be less engaged, not more. The ‘less engaged’ was a call for simplification: regimens and devices which were easier to use, less complicated and far easier to fit in everyday life. (Aesthetics helps too.) Back in 2013, HeartSister/Ethical Nag (and Canadian) Carolyn Thomas called for health app (and by inference consumer engagement) designers to ‘skate to where the puck is going’–as in “For Pete’s sake, go find some Real Live Patients to talk (and listen) to first before you decide where you’re going!” Often it seems like these apps and platforms are designed in a vacuum of the entrepreneur’s making. The proof is the low uptake (Pew, Parks, IMS) and the apps’/programs’ lack of stickiness after all this time (Kvedar 8 Sep blog post).

Now Laurie Orlov tells us we were looking at the wrong puck, as analysts do. First, all that ‘nudging’ and all those apps haven’t moved the needle on diabetes and obesity. Second, why are app developers neglecting that third largest killer, preventable medical errors? Add to that 400,000 yearly–over 1,000 per day–the 10,000 estimated patients every day who suffer serious complications. (more…)