Home » Weekender » Currently Reading:

Weekender 1/31/20

January 31, 2020 Weekender 2 Comments


Weekly News Recap

  • Allscripts will pay $145 million to settle federal allegations that EHR vendor Practice Fusion, which it acquired two years ago, accepted $1 million in opioid prescribing kickbacks and falsified its ONC EHR certification.
  • Imprivata acquires mobile device access management technology vendor GroundControl Solutions.
  • HHS Secretary Alex Azar and CMS Administrator Seema Vema vow that profit-protecting “bad actors” won’t waylay HHS’s propose interoperability rules.
  • The private equity owner of wearables-powered employee wellness vendor VirginPulse reportedly is preparing to sell the company for up to $2 billion.
  • imaging and radiology workflow systems vendor Intelerad sells a majority stake in the company to an investment fund manager.
  • A Health Affairs blog post describes the funding and operational challenges of the Indian Health Service in maintaining and eventually replacing its obsolete, VistA-based RPMS enterprise and EHR system as the VA moves to Cerner.
  • Epic makes a rare public statement in explaining that its opposition to HHS’s proposed interoperability rules involve the potential of app vendors to misuse patient data and for patient family information to be inadvertently shared without the permission of those individuals.
  • Evive acquires WiserTogether.

Best Reader Comments

Healthcare data breaches since 2014 have exposed over 200,000,000 records. There are indications that there are far more health systems with Google-Ascension type of agreements than have been publicly acknowledged. The top five private DNA testing companies have the complete genome of 29 million customers with no restriction on how that data may be used or sold, and their follow-on survey questions only add more information on personal lifestyle and family history. So, what is the chance that we’re discussing whether or not to lock the barn door when a walk around the barn reveals the back wall is already gone? (BillyM)

Patients have some limited recourse with breaches, and healthcare organizations have legal requirements to attempt to prevent them. Patients have zero recourse if an app sells their data per the terms of service. People sue hospitals all the time for privacy breaches. Good luck suing an app after approving the click-through agreement. (Elizabeth H. H. Holmes)

Most care delivered to the under-65 crowd is episodic. The only people who need to consistently monitor and interact with their data are over 65 or the caregivers of the over 65. Demand for tech solutions is less among that crowd. Consumer apps in healthcare are really really hard. Most are ad supported, which means they increase utilization (more eyeballs, more ads.) (BankeMeLater)

What did happen on the financial side was fairly open access to data by consumers, who could send it to whatever financial app they wanted. Sure there were some issues, but the world didn’t end. Maybe it’s time to make the same leap of faith with healthcare data. (Bob Smith)

A huge wildcard in the plans for the proposed HHS rule is Google v. Oracle. If the Supreme Court upholds the Circuit Court’s ruling, EHRs will have to live a in a regulatory landscape where both of the following are true: (a) their APIs are protected by copyright and they are within their rights to restrict their use and charge fees for such use; and (b) their APIs must also be exposed and offered for free. If the SC upholds the ruling, EHRs will immediately sue arguing that the proposed rule is illegal (and they would be correct). (Elizabeth H. H. Holmes)

HS seems to think that clumsily opening the floodgates will be some kind of cure-all. “If we expose all of the data, it will solve all of our problems”. Sure, go ahead and pretend like Carequality, CommonWell, and CareEverywhere have done nothing for the industry. And go ahead and blame the EHRs, when it’s almost always the IT departments at healthcare organizations that are the gatekeepers. EHR vendors and hospital organizations are bringing up valid privacy concerns, and HHS and others continue to talk past them and make appeals to patient rights to access their data. (Elizabeth H. H. Holmes)

The advertising business model does not work in healthcare. Most developed countries have some sort of ban on medical advertising. The Practice Fusion story is one reason why. Most consumer software is driven by an advertising business model. Facebook, Google search, Android, Gmail, MyFitnessPal, recipe apps, etc. HHS is opening up medical data to these advertising companies. (Goodluck)

Why should Epic and its customers be held responsible under HIPAA for any breach — as an example, to Mychart — but if an app developer who has access to that same data experiences a breach, they are not held to the same standards? The federal government needs to update the HIPAA regulations to ensure that anyone who has access to PHI is held equally accountable for maintaining the privacy and security of that data. (Nael Hafez)

Watercooler Talk Tidbits


The vacated 116,000-square-foot Palo Alto, CA building that served as headquarters for disgraced blood testing company Theranos (and the backdrop for related TV documentaries) has ironically been taken over by the medical school of Stanford, which owns the land in its Stanford Research Park. Theranos was paying $1 million per month in rent. The office from which Holmes led her fraudulent empire still has its bulletproof glass. It has a chemistry lab, which should probably be checked out by experts before using.


