Home » News » Currently Reading:

Monday Morning Update 7/29/24

July 28, 2024 News 5 Comments

Top News

image

The US State Department indicts an alleged North Korean government-backed hacker who it says was behind ransomware attacks on hospitals in Florida and Kansas, healthcare firms in Arkansas and Connecticut, and a medical clinic in Colorado.

The government is offering a reward of up to $10 million for further information on Rim Jong Hyok.

Hyok is accused of leading a hacker group that works for for North Korea’s military intelligence agency. The state department says that the group generates ransomware proceeds that are used to conduct cyber operations that target the US government and defense contractors.


Reader Comments

From Board Stiff: “Re: Cerner. Judging from the mass customer defections, its board was smarter than they seemed in unloading to Oracle at an inflated price.” Cerner’s board made some awful decisions after Neal Patterson died, starting with his replacement and capitulating to an activist shareholder who held few shares. However, they may have offset all of that by selling the company to Oracle at premium valuation just as the wheels were starting to come off. It would not have been pretty to watch CERN’s share price tank as their big clients abandoned ship, and the insiders surely knew that Epic’s dominance and Cerner’s abject failure to fix its revenue cycle software problems was a big storm on its corporate horizon. The board’s fiduciary duty is to shareholders, not customers or industry pundits, and in that regard they performed magnificently. 

From Observer: “Re: Intermountain. Becky Fox is out as chief clinical information officer, per internal memo. CDIO, CHIO, and CCIO all out in the space of a month.” Unverified, but reported by a few folks. She took the position in December 2022 and previously shared time at Atrium Health with former CDIO Craig Richardville, who just left Intermountain. CHIO Diego Ize-Luwdlow, MD exited the health system last month.


HIStalk Announcements and Requests

image

Most poll respondents report no major personal impact from the CrowdStrike attack.

New poll to your right or here: Has your employer conducted a workforce reduction that you would consider significant in the past 12 months?


image

Steamy doldrums will end soon as noses reconnect with grindstones and companies get back to the serious business of selling, partnering, and acquiring. Decision-maker eyeballs are glued here, so contact Lorre to support HIStalk and gain competitive position. She loves working with startups, especially when it’s a company I’ve never heard of, which suggests they could use a booster rocket.

Another housekeeping announcement: sign up for the spam-free email notices that I send when I post something new (thus usually six skinny emails per week) and you’ll know stuff before those people who just cruise over when the mood strikes.

image

The optometrist who conducted my annual eye exam in her Target-connected practice said that my prescription would print next door at Target Optical, which apparently believes that patients who touch their printer are violating HIPAA.


Webinars

None scheduled soon. Previous webinars are on our YouTube channel. Contact Lorre to present or promote your own.


Acquisitions, Funding, Business, and Stock

Remote patient monitoring software vendor CoachCare receives a $48 million strategic growth investment.

image

Healthcare Growth Partners posts its first-half 2024 health IT market review:

  • M&A surged, with other positive notes being increased investment and the IPOs of Waystar and Tempus AI.
  • However, share price of those two IPOs is at or below the initial offering price and some of the increased M&A involved low-quality and distressed companies.
  • Transaction valuations are down 20% from pre-pandemic levels.
  • Valuations of public enterprise SaaS and health IT companies dropped 35% and 50%, respectively.
  • Recent take-private health IT transactions at a significant premium to share price suggest a disconnect between public market valuations and health IT market sentiment.
  • Health IT companies that claim AI capabilities are attracting 20% of the investment in the sector, but almost all of their output involves back-office tools that don’t improve patient care.

People

image

Sonifi Solutions names Jerome Ajot, MS (EPAM Systems) as CTO.

image

In Canada, Brightshores Health System hires Tim Pemberton, MBA (Queensway Carleton Hospital) as VP of digital health and technology, CIO, and chief privacy officer.


Announcements and Implementations

Google, the largest customer of Amazon-acquired primary care provider One Medical, will terminate its agreement with the company. Google was an early investor in One Medical and at one time made up 10% of its revenue. One Medical clinics that operate from Google’s campuses have already transitioned to Premise Health and its broader range of services, although One Medical will remain a Google in-network provider for employees who pay for their own memberships.


