HHS issues HIPAA guidance for ransomware attacks, saying that a reportable HIPAA breach has occurred if the malware encrypts PHI. The only exception is if the covered entity or business associate can demonstrate that the risk of PHI compromise is low, which would be difficult to accomplish in a ransomware attack.
HHS says a breach has not occurred if the user’s data was encrypted, but with a big exception – users who are logged into a PC have made the information on their hard drive available during their session, so if that user clicks on a phishing link or opens an infected web page that triggers ransomware encryption, impermissible disclosure has occurred.
From Geno Petralli: “Re: Xcite Health. A client says they’ve been bought by Athenahealth and the EncounterPro/Xcite Health program will be sunsetted and everyone moved to Athena by 1/10/17.” Here’s Athenahealth’s official response (from the head PR person) to my inquiry about this reader’s rumor:
A few hours later, I received this “partnership” announcement from Xcite Health, confirming the reader’s statement that EHR/PM vendor Xcite Health is shutting down as of January 10, 2017 and is suggesting that its now-orphaned clients switch to Athenahealth.
From Roll Liftface: “Re: HIT100 winners. This guy doesn’t appear to have a job beyond self-promotion. Next year you should mock the process by getting your readers to nominate Carrot Top or Prince.” I haven’t heard of at least half of the tweet-happy winners, who seem to participate in a lot of mutual back-scratching among the Twitterati. Twitter isn’t the real world and the job titles of some suggest more success in the former than the latter. I’m sure part of the motivation beyond self-validation is employment, but I think companies would be wary of hiring someone who spends that much time and energy tweeting.
HIStalk Announcements and Requests
Elementary school librarian Ms. H in Texas created a maker space that we stocked with programmable robots and other technology kits in funding her DonorsChoose grant request. She reports, “The younger students were in awe of this technology! I had a few even say ‘It’s Magic’ and I had to respond ‘No, it’s science!’ I had first graders screaming with joy when they got their Ozobot to follow the path they had created for it.”
July 13 (Wednesday) 1:00 ET. “Why Risk It? Readmissions Before They Happen.” Sponsored by Medicity. Presenter: Adam Bell, RN, senior clinical consultant, Medicity. Readmissions generate a staggering $41.3 billion in additional hospital costs each year, and many occur for reasons that could have been avoided. Without a clear way to proactively identify admitted patients with the highest risk of readmission, hospitals face major revenue losses and CMS penalties. Join this webinar to discover how to unlock the potential of patient data with intelligence to predict which admitted patients are at high risk for readmission.
Acquisitions, Funding, Business, and Stock
The Wall Street Journal publishes fascinating factoids about Theranos CEO Elizabeth Holmes, including that her admiration for Steve Jobs (as evidenced by her black turtlenecks) led her to maintain an Apple-like secrecy about company news until the “one more thing” type public reveal. She also hired an Academy Award-winning director to film videos of herself. She is also escorted everywhere by an earpiece-wearing security detail that refers to her as Eagle 1. The article notes that her presentation to the American Association for Clinical Chemistry next month won’t include the information she originally intended since FDA said she couldn’t, so she’s going to instead focus her talk on Theranos company history (yawn). WSJ’s readers always provide insightful comments:
- Hey, investors in Eagle 1–do you guys really know what you’re doing? Heaven forbid that you actually consult with someone who actually KNOWS SOMETHING about diagnostics.
- I just hope that this story helps to shed light on the loophole in the law that allowed Theranos to promote tests that were not scientifically validated or to bring a spotlight to the many start-ups that continue to raise funds on the basis of hype and revenue growth, but without any real business plan or hope of profit.
- This is what the VC’s seemed to really lust after, the idea that Theranos was going to move the bulk of blood testing out of doctor’s offices disrupt LabCorp and Quest as if they were stodgy old taxi companies. Theranos was really an "Uber for _____" and a data hoovering company. How many more clinically relevant (but smaller and less sexy) medical companies could have been funded with the money that was wasted on this?
- I hesitate to draw any parallels between Holmes and Jobs because Jobs actually built products that worked as advertised.
- I know a former employee of Theranos. This person got out when they realized this company was all smoke and mirrors. Also, this person told me that the whole Elizabeth Holmes story is all PR driven fluff (boldly dropping out of Stanford, starting the company on her own, etc.). Holmes actually has a lot of political connections in DC and is related to the Fleischmann Yeast fortune. Why are there so many politicians on the Theranos board and very few MDs?
