Monday, September 26, 2016

You Cannot Worry About Health Care Reform When You Must Bow Down to a Tyrant

We started Health Care Renewal to highlight major health care problems whose discussion had previously been nearly taboo, with the hopes that this discussion would lead to true health care reform.  These problems included concentration of power within health care organizations; leadership of such organizations that was often generic, and hence ill-informed, unsympathetic or hostile to the values of health care professionals, self-interested, conflicted, or outright criminal or corrupt; and threats to the scientific basis of health care, including manipulation and suppression of clinical research.

We have come a long way in our understanding of these issues since we began in 2004.  But until now, we never needed to discuss some fundamental assumptions underlying what we were doing.  In particular, we could only pursue such discussions within societies that, however imperfectly, respected individual rights, particularly the rights to free speech, free press, free expression, and free association; operated under the rule of law; and were representative democracies.

People who live in anarchy, in societies torn by civil conflicts, or under dictatorships have much more pressing concerns that the niceties of improving health care.  So we knew that while our discussions might well have some relevance to many countries outside of the US, they were not going to be relevant everywhere.

Now maybe we should not feel assured that these discussions will continue to be useful in the US.  So far, reported only in a few outlets has been a crucial interview that appeared in a trailer for the Public Broadcasting System (PBS) documentary Frontline episode that will air tomorrow (September 27, 2016) on the two candidates running for the US presidency.   

At about 3 minutes into this trailer, Ms Omarosa Manigault, who was on the original Apprentice, and who is now Director of African-American Outreach for the Trump campaign, is heard to say:

Every critic, every detractor will have to bow down to President Trump.

As reported in a brief story from the Huffington Post, she followed that up with:

It’s everyone who’s ever doubted Donald, who ever disagreed, who ever challenged him. It is the ultimate revenge to become the most powerful man in the universe.

These statements were also covered briefly by Talking Points Memo, and a number of entertainment sites, but has gotten almost no coverage and generated almost no discussion from larger general media outlets.

There was a brief story on MSNBC by Rachel Maddow who called the interview with Ms Manigault "creepy."    

As far as I can tell, this statement has not been retracted or repudiated by Ms Manigault or the Trump campaign.

This story is more than creepy.  Here is an apparently senior, paid staffer for the campaign of a major party candidate for the US presidency threatening that anyone who disagreed with her candidate will have to "bow down" should he become president.  That seems to be an overt threat of dictatorship should that candidate win.  I do not recall ever hearing any such statement made by any such staffer in any such campaign in the past. 

As I noted above, niceties of health or any other policy discussion would be pointless, and probably extremely hazardous to one's health under a totalitarian regime that expects all critics to bow down, presumably under threat of force.

Those who care about true health care reform, and many other important causes, should be aware of this threat, and act accordingly. 

Saturday, September 24, 2016

Someone wasn't listening to me at my 2012 Keynote to the Health Informatics Society of Australia

In late July 2012 I gave an invited keynote presentation to the Health Informatics Society of Australia (HISA) at the annual Health Informatics Conference (HIC 2012), that year in Sydney.

I wrote up my presentation at and my slide deck is online at

My message included the following:

  • Critical thinking is essential at all times in healthcare ... or your patient's dead.
  • Critical thinking is not mindless criticism; on the contrary, it is reflective, inquisitive, logical thinking that is focused on deciding what to believe or do.
  • Health IT must be trusted by users and patients [and be free of major downsides] - as a primary step before HIT can optimally benefit healthcare 
  • I pointed out I am not suggesting anything new and that, in fact, I am suggesting something old:  "First, do no harm."
  • I pointed out the "revolutions" usually have downsides, and IT always produces winners...and losers (per the empirical research of Social Informatics). 

I also asked if health IT was being done well...

I provided links to various evidence that it was not, such as the National Research Council 2009 report on health IT; AMIA's report on its workshop on healthcare IT failure, the 2012 U.S. IOM report on safety, the 2012 U.S. NIST report on usability, work by Australian Professor Jon Patrick of U. Sydney on health IT defects, and other sources as aggregated at this link.

It seems the following organization in Cairns was either absent or not listening, and this debacle is the result.

