Home » News » Currently Reading:

News 6/30/17

June 29, 2017 News 5 Comments

Top News


Nuance’s most recent update from Wednesday afternoon says it is still recovering servers following Tuesday’s malware attack. The company has not provided an estimated time to resolution.

Affected cloud services include transcription, radiology critical test results, Assure, Dragon Medical Advisor, Cerner DQR, Computer-Assisted Coding, Computer-Assisted CDI, CLU software development kit, and all Quality Solutions products.

Nuance recommends that cloud transcription users move to Dragon Medical or use an alternative dictation service, which suggests lack of confidence that the systems will be restored soon. A few customers say they’ve been told not to expect restoration of services until next week or even longer, but I can’t verify that.

Patient care is surely being affected as hospitals and practices try to implement minimally-tested downtime procedures or switch to backup transcription providers with the inevitable delays in patient information flow.


It will be interesting to see, once the smoke clears, how Nuance handles the HIPAA implications of the malware attack given its massive healthcare presence. HHS has advised that a ransomware attack is by definition a breach since an unauthorized party has acquired PHI, but adds that if the business associate (in this case since Nuance isn’t a covered entity) can argue that it is unlikely that the information was compromised, then breach notification is not required. The Petya malware – which arguably isn’t ransomware — does not send data anywhere but instead permanently encrypts it (in essence, destroying it), so assuming Nuance can restore the PHI from backups, it may be able to successfully argue that the information was never exposed or threatened.

NUAN share price has declined just 5 percent since its systems went down Tuesday.


Nuance seems to be understandably struggling with its public communication, same as any of us who would rather be fixing the problem than explaining it individually to every user affected by it. Some customers say the company is doing a great job of keeping them in the loop, which probably means that it’s doing the best it can given potentially outdated or incorrect contact information. The company:

  • Launched a communications page that was quickly taken down.
  • Announced in a press release that updates would be provided on a different page and via a Twitter account, neither of which contain any updates.
  • Hastily put up still another page (I’m inferring “hastily” given spelling and punctuation errors) and went silent on Twitter except for a single link to the newly created page.
  • Is taking heat from its transcriptionists who are questioning in the absence of definitive updates from Nuance whether they’ll be paid for being unable to work during the several days’ of downtime. However, a Nuance email to employees says they will be paid their normal rate for their scheduled hours and will be offered incentive pay to help clear the post-resolution reports backlog.

Reader Comments


From Gordon Gecko: “Re: my KLAS-corrected comments about Cerner. My math is right. I included ‘new’ customers, which are of more interest to the Street, and excluded add-on sales to existing customers. I also said ‘if you take away DoD and the 30 micro-hospitals,’ 85 total. I included all Cerner losses. Maybe the most relevant takeaway is that there have been more Millennium defections in the last two years than Soarian defections. Looks like for every Weirton and Pinnacle that sues Cerner to escape Soarian, there are dozens who don’t dare.”


From Yuge Surprise: “Re: DoD. The swam is not draining, but swirling.” Frank Kendall — the Pentagon’s recently retired undersecretary of acquisition, technology, and logistics — joins the board of Leidos. Kendall presided over the DoD’s selection of Leidos for its $4.3 billion EHR project.

HIStalk Announcements and Requests


HIStalk had 12,114 page views Wednesday, which I assume can be attributed to ransomware interest and the fact that – because of reader tips — I reported Nuance’s incident many hours before anyone else. It was the fourth-busiest day since I started the site in 2003.

This week on HIStalk Practice: HHS announces $195 million in HIT-related community health center funding. BCBS of Nebraska takes over Think Whole Person Healthcare. Rhode Island providers protest PDMP legislation.Independent Health forms Evolve Practice Partners. Physicians show a decided lack of interest in MACRA prep. PatientPoint raises $140 million.


July 11 (Tuesday) 1:00 ET.  “Your Data Migration Questions Answered: Ask the Expert Q&A Panel.” Sponsored by Galen Healthcare Solutions. Presenters: Julia Snapp, manager of professional services, Galen Healthcare Solutions; Tyler Suacci, principal technical consultant, Galen Healthcare Solutions. This webcast will give attendees who are considering or in the process of replacing and/or transitioning EHRs the ability to ask questions of our experts. Our moderators have extensive experience in data migration efforts, having supported over 250+ projects, and migration of 40MM+ patient records and 7K+ providers. They will be available to answer questions surrounding changes in workflows, items to consider when migrating data, knowing what to migrate vs. archive, etc.

Previous webinars are on our YouTube channel. Contact Lorre for information on webinar services.

Acquisitions, Funding, Business, and Stock


Cincinnati-based physician office marketing technology vendor PatientPoint raises $140 million in financing from private investment firms.


Anti-trust concerns cause Walgreens and Rite Aid to cancel their planned $9.4 billion merger and instead strike a deal in which Walgreens will buy half of Rite Aid’s drugstores for $5.18 billion in cash. In other news, Walgreens apparently puts its much-regretted experience with Theranos behind it in that LabCorp will offer specimen collection services in some of its stores.


Diabetes management app and data analytics vendor Glooko raises $35 million in a Series C round, increasing its total to $71 million.



Henry County Health Center (IA) chooses FormFast’s FastPrint and FormFast Capture.



MedeAnalytics hires Paul Kaiser (TriZetto Provider Solutions) as CEO.


Anna Clark (Truven Health Analytics/IBM Watson Health) joins Medecision as SVP/chief revenue officer.