- It is possible that the famous Reality Distortion Field attributed to Mr. Steve Jobs might have been taken one step too far in this one case.
- She is working in that exciting grey area between novel scientific breakthrough and scam.
- Seems "Fake it ’til you make it" doesn’t work with medical technology.
Protesters picket Washington State clinic operator Zoom because it doesn’t accept Medicare or Medicaid, which the company logically replies is exactly its business model in offering quick, technology-powered local care for which Medicare pays poorly if at all. Protesters, many of them representing unions and those who want universal healthcare, issued a statement saying that population segmentation causes inefficient, lower-quality healthcare. Zoom’s CEO responds, “Don’t think that we have to be all things to all people.”
Stella Technology acquires Zigron Healthcare to expands its web and mobile app development, ETL, BI, QA, and user experience design services.
ECG Management Consultants acquires the healthcare consulting division of Kurt Salmon US.
Emergency medical services software vendor ESO Solutions – which offers an EHR and healthcare data exchange platform — receives a growth equity investment from Accel-KKR.
I missed this from a couple of weeks ago: investors including Blue Shield of California buy out MeYou Health, which offers behavior modification and social tools for health plan members. The new CEO is Rick Lee, co-founder of the acquired and then failed Healthrageous. MeYou Health company was previously owned by Healthways.
Aprima will consolidate its North Texas offices and 250 employees in Richardson, TX.
In the UK, Pennine Care NHS Foundation Trust chooses FormFast for its paperless health initiatives.
Rady Children’s Hospital – San Diego (CA) selects Strata Decision Technology’s StrataJazz for decision support, cost accounting, and contract analytics.
East Texas Medical Center Regional Healthcare System (TX) chooses Orion Health’s Rhapsody Integration Engine.
Jennifer Karstens (Encore Health Resources) joins Orchestrate Healthcare as area VP.
Announcements and Implementations
The American Heart Association’s Institute for Precision Cardiovascular Medicine will award 14 data-related grants in the next year and will provide winners access to Amazon Web Services to analyze and share their information. The grants will cover data mining, data methods validation, development of data analysis tools, and fellowships for scientists interested in computational biology training.
NCQA awards Premier its first Electronic Clinical Quality Measures Certification, verifying its ability to report clinical data for HEDIS and CMS EHR inventive measures.
Government and Politics
President Obama writes a JAMA paper (bylined as “Barack Obama, JD”) describing the impact of the Affordable Care Act. He describes the decrease in uninsured citizens and the elimination of cost-sharing for preventive services and lifetime coverage limits. He says reform needs to continue via CMMI, ACOs, MACRA, precision medicine, and the Cancer Moonshot. He asks Congress to revisit his original proposal to offer a Medicare-like public plan that would add competition in areas served by a small number of insurers. He also wants Congress to force drug companies to disclose their actual production costs and to give CMS the authority to negotiate prices for expensive drugs. The President warns of the influence of special interest groups:
The second lesson is that special interests pose a continued obstacle to change. We worked successfully with some health care organizations and groups, such as major hospital associations, to redirect excessive Medicare payments to federal subsidies for the uninsured. Yet others, like the pharmaceutical industry, oppose any change to drug pricing, no matter how justifiable and modest, because they believe it threatens their profits. We need to continue to tackle special interest dollars in politics. But we also need to reinforce the sense of mission in health care that brought us an affordable polio vaccine and widely available penicillin.
CMS announces that the median deductible on marketplace-issued health insurance policies is $850, down from $900 last year, when the subsidies the federal government gave to 60 percent of those policy-holders is figured in. The announcement glosses over the 40 percent of people who bought insurance from Healthcare.gov and state exchanges without federal handouts for their premiums and deductibles, the latter of which for silver-level plans are often the maximum allowed $6,800 for single coverage. As is nearly always the case in the US, the rich and the poor do well at the expense of the middle class.
The Congressional Budget Office calculates that the national debt will rise to 141 percent of the economy’s size within 20 years, eclipsing the previous high of 106 percent that followed World War II. Entitlement programs such as Medicare and Social Security are mostly responsible, along with interest payments on the ever-increasing US red ink.
Privacy and Security
A hospital in China apologizes to the parents of 6,000 newborns whose nursery videos were stolen by hackers and posted on the Internet. Experts say many website developers in China lack even basic security knowledge, adding that the hackers were probably just practicing their skills since the videos have no value otherwise.