Several amusing cardiologists create the Kardashian Index (K-index) in observing the perceived prevalence of fame-hungry cardiologists who lead Twitter chats about their work and medical conferences that appoint questionably accomplished but prolific Twitterati as social media ambassadors. The authors find that the issue is overblown — only 238 of 1,500 cardiologists who practice at the country’s top 100 cardiology hospitals have Twitter accounts, leading the authors to conclude that “tooting your own horn does not necessarily equate with more impactful work.”

Content moderators for Facebook and YouTube are being required by contracted by their employer Accenture to acknowledge that they may experience PTSD from reviewing disturbing content posted by their fellow humans.

An impressively large aggregation of dimwits has decided that “coronavirus” must be associated with Corona beer, leading to a huge spike in Google searches for “Corona beer virus.” That’s pretty funny until you realize that they reproduce, spread their wisdom on social media, and vote.


Super Bowl Sunday brings forth a rash of “avocado hand,” in which unskilled, distracted, and possibly inebriated knife-wielders attempt to turn the stubbornly peeled and pitted fruit (technically, it’s a berry) into guacamole, plowing through 162 million pounds of avocado and quite a few tendons in a single day. Researchers estimate that 50,000 avocado-related knife injuries occurred from 1998 through 2017. Pro tip: the pre-made Walmart guacamole, especially the spicy version, is darned good, has a long shelf life, and may end up costing less than buying avocados yourself, at least when they aren’t on sale.


While you’re sitting in a hospital ED on Sunday waiting to have your avocado-knife tendon injury repaired, watch the Super Bowl for Kansas City Chiefs right guard Laurent Duvernay-Tardif, who signed a $42 million contract extension in 2017 and shortly after graduated from Montreal’s McGill University with an MD and Masters in Surgery after being drafted by the NFL in his third year. He spoke only French but missed the deadline to apply for French-speaking medical schools, so he had to learn English at McGill, one of three English-taught schools in Quebec. He wants to go into emergency medicine, but his career and the limited number of McGill residency spots have placed that plan on hold. The NFL won’t let him include “M.D.” after his name on his jersey.

In Case You Missed It

Get Involved



HIStalk Featured Sponsors


Currently there are "2 comments" on this Article:

  1. ” what is the chance that we’re discussing whether or not to lock the barn door when a walk around the barn reveals the back wall is already gone?”

    Better analogy, a bully was punching me for the past several years, according to him accidentally. I’d like him to stop punching me in the future, and at very least, I don’t want him to be legally allowed to punch me. Just because he has punched me in the past, doesn’t mean I wouldn’t like the punching to stop. There is new medical data generated daily, not to mention new patients being added daily. I’m sure that’s worth protecting so don’t give in to this fallacy that it’s all over.

  2. “What did happen on the financial side was fairly open access to data by consumers, who could send it to whatever financial app they wanted. Sure there were some issues, but the world didn’t end. Maybe it’s time to make the same leap of faith with healthcare data. ”

    Thanks to the current state of affairs I have to monitor my credit from 3 major companies. I have to put in holds (thanks only to their incompetence and laissez-faire attitude towards security now it’s free and online) on all 3, and plan to put in removals whenever I’m doing something that will result in a credit check. Good luck trying to fix mistakes in your credit history btw (luckily haven’t had to deal with that). I don’t like the current state of affairs, especially since I didn’t opt into it. But I would really hate that 3 number to become 300,000. This oligopoly wasn’t mandated by any government legislation, and there is nothing to ensure something similar would happen with the health data. We only have 3 because the financial institutions limited it to that and it was also pretty difficult to do when that system came into being. Not that I would like 3 companies having all my (and that of everyone else) health data either, but I would hate the impending free for all even more. There is however very little to limit ones ability to write an app and start hoovering health data and selling it to the highest bidder or whatever reason they see fit. Not that easy to blackmail with financial data btw (unless you have something illegal or are running for office), but it’s pretty easy to do that with medical data. I would expect forms of “send me nudes or money or I let everyone know about your STDs” to skyrocket. Hard to do with “I see you’ve missed a car payment 3 years ago, what’s it worth to you to stay private?”

Text Ads

Recent Comments

  1. 100% agree about the remote employees - particularly in health care. If you think you can 100% work from home…

  2. Re: NEJM Article "The Solution Shop and the Production Line..." I totally agree that there can be a bias towards…

  3. In the NEJM piece that you pointed out, I wonder how you see the impacts of hospital-employed physicians, use of…

  4. You asked, "Readers, what is your experience with Oracle as a vendor?" Oracle is notorious for charging a LOT of…

  5. This quote from your article is just hilariously and provably wrong. "At the cost of millions to billions of dollars…


Founding Sponsors


Platinum Sponsors

























































Gold Sponsors











Sponsor Quick Links