Experts say hackers can sell the patient information exposed in Anthem’s 80 million member breach for up to $1,000 per record (or a staggering potential payout of $80 billion for the thieves) since it forms a “complete identity theft kit” that includes insurance and Social Security numbers (stored unencrypted, in Anthem’s case). A stolen credit card number is worth only $1 and insurance credentials alone fetch just $20. Anthem admits that hackers used the credentials of at least five of its IT employees for up to a month before the attack, which the company detected only when a database administrator noticed someone running queries under his user ID. Investigators are looking into evidence suggesting that China-sponsored hackers launched the attack to obtain information to be used in espionage-related phishing, which seems to be the standard, non-verifiable post-breach excuse.
Meanwhile, scammers pile on by sending bulk spam using Anthem’s logo (above) and cold-calling people claiming to offer credit monitoring trying to get recipients to divulge their own confidential information.
The healthcare- and privacy-related background of Anthem CIO Thomas Miller: zero. He came from Coca Cola just eight months ago, hired because of his background with digital marketing and loyalty programs.
HIStalk Announcements and Requests
Nearly 80 percent of poll respondents think the federal government should issue a national patient identifier, about the same percentage that answered positively in my 2013 poll asking the same question. They added some thoughts: (a) an opt-in version would be more acceptable; (b) the VA could use the identifier to provide information needed to process Social Security disability claims; (c) the ID should be used only for healthcare, employers can’t ask for it, and the individual owns the information associated with the number; (d) use Social Security number as the patient identifier; (e) since nobody wants their Social Security number used for fear of hacking, instead create an ID consisting of date of birth, first three letters of the last name, and the last four digits of the SSN; and (f) a private company’s solution is available now and they’re looking for partners.
New poll to your right or here: will Athenahealth be able to create a competitive, large-hospital information system by rewriting BIDMC’s internally developed WebOMR? Vote and then click the poll’s “Comments” link to elucidate further.
Welcome to new HIStalk Platinum Sponsor CoCentrix. The Sarasota, FL-based company’s Coordinated Care Platform, built on the Microsoft Dynamics CRM solution, optimizes the behavioral health continuum for the benefit of state and local government agencies, providers, and consumers. Components include a certified HHS EHR for state agencies and community providers (intake, assessments, treatment plans, orders, documentation, billing, dashboards, and data mining), enterprise-level case management, a managed care solution, and the rather cool Caretiles integrated mobile app marketplace for consumers. The 32-year-old company has 500 customers in 42 states. Thanks to CoCentrix for supporting HIStalk.
Here’s a patient-centered overview video of CoCentrix that I found on their site.
Sign up now if you want to come to HIStalkapalooza on April 13. I’ll have to shut the page down once I get too many requests to accommodate. I can’t necessarily invite everyone who wants to come, but I can say for sure that you won’t be invited if you don’t sign up (which is true for me as well, so I’ll register today).
Last Week’s Most Interesting News
- Roper Industries acquires two health IT companies, including the leading laboratory middleware vendor as a complement to its Sunquest business, for $450 million following its recent acquisition of Strata Decision Technology.
- Insurance company Anthem announces that a cyberattack exposed the information of 80 million of its customers, but says no medical or credit card information was stolen.
- Athenahealth acquires rights to Beth Israel Deaconess Medical Center’s self-developed WebOMR hospital information system, announcing plans to rewrite it to sell to large hospitals.
- ONC requests $92 million for its FY2016, budget, with $5 million of the 50 percent increase set aside to create a Health IT Safety Center.
- Cerner completes its $1.3 billion acquisition of Siemens Health Services.
- ONC publishes the draft version of its 10-year interoperability roadmap that includes a goal of allowing most patients and providers to exchange and use a common set of electronic clinical information by the end of 2017.