A secretary fired by Jackson Health System (FL) for giving ESPN a photo showing the surgery schedule of football player Jason Pierre-Paul, whose finger was amputated following a fireworks accident last July 4, sues the hospital, claiming she’s had nightmares and headaches following what she says were false accusations. The hospital stands by its decision, saying they have electronic proof that she looked at Pierre-Paul’s chart at least four times and left work early the day the information was leaked.
A hospital in the Netherlands asks players of the wildly popular week-old, GPS-powered virtual reality Pokemon Go smartphone game to stop hunting the game’s imaginary monsters on its campus after several of them wander into its restricted areas. AMC’s tweet above translates to, “There is a sick Pokemon in AMC – we will take care of him. We would appreciate your not visiting.” Other businesses are facing similar headaches: a woman demands that a music festival let her daughter on its private property to play, a cafe bans the game because customers were taking up space for hours, and officials expect game-players to be injured or killed by wandering into roadways or onto railroad tracks while absorbed in gameplay. Players have run across dead bodies, been mugged in sketchy areas in the middle of the night, and admitted playing while driving. At least people who usually sit and stare at their phones all day long will finally get some exercise. I’m sure Nintendo / Niantic are quickly plotting ways to monetize their surprise hit, such as charging businesses to host destinations or to allow users to sell accomplishments back and forth, but it will probably be killed off by the next shiny object (a la Words with Friends and Second Life) before they roll something out.
I received an email touting a healthcare IT job site’s newly published “Health IT Stress Report,” which despite being overloaded with cute infographics and lofty yet lame conclusions, is based on only 470 survey respondents whose method of selection and response rate were unstated. That usually means someone stuck a survey on their website and harvested any willing, self-selected, statistically unrepresentative people who felt like filling it out.
In Canada, a survey of unstated methodology finds that only 21 percent of Quebec residents have used online health tools, causing the cheerleading digital health company authors to incorrectly conclude, “leaving 79 percent of Quebecans wanting digital tools that would allow them to take control of their personal health” (apparently the authors reckon that every single Quebec resident wants digital health tools even though they didn’t ask them.) Respondents were a lot more interested in online banking and social media even though they obligingly answered the leading questions offered about interoperability, electronic prescribing, and EHRs.
Weird News Andy labels this plastic surgeon as “selfieish.” The Ukraine doctor, whose motto is “Love is free, medicine is not,” specializes in breast augmentation and posting selfies and videos taken with his unconscious naked patients on social media. The shameless self-promotion is working – he has a year-long backlog of patients.
- Edward-Elmhurst Health (IL) says its physicians are saving two hours per shift by using Nuance’s Dragon Medical One cloud-based clinical speech recognition.
- Besler Consulting releases a new podcast on the comprehensive Care for Joint Replacement appeals process.
- ECG Management Consultants will present at the HFMA Region 7 Conference July 18 in Lake Geneva, WI.
- PMD CEO Philippe d’Offay is spotlighted in a Q&A about secure messaging for providers.
- Forward Health Group will participate in the National Governors Association Summer Meeting 2016 July 14-17 in Des Moines, IA.
- Impact Advisors will participate in the “Run to Home Base” fundraiser for veterans on July 25 at Fenway Park in Boston.
- Glytec CMO Andrew Rhinehart, MD offers an overview of DPP-4 inhibitors.
- HCS will exhibit at the Health Forum/AHA Leadership Summit July 17-19 in San Diego.
- 10 Reasons to Attend Connect Atlanta 2016 (AirWatch)
- Four tips to improve office productivity & accelerate payments (AdvancedMD)
- How to Hack-Proof Your Medical Practice (Aprima)
- Yes, We Really Do Take Patient Calls At All Hours (CareSync)
- Tips for Employee Onboarding (CTG)
- Improving Patient Access: What’s Your 3rd Next Available Appointment? (Culbert Healthcare Solutions)
- You’ve got 1,000 questions; we’ve got answers: Nordic’s collective knowledge sharing tool (Nordic)
- Networking with Purpose (Direct Consulting Associates)
- Before Jumping on the Bandwagon … Know Your Clinical Communication Platform (Extension Healthcare)
- 5 Common EMR Data Migration Questions (Galen Healthcare Solutions)
- 4 Steps to Creating Super Users for Your System Implementation (Hayes Management Consulting)
- Interviewing – Revisiting the Practice (HCTec)
- Interface Engine Selection – 3 Things to Consider (The HCI Group)
- Treat Patient Visits Like Business Meetings? (Healthfinch)
- What a Canadian Rock Star can Teach us About Death and Dying (Healthwise)