UCSF pays $1.14 million to ransomware hackers to regain access to servers in its medical school.
BBC gained real-time access to the price negotiations between UCSF and the customer service website (!!) of the hackers, which was used to negotiate the final payment amount.
The UCSF negotiator told the hacker that the university had been financially devastated by COVID-19 and offered $780,000 instead of the demanded $3 million, finally settling on $1.14 million.
From TheRona: “Re: KLAS. Santa Rosa Consulting and The HCI Group have their scores temporarily suspended pending a ‘data integrity review.’ What’s the scoop?” I reached out to KLAS and received a statement from Adam Gale that I’ll summarize as follows. KLAS found during its routine data checks that an unnamed company was offering to boost vendor KLAS scores for a price via sample manipulation, sometimes falsely claiming to vendors to whom it was pitching that they were working in partnership with KLAS. KLAS says it immediately removed suspicious survey responses and data, also noting that few companies responded to the unnamed company’s offer.
From Buzzword Compliance Department: “Re: telehealth and telemedicine. Interested in the difference. Anyone care to elaborate?” I’ve seen unconvincing arguments that the terms mean different things, and I acknowledge the vast difference between “health” and “medicine” without the prefix, but I think usage has made the terms synonymous. It’s like EMR and EHR – we pretend to support “health” and use that term even though we really just care about the “medicine” part of delivering profitable encounters. I would say that telemedicine specifically refers to physicians practicing medicine from a location that is remote from the patient, while telehealth theoretically could involve other kinds of practitioners or non-professionals who are helping someone with health issues or even activities that don’t involve patients directly. Now let’s move on to “virtual visit” – is that video only, or does a telephone conversation, SMS message, or email exchange count? (I’m voting the latter).
HIStalk Announcements and Requests
Welcome to new HIStalk Platinum Sponsor RxRevu. The Denver-based company improves healthcare by supporting informed, consistent, and frictionless prescription decisions, partnering with the largest PBMs and payers to bring accurate insurance coverage and cost data into the prescriber’s EHR workflow. The company’s Real-Time Prescription Benefit cost transparency solution brings real-time patient- and pharmacy-specific information, such as cost, coverage restrictions, deductibles, and therapeutic alternatives. Prescription Decision Support promotes condition-appropriate prescribing and cost transparency to improve patient safety and satisfaction while reducing prior authorization work. The company is working with 2,000 health systems that use Epic or Cerner, and in the first five months of 2020, it processed coverage and cost information queries from 110,000 providers in completing 10 million transactions with PBMs. Thanks to RxRevu for supporting HIStalk.
I rarely edit or otherwise alter reader comments, but I’m reminding myself and readers of the significant exception – I don’t allow comments that accuse people by name of doing something illegal or immoral. I’ve edited or deleted a couple this week because it is not fair to allow someone who is anonymous to make unproven accusations about someone who isn’t, although sometimes the political ones fall into that gray area of “public figure” with some health IT relevance and I’ll let them slide.
Fortified Health Security hires Dave Glenn (CBI) to the newly created role of chief revenue officer.
Announcements and Implementations
New Zealand’s MercyAscot private surgical facility goes live with InterSystems TrackCare during the country’s COVID-19 lockdown, using Microsoft Teams and remote training tools to perform a virtual implementation.
Healthcare managed detection and response services vendor CI Security announces integration with Internet of Things and Internet of Medical Things security vendors Ord, Medigate, and Cylera.
AMIA changes its November 14-18 annual meeting to a virtual event.
Government and Politics
DOJ charges Miami entrepreneur Jorge Perez and several co-defendants with fraudulently billing $1.4 billion in healthcare charges from his EmpowerHMS hospitals, netting him $400 million. Jorge Perez bought or took over management of 18 struggling, tiny hospitals and promised to save them by using them to bill out-of-state lab tests at rural hospital rates. One hospital in a town of 1,800 billed $92 million in lab tests in just six months. Insurers got wise and stopped paying for the tests, causing 12 of the hospitals to file bankruptcy and eight to close. Hospital employees reported that their electricity was turned off for non-payment, they were stuck with medical bills due to unpaid insurance premiums, and one hospital had its beds repossessed while patients were in them. One of the defendants is Seth Guterman, MD, who had developed software to maximize rural hospital billing and who is president and founder of Chicago-based EHR vendor Empower Systems.
Anthony Fauci, MD tells the Senate’s HELP committee on Tuesday that he wouldn’t be surprised if the daily number of new COVID-19 infections in the US rises from 40,000 now to an eventual 100,000. He warned Sunday that the US may not reach herd immunity even if a successful vaccine is developed because so many people will probably refuse to take it.
CDC Principal Deputy Director Anne Schuchat, MD says it is no longer possible to bring COVID-19 under control in the US, with the daily record number of new infections making it impossible to control the outbreak with contact tracing and quarantine. She says the experience with coronavirus will be similar to the Spanish flu of 1918 and nothing will stop it until a vaccine is developed. Schuchat was a key CDC player in previous outbreaks of H1N1 and SARS. Meanwhile, HHS Secretary Alex Azar says the” window is closing” to use the only available tools to address COVID-19 – distancing and masks.