Acquisitions, Funding, Business, and Stock
From Friday’s Athenahealth earnings call:
- Chairman and CEO Jonathan Bush says the company “fell short of the finish line” in 2014 due to “over dependence on one channel partner, over focus on ambulatory medicine, and limited experience with turnaround situations.” He says those were “admission tickets to new levels of adulthood” that will allow the company to get back to 30 percent growth.
- Bush admitted that the company’s enterprise prospects have balked at solutions that don’t address inpatient.
- He says that the acquired RazorInsights product, built for hospitals under 50 beds and priced at around $250,000 to $500,000 per hospital, is “the multi-tenant platform we need to manage most hospitals in the country,” while BIDMC’s WebOMR can handle the more complicated hospitals. Those will be merged together to form Athena Inpatient Clinicals.
- Bush says the company failed in missing its Net Promoter goal of 52.5 in hitting only 42 for Q4.
- The company hired 1,300 employees in 2014, raising its total to 3,700, and will add another 1,000 in 2015.
- Athenahealth’s CFO says RazorInsights produces “a very small amount of revenue at a loss” and that WebOMR is not immediately commercializable, so she recommended that analysts view the acquisitions as ways to eventually enter the inpatient market rather than as revenue-contributing products.
- The company “tried to stop the bleeding on the nervous prospects” who were passing on Athenahealth to choose Epic.
ATHN shares closed Friday down 0.8 percent. Above is the one-year chart of ATHN (blue, down 17 percent) vs. the Nasdaq (red, up 15 percent).
From the McKesson earnings call, which had few mentions of its Technology Solutions business:
- Technology Solutions revenue was down 7 percent due to lower revenue from Horizon Clinicals and the exited UK workforce business, in line with projections.
- John Hammergren says McKesson is “in middle of the game” in trying to move Horizon customers to Paragon.
- He adds, “There’s a bunch of interesting places that we’re placing bets, including CommonWell Health, that we think will pay off” as the company sells data-related products.
- Asked about the future Technology Solutions product line, Hammergren said, “I would say though that as you think out two or three years, the EMR space and the transition away from Horizon will be more complete or complete, and we’ll see more results, we think, in terms of this pay-for-performance priority. I mentioned that HHS and others believe that the market has to move more towards a value-based reimbursement methodology. That’s going to require additional investment.”
Crain’s Chicago Business profiles 73-year-old, near-billionaire investor Dick Kiphart, who says of his investment 10 years ago in healthcare communications company Emmi Solutions, which he sold two years ago to Primus Capital, “It stumbled for a long time. I kept my money in, and it looks like it will be a two- or three-bagger.”
Jennifer Haas (Microsoft) joins Aventura as VP of marketing.
John Hallock (CareCloud) joins Imprivata as VP of corporate communications.
Tony Scott (VMware) is named chief information officer of the United States, replacing Steve VanRoekel.
Announcements and Implementations
Facebook founder Mark Zuckerberg and his wife, Priscilla Chan, MD donate $75 million to San Francisco General Hospital (CA), where Chan did her pediatrics residency. The city will name the expanded facility Priscilla and Mark Zuckerberg San Francisco General Hospital and Trauma Center, which is pretty much the opposite of creatively and succinctly naming a social media website “Facebook.”
Government and Politics
The Defense Health Agency says its top 2015-2016 priorities will prepare it for its EHR implementation: continuing to work with the VA on interoperability, consolidating infrastructure, and standardizing configurations. The agency’s director explains that, “This is an $11 billion procurement. When you think about that, this infrastructure piece is huge. So we have to think about what we’re going to do to make sure we get the best performance out of that EHR."
A CNN report says the Apple Watch will fail (at least in compared to typically blockbuster Apple offerings) because: (a) for $350, all it does is allow users to perform existing iPhone functions from their wrists; (b) rumors are that the battery life will be awful at just 10 hours; (c) it’s rectangularly chunky compared to sleeker products already on the market; (d) it doesn’t do anything particularly compelling; and (e) it’s likely to be improved in a year, forcing users to buy it all over again.