Just about every point I raised in 2012 was violated or ignored.  The story speaks for itself, and I have nothing further to say about it other than this type of scenario is unfortunately still occurring worldwide.


CAIRNS Hospital’s Digital Hospital program was deemed defective within two weeks of being rolled out with health staff saying it resulted in “significant adverse impacts” upon patient safety and care.

Daniel Bateman
The Cairns Post
September 22, 2016 7:03pm

The controversial eHealth software program, which went live earlier this year, has been blamed for putting the Cairns and Hinterland Hospital and Health Service on the path towards its $80 million budget blowout.

The hospital’s board resigned as a result of the gaping deficit on Monday and an administrator is expected to be appointed today.

Results from a staff survey about Digital Hospital leaked to the Cairns Post says the program did not “meet stakeholders’ needs for an intuitive, user-friendly system that supported the provision of personalised patient care at the bedside”.

The report also identifies specimen order and collection workflow as a result of the new system as being “convoluted and time consuming, with significant adverse impacts on patient safety and care.”

Cairns Hospital board resigns

The lack of system testing has been identified by stakeholders as the root cause of continual defects after Digital Hospital went live and the report says there has not been adequate support staff to help with problems.

Senior clinicians raised alarm bells about Digital Hospital earlier this year, warning if the problems were not fixed, it would become a major headache for the health service.

Last Friday hospital board chairwoman Carolyn Eagle described Digital Hospital as a “financial challenge” for the health service.

However, the service’s chief executive Clare Douglas said yesterday the program did not contribute to the 2015/16 budget deficit, nor was it a major contributor to the projected budget deficit for the 2016/17 financial year.

“Queensland Health has committed to the establishment of a digital health system and Cairns Hospital is an important part of that system,” she said.

“We are working to improve and embed the system as part of business as usual.”

She said there were benefits of the program, including visibility and ease of access to patient information.


That's akin to saying there are benefits to train wrecks.  Yes, it gets the tracks and signals fixed.  But....

The myth of cybernetic magic is a devilish one, and must be expunged from healthcare if this technology is ever to meet even a fraction of the promises made about it for decades.

-- SS

Addendum:  it seems American EHR company Cerner was involved here:

-- SS

Tuesday, September 20, 2016

Cancer is just a software platform problem: Microsoft will 'solve' cancer within 10 years by 'reprogramming' diseased cells

A short post.

Hand a computer scientist a computer and some genetic data, and the world then becomes a deterministic, binary place:

Microsoft will 'solve' cancer within 10 years by 'reprogramming' diseased cells
Sept. 20, 2016
Sarah Knapton, Telegraph science editor

Microsoft has vowed to “solve the problem of cancer” within a decade by using ground-breaking computer science to crack the code of diseased cells so they can be reprogrammed back to a healthy state.

Chris Bishop, laboratory director at Microsoft Research, said: “I think it’s a very natural thing for Microsoft to be looking at because we have tremendous expertise in computer science and what is going on in cancer is a computational problem.

"What is going on in cancer is a computational problem" sounds like a form of cybernetic scientism ( in this sense:

Scientism ... is a term that is used, often pejoratively, to denote a border-crossing violation in which the theories and methods of one (scientific) discipline are inappropriately applied to another (scientific or non-scientific) discipline and its domain. 

We are only scratching the surface in genomics, and to state it is merely a "computational problem" as if biology worked like a deterministic, binary digital computer is, in my mind, wishful thinking.

It would be great if genetics were just one big Intel Core I7 that one could program in binary assembly language after decoding its instruction set, but I have doubts it's that simple.

-- SS

9/21/16  Addendum

Medicinal chemist/scientist Derek Lowe has written the "long version" of this at

Hat tip to commenter Bruce Grant.

-- SS

Wednesday, September 14, 2016

Pharmaceutical Company Leaders Pretend to Advocate for the Public Interest - But Maybe it's All "For the Love of Money"

In this political season, the US public is confronted with a blizzard of protestations from candidates who claim to want to serve their interests.  We ought to be used to this, because leaders of big health care organizations have been protesting for years about how they are always in it for the public and the patients' health.  Yet as we have repeatedly discuss, such leaders often manage in ways that subvert their own mission.