Greg Chittim (Arcadia Healthcare Solutions) joins Health Advances as VP/healthcare IT practice leader. 

Announcements and Implementations


Ability Network adds physician scheduling to its ShiftHound workforce management product.

Novant Health (NC) and Carolinas HealthCare System (NC) begin exchanging patient information via an HIE.

Government and Politics


An HHS/ONC bulletin warns of the most recent ransomware threat and provides recommended actions for affected sites.


CMS halts its planned release of Medicare Advantage of claims data at the last minute, cancelling a conference presentation at which it was to have been unveiled. CMS blames unresolved issues with the quality of the information, which immediately raises questions: (a) if CMS is using the information to pay providers, why isn’t it good enough for research purposes?, and (b) given lack of commitment to an updated release date, will the data ever see the light of day? 

The Senate considers legislation that would ban the Department of Defense from doing business with antivirus software firm Kaspersky Lab, citing intelligence agency concerns about the company’s close ties to the Kremlin. 


This headline and the threat it references say a lot.

Privacy and Security

image image

Heritage Valley Health System (PA) has brought its hospitals back online following its ransomware attack Tuesday, although its community locations remain closed. Princeton Community Hospital (WV) says it will “rebuild its computer network from scratch” following its Tuesday infection and it remains on diversion. 


An interesting analysis of the Petya malware concludes that it’s not technically ransomware since it has no ability to actually recover the drives it encrypts even if the victim pays. The author says Petya is instead a nation-state authored “wiper” that is intended to destroy systems, disguised as ransomware to influence media reports. The intended target may have been institutions in the Ukraine, with the malware’s global spread possibly being unintended. That would make Russia the obvious suspect.

In a bizarre incident highlighted by DataBreaches.net, a federal judge chastises California’s attorney general for harassing movie site IMDb.com, the subject of a California law that requires the site to remove the factual age of celebrities who want that information hidden. The Screen Actors Guild backed the law – now blocked by injunction — by saying it would reduce Hollywood age discrimination.



A BCBS analysis of insurance claims finds that opioid addiction diagnoses have increased 500 percent in the past seven years. Twenty-one percent of patients whose claims were reviewed filled at least one opioid prescription in 2015, while the study also found that short-term, high-dose therapy increases the chance of addiction by 40 times compared to lower doses. 

In Kenya, three men are charged with stealing the body of a four-year-old from a hospital morgue, apparently with the intention of burying it. The hospital wouldn’t release the body because his family hadn’t paid his bill.

image image

I love dogs, but this is as ridiculous as people scamming airlines into providing free main-cabin rides for their “emotional support animals.” A woman brags on Twitter that she snuck her grandmother’s dog into the hospital to see her, swaddling it to look like a baby. A fellow smuggler voiced support in providing a photo of the dog he brought in (or rode in) as a visitor. Apparently many folks believe that rules apply to them only when convenient.

Sponsor Updates

  • IDC Health Insights recognizes NTT Data as a Top 25 Enterprise.
  • Reaction Data publishes an industry brief on the Lexmark/Hyland acquisition.
  • Optimum Healthcare IT posts a video of the recent presentation of Dan Critchley, CEO of managed services, at UK eHealth Week.
  • ECG Management Consultants releases a new white paper, “ASCs at a Tipping Point: The New Reality of Surgical Services for Health Systems.”
  • Glytec publishes a new case study, “With Glytec, Hospital Moves to Basal-Bolus Insulin, Saves $9.7 Million.”
  • Imprivata will exhibit at the Patient Safety Congress July 4-5 in Manchester, England.
  • Twenty-seven Influence Health customers upgrade to its new Web CMS.

Blog Posts


Mr. H, Lorre, Jenn, Dr. Jayne, Lt. Dan.
More news: HIStalk Practice, HIStalk Connect.
Get HIStalk updates. Send news or rumors.
Contact us.


HIStalk Featured Sponsors


Currently there are "5 comments" on this Article:

  1. As someone who volunteers doing animal-assisted therapy at hospitals, nursing homes, and children’s rehabilitation clinics, I find the “sneaking a dog in” scam abhorrent. Therapy animals and their owners go through extensive training and testing, are covered by liability insurance, and have strict requirements on vaccines, grooming, behavior, etc. Bringing an animal in who isn’t trained or part of a program opens up a plethora of potential problems for both the owner and the facility.

  2. RE: Gordon Gecko

    It would be great for KLAS to share the Cerner numbers from their most recent market share report in the format that Gordon describes to counter Gordon’s claims as opposed to sharing a text description which can only provide part of the picture.

  3. I don’t have the data details, but Cerner was also something like tied for 7th in new hospitals outside the US market in the most recent KLAS. Seems like they’ve moved from their growth phase to a feeding-at-trough phase… Soarian trough, DoD trough, and now VA trough.

Founding Sponsors


Platinum Sponsors


















































Gold Sponsors













Reader Comments

  • Chuck: With Baylor going Epic, are there any systems left running Allscripts? How much longer can they survive the duopoly?...
  • Jim Beall: Re: COVID 19 news. FWIW the Florida DOH website DOES report daily deaths, although they don't report hospitalization nu...
  • JT: CMS continues to blast out information like nothing else is going on in the world. Can you spell TONE DEAF????...
  • Buckydoc: Any insight into why Castell went with Arcadia rather than Cerner's Healteintent, Intermountain's population health plat...
  • Pay to play: Can we all agree that HCI and Santa Rosa paying a firm to inflate their KLAS numbers is just taking it one step further ...

Sponsor Quick Links