Home » News » Currently Reading:

News 1/20/21

January 19, 2021 News 3 Comments

Top News


The co-founder of The COVID Tracking Project outlines the success of HHS’s fast switchover last summer from the CDC’s National Health Safety Network hospital reporting database to the TeleTracking-developed HHS Protect.

The article in The Atlantic urges the new administration to continue using the HHS system instead of switching back to NHSN.

Many observers assumed that the government made the change to marginalize CDC and to make its COVID-19 response appear to be more effective, but the author says The Covid Tracking Project’s investigation found no evidence of “cooking the books.”

Some points:

  • CDC approved the reporting change, contrary to media reports saying its scientists were blindsided by the White House.
  • NHSN is an old system that was jury-rigged to collect COVID-19 hospital data. Leidos maintains the system under a $60 million contract. Adding urgently needed data collection fields was taking weeks.
  • HHS Protect’s data was all over the place at first, as hospitals worked to make the switch. Its reports now match those that states submit and have eliminated NHSN’s odd data swings and unexplained variability.
  • By the end of 2020, 96% of hospitals were reporting their data to the new system every day.
  • The system has been enhanced to include metadata, staff shortage details, and hospital-level capacity data to show where health systems are overwhelmed.
  • The COVID Tracking Project concludes that the system has “enormous potential to be the federal numbers we’ve always wanted” and urges the new administration to keep using it.


The leader of the development team was health IT veteran Amy Gleason of the White House’s inter-agency United States Digital Service, which was created by the Obama administration to bring private industry technologists into government. She is credited with making the system production-worthy and fixing data issues. She has previously worked for CareSync, Allscripts, MediNotes, Bond Technologies, and Misys Healthcare.

Reader Comments


From Bone Spur: “Re: podcast. My list of good and bad ones. ” As a hardcore radio and TV channel-flipper, I don’t have the attention span to spend 15 minutes listening to what I could read in 15 seconds (or abandon in five). Maybe I would feel differently for something funny or dramatic where getting to the point isn’t the primary objective, but not news, opinion, or freeform yakking. My perception is that industry leaders who are busy holding jobs of responsibility — the folks I might find interesting enough to listen to — mostly aren’t screwing around doing podcasts and YouTube videos. Industry podcasts remind me of “King of Comedy,” the Scorsese-De Niro cult film that I watched the other night in which aspiring comedian Rupert Pupkin wows an imaginary TV audience from a talk show set that he built in his mother’s basement. Still, I figure that Katie the Intern might need more video production on her journalism resume, so I’ve suggested that she do some video interviews. Plus Pupkin actually did become a star in the movie’s darkly predictive ending, so you never know.


January 28 (Thursday) 12:30 ET: “In Conversation: Advancing Women Leaders in Health IT.” Sponsor: Intelligent Medical Objects. Presenters: Tabitha Lieberman, SVP of clinical and revenue cycle applications, Providence St. Joseph Health; Ann Barnes, CEO, IMO; Deanna Towne, MBA, CIO, CORHIO; Amanda Heidemann, MD, CMIO, CMIO Services, LLC. IMO CEO Ann Barnes brings together a panel of female health executives for a results-oriented discussion on how managers and C-suite executives can address diversity and inclusion in their organizations. From STEM education to mentoring and networking, the “COVID effect” on women in the workplace, to matters of equity, there’s no better time to talk openly about these issues to help generate meaningful change in healthcare.

Previous webinars are on our YouTube channel. Contact Lorre to present your own.

Acquisitions, Funding, Business, and Stock


Philips will acquire medical device integration vendor Capsule Technologies for $635 million in cash.


Accountable care organization operator Aledade, which was co-founded by former National Coordinator Farzad Mostashari, MD in 2014, raises $100 million in funding round that increases its total to $294 million and values the company at over $2 billion.


Conversa Health, which offers a virtual care and triage platform, expands its Series B funding round to $20 million


Newfire Global Partners will launch an office in Kuala Lumpur, Malaysia next month that will provide around-the-clock technical operations to clients in healthcare and other critical industries.


  • The State of Pennsylvania selects Aunt Bertha to help it build a statewide resource and referral portal for healthcare and social services.
  • Yale New Haven Health System (CT) will work with Gozio Health to develop an app with wayfinding, patient portal, and virtual care features.
  • Behavioral health provider Springstone (KY) will use VisiQuate’s RCM software and consulting services.



GetWellNetwork promotes Nikia Bergan to president.


John Ward (Atos North America Healthcare) joins Divurgent as CFO.


Karen Marhefka (Impact Advisors) joins RWJBarnabas Health and Rutgers Health as deputy CIO and VP of IT for their combined medical group in New Jersey.

image image

CI Security promotes Kristoffer Turner to VP of security operations for its Critical Insight Security Operations Centers, and hires Steve Sedlock (EPSi) as chief revenue officer.


Christine Boyle, who held marketing executive roles in Oncology Analytics, Get-to-Market Health, Caradigm, Microsoft, and Sentillion, died of cancer on January 9. She was 50.