Recently, there were two striking examples of pharmaceutical leadership saying they were all about the public interest, despite evidence to the contrary.

It's All About the Children Says Insys Therapeutics, or Perhaps the Market Share

In the Intercept, Lee Fang reported the touching concern of the executives at Insys Therapeutics for America's children.
On August 31, Insys Therapeutics Inc. donated $500,000 to Arizonans for Responsible Drug Policy, becoming the single largest donor to the group leading the charge to defeat a ballot measure in Arizona to legalize marijuana.

The drug company, which currently markets a fast-acting version of the deadly painkiller fentanyl, assured local news reporters that they had the public interest in mind when making the hefty donation. A spokesperson told the Arizona Republic that Insys opposes the legalization measure, Prop. 205, 'because it fails to protect the safety of Arizona’s citizens, and particularly its children.'

However, it turns out the company admitted it had other compelling reasons to want to fight the legalization of marijuana.

Investor filings examined by The Intercept confirm the obvious.

Insys is currently developing a product called the Dronabinol Oral Solution, a drug that uses a synthetic version of tetrahydrocannabinol (THC) to alleviate chemotherapy-caused nausea and vomiting. In an early filing related to the dronabinol drug, assessing market concerns and competition, Insys filed a disclosure statement with the Securities and Exchange Commission stating plainly that legal marijuana is a direct threat to their product line:
Legalization of marijuana or non-synthetic cannabinoids in the United States could significantly limit the commercial success of any dronabinol product candidate. … If marijuana or non-synthetic cannabinoids were legalized in the United States, the market for dronabinol product sales would likely be significantly reduced and our ability to generate revenue and our business prospects would be materially adversely affected.
Insys explains in the filing that dronabinol is 'one of a limited number of FDA-approved synthetic cannabinoids in the United States' and 'therefore in the United States, dronabinol products do not have to compete with natural cannabis or non-synthetic cannabinoids.'

The company concedes that scientific literature has argued the benefits of marijuana over synthetic dronabinol, and that support for marijuana legalization is growing. In the company’s latest 10-K filing with the SEC, in a section outlining competitive threats, Insys warns that several states 'have already enacted laws legalizing medicinal and recreational marijuana.'

Insys insists on its web-site
We are an innovative organization with a focus on providing therapeutic solutions helping to improve the lives of patients. 

Our commitment to better patient care is measured not only by our focus on bringing innovative technologies to patients and physicians, but also by the importance we place on making an impact within the communities where we work and live.

But it really more seems to be all about market share, which drives the revenue, which drives the executive compensation (which was $3,862,000 for outgoing CEO Michael L Babich in 2015, per the 2016 proxy statement). 

Pfizer CEO Advocates for the Public Who Do Not Support National Health Insurance, or Maybe They Do

Bloomberg reported that Ian Read, the CEO of Pfizer, "America's biggest drugmaker," said
that Democratic presidential nominee Hillary Clinton’s proposals to contain the price of pharmaceuticals would be 'very negative' for the industry and are a step toward single-payer health care.

Pfizer CEO Ian Read criticized Clinton’s plan, which she released earlier this month, at an investor conference hosted by Wells Fargo in Boston. Clinton’s prescription drug policy would give the government a broad role in overseeing drug prices, including a board to monitor sharp cost increases, and would specifically target price hikes on older medicines.

It is pretty obvious why the CEO of Pfizer would not like any policy that might reduce the prices of his products.   However, Mr Read in addition stated that

'The Clinton approach to health care drives you to a one-payer system, and drives you to rationing, drives you to a place where most consumers don’t want to be,' Read said. “In its totality it would be very negative for innovation.”

One might be suprised that Mr Read, who received $17,987,962 in total compensation in 2015 (per the 2016 proxy statement), would be in touch with what most consumers want.  But maye he was just following the strategic imperative described in the 2016 proxy statement:

Earn greater respect

Earn society’s respect by generating breakthrough therapies, improving access, expanding the dialogue on healthcare and acting as a responsible corporate citizen.

However, it appears that Mr Read did not know what the public really wants.