Grant-funded Vermont Information Technology Leaders pitches its new HIE to consumers by running regional Super Bowl ads on local TV stations at a cost of around $13,000 of its $195,000 marketing campaign.
University of California’s 10 campuses will require students to be vaccinated for measles starting in 2017, with students expected to enter their vaccination records into UC’s electronic system. Religious and medical exemptions will be honored, UC says.
Forbes notes the “emerging bull market” for “digital healthcare journalism,” with examples being Politico’s three-reporter subscription-only eHealth launch in 2014 and its plans to expand to an overall healthcare team of 16, the recent sale of Med City Media, and establishment of a five-reporter health and science department at BuzzFeed.
Patients of Reid Hospital (IN) complain when the hospital tries collect debts from as far back as 2011. The hospital has apologized, saying that some patients didn’t receive the usual three monthly bills before their accounts were turned over to collection agencies by a former contract company.
The gutted healthcare system of cash-strapped Greece requires hospitalized inpatients to hire their own nurses for even basic inpatient care, but lack of money and insurance leads many of them to retain poorly trained and illegal phony nurses – often immigrants — provided by temp agencies that cruise the hospital halls handing out business cards. Hospitals say they are too understaffed to expel visitors who offer to rent TVs, bedding, and chairs to patients, adding that even the state doesn’t have the legal authority to issue fines to violators.
Weird News Andy never eliminates stories about fecal transplants, titling this one “Does this bacteria make me look fat?” Researchers suggest not using gut bacteria from overweight fecal donors to treat infections since a case study found that the recipient gained 34 pounds in the 16 months following the procedure.
- Medicity offers a recap of the HL7 conference that showcased FHIR as the “next big thing” in healthcare.
- Sandlot Solutions writes about “Interoperability: Making the ONC’s Vision a Reality.”
- Courtney Patterson asks, “Could Your Reporting Team Structure be Helping or Hurting Your Organization?” in the latest Sagacious Consultants blog.
- RazorInsights will exhibit at the Rural Healthcare Leadership Conference February 8-11 in Phoenix.
- Qpid Health’s Amy Krane summarizes the company’s recent webinar on how Partners Healthcare eliminated prior authorization.
- Siavosh Bahrami rants about the importance of simplicity in a new pMD Charge Capture blog.
- PatientKeeper offers a post on “The Interoperability Non-Controversy.”
- Park Place International offers advice on “Getting Ready for the Meditech Patient and Consumer Health Portal.”
- Patientco posts an article titled “The Importance of Payment Plans in Your Revenue Cycle Strategy.”
- NVoq Director of Healthcare Industry Solutions Chad Hiner, RN explains why “EMR adoption will require more than financial carrots.”
- In the latest Phynd blog, Thomas White asks, “How many employees does it take to enroll a new provider in a hospital’s EMR?”
- Ryan Reed offers “5 Tips to Prepare for Cloud Migration” in the latest NTT Data blog.
- Netsmart will exhibit at the Open Minds Best Management Practices Institute meeting February 12-13 in Clearwater Beach, FL.
- MBA Health Group Consultant Nicholas Bocchino writes about the possible changes to Meaningful Use this year in its latest blog.
- PeriGen launches its Five-Minute Challenge for labor and delivery managers.
- Medfusion will introduce its Help Center in an event on February 12.
- Nandini Rangaswamy asks “What works? EHR-based PHM or PHM-based EHRs?” in the latest ZeOmega blog.
- WeiserMazars releases its Group Annual Report.
- T-System shines a spotlight on staff member Javariah Khan in its latest Informer blog.
- General Manager of Clinical Solutions Eric Brill writes about Voalte’s work with UCSF Medical Center Mission Bay in a new blog.
- Stella Technology Founder and SVP of Business Development Salim Kizaraly discusses HIEs past and present in a Relentless Health Value podcast.