Privacy and Security

Philips discovers a vulnerability in its Vue PACS that could allow unauthorized users to view or modify data and install unauthorized software. Remediation involves changing network configuration until the company develops a patch.


Other

image

Cell phone providers in Australia will shut down their 3G mobile networks next month, which could take some medical devices offline. The Royal Flying Doctor Service uses 3G for telehealth, security cameras, and employee duress alarms and says that some insulin pumps and pacemakers will also need to be replaced quickly. Queensland Senator Malcolm Roberts says the shutdown will be “CrowdStrike 2.0.”


Sponsor Updates

  • Tegria will sponsor the MUSE International Southeast Community Peer Group August 1 in Albany, GA.

Blog Posts


Contacts

Mr. H, Lorre, Jenn, Dr. Jayne.
Get HIStalk updates.
Send news or rumors.
Contact us.



HIStalk Featured Sponsors

     

Currently there are "5 comments" on this Article:

  1. Printers continue to present risks for a potential breach of HIPAA under the Privacy Rule in healthcare clinics and offices. Patients and their families are far too comfortable just reaching for anything they can pick-up without considering the last printout might not be their own. After Visit Summaries, Return to Work notices and Prescriptions are just a few of the many HIPAA-covered documents that might sit unattended momentarily until picked up by a staff member. To complicate matters, the geography/layout of nursing stations and front desks sometimes makes it difficult to place them out of reach of patients. Employees who retrieve paper from a shared office printer must also be held accountable to make sure everything they’ve picked up belongs to their patient, but it is not uncommon that multiple print jobs get intermixed…even in a world of ‘follow-me’ printing where they have to badge for printouts.

    • I will generously interpret the optical department’s message as a plea for customers not to make the department liable for HIPAA violations by viewing PHI from a printer that it failed to secure.

    • “Patients and their families are far too comfortable just reaching for anything they can pick-up without considering the last printout might not be their own.”

      Its not the responsibility of patients or their families to ensure that the medical facility they are in is following basic information security protocols.

    • This is an unintended consequence of a tech shift.

      When LANs became popular, companies shifted from workstation attached printers to LAN attached printers. At that point the printers became shared and risks of security and privacy violations increased by a lot.

      I’ve seen systems that can secure those shared printers. There was one that used multiple output trays that were locked by the printer itself. I believe you unlocked the output tray by entering a passcode on the printer. There was another system that held the print job until the user entered a passcode (IOW, no printing until the user arrives at the printer).

      Quite honestly, these printer security systems don’t seem to be very popular. They add a lot of complexity to the printing process and are expensive to implement. There are more things to go wrong, and our users aren’t very inclined to accept “issues” at the document rendering phase of their workflows. Document rendering is nearly always at or near the end of a workflow. Timelines tend to be short and deadlines loom large.

      • I remember the passcode locked printers, although I’ve never seen one actually used. Most of the confidential information that I inappropriately learned in my short time working for a healthcare software company rather than hospitals — salaries, layoff plans, executive departures, strategy shifts — came because a secretary sent documents to a shared printer and then got pulled away before retrieving them, leaving their docs in the tray long enough to be tempting for the next person with a print job. I’ve heard that people used fax machines similarly since apparently some of them retained inbound/outbound scans in case a reprint was needed.

Text Ads


RECENT COMMENTS

  1. Going to ask again about HealWell - they are on an acquisition tear and seem to be very AI-focused. Has…

  2. If HIMSS incorporated as a for profit it would have had to register with a Secretary of State in Illinois.…

  3. I read about that last week and it was really one of the most evil-on-a-personal-level things I've seen in a…

Founding Sponsors


 

Platinum Sponsors


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Gold Sponsors


 

 

 

 

 

 

 

 

RSS Industry Events

  • An error has occurred, which probably means the feed is down. Try again later.

RSS Webinars

  • An error has occurred, which probably means the feed is down. Try again later.