Morgan Stanley’s COVID-19 model says epidemic doubling time has worsened to 41 days from 46 days last week, with Texas and Florida likely to have uncontrolled spread within 10 days if they don’t take aggressive action.
Arizona reported 4,700 new cases on Monday, with the largest increase being those aged 20-44 who also make up 22% of hospitalizations. The state has re-closed bars and other businesses, prohibited gatherings of more than 50 people, and pushed back school openings until mid-August. Florida reported 6,000 new cases on Monday with a positive testing rate of 14.4%.
A Harvard-NPR analysis finds that while US testing has improved to about 600,000 per day, it would take 4.3 million tests per day, coupled with contact tracing and a focus on people in high-risk settings, to suppress the infection’s spread.
The EU opens travel to its 27 countries starting Wednesday to residents of 14 nations whose 14-day COVID-19 infection rate per 100,000 people is as good or better than the EU average. Residents of the US will not be traveling to Europe for the foreseeable future.
Texas Medical Center redesigns its ICU capacity report to reflect the ability of its hospitals to use flexible capacity, responding to concerns from Governor Greg Abbott, who said that the previously reported 100% ICU occupancy was unduly alarming people. Projected bed occupancy growth predicts a move to Phase 2 ICU capacity on Wednesday. The total number of admitted patients who tested positive for COVID-19 was stable for weeks at under 500 per day until May 30, when the number started its steep, steady climb to the current 1,500+. The state’s Phase 2 reopening started on May 18.
Researchers find an emergence of a condition they are calling Multisystem Inflammatory Syndrome in children who are hospitalized for COVID-19. Those affected have heart problems, coagulation disorders, and gastrointestinal symptoms.
Former FDA Commissioner Scott Gottlieb, MD says that rapidly increasing case numbers in high-population states like Florida, Texas, and California mean that half of the US population will have had COVID-19 by the end of the year even if the current rate doesn’t increase.
Two Texas friends got tested for COVID-19 at the same facility before spending two weeks camping with others, yielding the same result (negative) but wildly different charges – one who didn’t want to bother using his insurance paid $199 in cash, while his friend is now stuck with a $900 balance that remained from Austin Emergency Center after her insurance company negotiated down the original $6,400 charge. She then went to the local TV station, after which the facility predictably cancelled her balance due.
A Michigan college bar that was allowing patrons to ignore distancing and mask requirements is linked to 107 new cases of COVID-19. Meanwhile, UW Health says that contact tracers are finding that a high percentage of newly infected COVID-19 patients in Epic’s home county of Dane were exposed from large gatherings in bars.
Telehealth visit counts have steadily declined since their mid-April peak, dropping from 14% of all visits to less than 8% as the availability of in-person visits returned. Potential red flags in this finding are: (a) telemedicine visits were counted from scheduling software appointment types, which may not be reliable; and (b) the report counted percentage of total visits as in-person visits were increasing, which provides no insight into the change in the absolute count of telehealth visits.
- Johns Hopkins Medicine will add HCPro’s library of physician query templates to its physician query system from Artifact Health.
- The Chartis Group publishes a new white paper, “Under Attack: Five Practical Steps to Thwart Increased Cyber Threats.”
- Clinical Architecture makes available its presentation from HL7’s FHIR DevDays, “Data Quality in FHIR: Lessons from the Field.”
- Ensocare welcomes Ashley Gorham (Medical Solutions) as an account executive.
- Hyland Healthcare will use MedPower analytics and tools to manage end-user training on its enterprise information platform.
- In Australia, MercyAscot implements TrakCare patient administration and billing software from InterSystems.
- Dimensional Insight will sponsor the St. Jude Walk/Run Boston on September 26.
- Health Data Movers hires recruiters Brett Kimes (Oxford Healthcare IT) and Durc Strand (Pivot Point Consulting).
- Healthcare Supply Chain: PAR vs. Perpetual Inventory Systems (Impact Advisors)
- How to Prepare for Epic Optimization and Upgrades (314e)
- The Essential Resource Guide to Hospital-Enabled Virtual Care – Part 2 of 5 (Access)
- Simple Efficiency Strategies & Tools that Allow You to See More Patients (AdvancedMD)
- Lessons Learned for Locating Displaced Individuals Following Hurricanes (Audacious Inquiry)
- COVID-19 Financial Recovery Guide: Leveraging Patient Financial Clearance (Bluetree)
- Maximize Top-Line Revenue with Care Automation (Bright.md)
- Creating better healthcare experiences for transgender and gender-nonconforming patients (Nordic)
- Digesting the Data: CMS COVID-19 Nursing Home Numbers (CarePort Health)
- The COVID Factor: What Health System CIOs Are Saying About Their IT Priorities Now (CereCore)
- How to Keep Care – and Hospital Revenue – Going During a Pandemic (Central Logic)
- 3 Indicators to Monitor for Business Email Compromise (BEC) (CI Security)
- COVID-19 and the New Normal for Health Plans (Collective Medical)
- Diameter Health Technology’s Impact on HEDIS Reporting, by the Numbers (Diameter Health)
- The Value of Data in COVID-19 Contact Tracing (Dimensional Insight)
- How Advocare Put Healow TeleVisits to Work (EClinicalWorks)