Announcements and Implementations

University of Arkansas for Medical Sciences regional campuses implement Epic.

UnitedHealthcare launches a virtual primary care service for employers powered by Amwell. The payer had attempted before COVID to offer telemedicine services through its network of primary care practices, but found physician uptake slow due to reimbursement issues.


East Orange General Hospital (NJ) rolls out bedside tablets from PadInMotion for patient education, entertainment, and care team messaging.

Government and Politics

ONC will invest $20 million in projects related to helping communities share vaccine-related data, and supporting immunization-related collaborations between HIEs.


A reader who is a nationally recognized provider-side HIPAA expert (I’m leaving them anonymous) called out a recent court decision about MD Anderson, which they say will change how entities look at HIPAA breaches, enforcement, and penalties. Here’s the summary:

  • An appeals court last week vacated MD Anderson’s $4.3 million HHS OCR civil money penalty that was imposed in 2017 following three lost device incidents in 2012 and 2013. The unencrypted mobile devices contained the information of 35,000 patients.
  • The court ruled that the penalty was “arbitrary, capricious, and contrary to law” in questioning how HHS OCR interprets HIPAA violations and sets penalty amounts.
  • The ruling noted that MD Anderson had provided IronKey technology to encrypt PHI on mobile devices and the training to use it, but employees had not enabled it on the lost laptop and two USB drives. The court said that HIPAA requires only that covered entities “implement a mechanism to encrypt,” also noting that the health system’s IT user agreement requires employees to enable the provided encryption.
  • The court also questioned whether information has been “disclosed” to an outside entity, as HIPAA defines, when it is stolen or lost. It said, “It defies reason to say an entity affirmatively acts to disclose information when someone steals it” and that the word “information” means that someone has been “informed” by it, which hasn’t been proven just because devices can’t be located.
  • The court’s conclusion, which HHS could contest, is that losing unprotected PHI is not disclosure and likely isn’t an enforceable action under HIPAA.


Monday’s US COVID numbers: 123,848 hospitalized, 1,393 deaths, as the numbers trend sharply down but with potential underreporting due to the MLK holiday. It’s just a short break in any case, experts warn, as the more contagious B117 coronavirus variant spreads. The US crossed the 400,000 death mark Tuesday and the incoming CDC director predicts 500,000 by mid-February.

CDC hasn’t updated its vaccination numbers since Friday morning. Meanwhile, Florida reports that 45,000 people are already overdue for their second shot.

Lumeon announces GA of its COVID-19 Vaccination Campaign Management software featuring automated patient outreach, self-scheduling, and surveys.

Sponsor Updates

  • In Australia, InterSystems TrakCare and Launceston General Hospital become the first to support the new ISBT 128 blood labeling standard with a digital interface to the National Blood Authority’s BloodNet online ordering and inventory management system.
  • CNBC’s Squawk Box features Change Healthcare and the Vaccination Credential Initiative.
  • The Chartis Group promotes Brian Spendley to principal in its strategy and private equity advisory practices.
  • Clinical Architecture releases a new Informonster Podcast, “CommonWell Health Alliance and the Mission to Bring People and Data Together.”

Blog Posts


Mr. H, Lorre, Jenn, Dr. Jayne.
Get HIStalk updates.
Send news or rumors.
Contact us.


HIStalk Featured Sponsors


Currently there are "3 comments" on this Article:

  1. The concept that that would not be considered a breach is mind boggling. I fully support the capriciousness but it shouldn’t be allowed to be pushed down to the staff level. In 2017 we all knew that we had to dictate it from an IT organization.

  2. I’ve been arguing with my health law friends that HHS and the conservative compliance lawyer mindset were wrong viewing HIPAA violations a some form of strict liability.

    I feel vindicated for now since I think the Fifth Circuit got this correct.

    1. The technical requirements are met by simply not being negligent. You have implemented encryption? you make reasonable efforts to encrypt the data? Good enough. Perfection isn’t required. Doing more isn’t required.

    2. Disclosure is an affirmative action, not merely just loss. It’s active. It’s participative. This construction fits nicely inside the framework. It also addresses the risk of loss to nation-state actors or those who are intent on stealing data. That’s not a punishable “disclosure” that’s a theft.

    3. And I realize that HHS updated its penalty guidance, but this makes it very clear: outside some intentional acts, the penalties aren’t business-ending penalties.

    Yay for reasonableness of courts.

Founding Sponsors


Platinum Sponsors






















































Gold Sponsors












Reader Comments

  • PM Consultant: Insightful piece Dr. Jayne. I read this WaPo piece as well. I took my company to 100% remote 7 years ago. We are loca...
  • IANAL: I don’t claim any special insight but it does feel like there is a lot of combined insurer-health tech-healthcare prov...
  • Smartfood99: Zoom meetings have their place but I'm pretty confident over time people and organizations are going to almost completel...
  • Mr. HIStalk: Thanks. Maybe I should research which of the startup-type insurers are touting their technology along with (or instead o...
  • IANAL: I think traditional healthcare not paying attention to the insurance health tech industry is a bit short sighted. Those ...

Sponsor Quick Links