There is at least some systematic evidence to the contrary, that the US public generally supports single-payer government health insurance, aka national health insurance.  A Gallup poll this year found 58% support for a federally funded health system (look here).  A 2013 survey of people visiting emergency departments in safety-net hospitals in in Massachusets, which has had a longer experience with an "Obamacare" like system than most of the US, showed that 72% would prefer national health insurance. (Saluja S et al. Support for National Health Insurance Seven Years Into Massachusetts Healthcare Reform: Views of Populations Targeted by the Reform. Int J Health Serv 2016; 46: 185-200. Link here.)  For more discussion, see this.

So was Mr Read's insistence that he did not like the Clinton policy on the pharmaceutical industry because he was advocating for the public who did not want national health insurance?  Or was it all about the Benjamins?


Unfortunately, the US, and perhaps other western countries are beset by rising distrust of increasingly powerful elites.  It seems that this may be in response to those elites grabbing an ever increasing share of the nations' wealth.  More unfortunately, this distrust may lead to support of outsider politicians who claim to be on the side of the people, and who may have quick, but often very dirty solutions.  Before grabbing at such easy fixes, or applauding figurative men on white horses, perhaps we need to focus more attention on the leaders who should have inspired mistrust in the first place.

Health care leaders often inspire trust, since they frequently claim to be in it for patients' and the public's health.  We have frequently shown, however, that they may instead do what is best for their personal interests, even if that is hostile to their ostensible health care mission.

Now we have just two more quick, and also dirty examples of leaders, this time of pharmaceutical companies, pledging their support of the public while managing to so what is best for their corporate bottom lines (and presumably thus their personal compensation).

As we have said far too many times - without much impact so far, unfortunately - true health care reform would put in place leadership that understands the health care context, upholds health care professionals' values, and puts patients' and the public's health ahead of extraneous, particularly short-term financial concerns. We need health care governance that holds health care leaders accountable, and ensures their transparency, integrity and honesty.

For our musical interlude, here is "For the Love of Money," by the O'Jays, as used in the introductory sequence for the "reality show," The Celebrity Apprentice, hosted by, well, you know...

Thursday, September 08, 2016

Oh So Quietly, Evidence of Bad Health Care Corporate Leadership Accumulates - Three AstraZeneca Settlements

While the news media is distracted by seemingly more spectacular issues, we hear the steady drip, drip, drip of legal cases suggesting just how systemically bad the leadership of big health care organizations is.  From February 2015 to now, for example, there have been three cases involving multinational pharmaceutical giant AstraZeneca.

Settlement of Allegations of Kickbacks to Give AZ Drugs Preferred Status in Formularies

First, in February 2015, reported in most detail by Ed Silverman in the Wall Street Journal,

AstraZeneca has agreed to pay the federal government $7.9 million to settle allegations the drug maker paid kickbacks to a large pharmacy benefits manager to ensure that its blockbuster Nexium heartburn medication was given the best status on formularies, which are the list of drugs that received preferred coverage.

In exchange for maintaining 'sole and exclusive' status, AstraZeneca allegedly provided discounts to Medco Health Services, which was bought by Express Scripts, on other drugs, such as Prilosec, another heartburn medication and Toprol, a blood pressure drug.

As is usual in such cases, the government allowed the drug company to make the settlement without ever admitting any wrongdoing (and of course begging the question of why the company was willing to pay if it did no wrong):

An AstraZeneca spokeswoman sends us a note to say the drug maker denies the allegations. 'It is in the best interest of the company to resolve these matters and to move forward with our business of discovering and developing important, life-changing medicines, while avoiding the delay, uncertainty and expense of protracted litigation,' she writes us.

Furthermore, as detailed in the US Department of Justice announcement, the settlement was not made by AstraZeneca proper,which is based in the UK, but by a US subsidiary, perhaps allowing some plausible deniability by the leadership of the parent corporation.

AstraZeneca LP, a pharmaceutical manufacturer based in Delaware, has agreed to pay the government $7.9 million to settle allegations that it engaged in a kickback scheme in violation of the False Claims Act, the Justice Department announced today. AstraZeneca markets and sells pharmaceutical products in the United States,...

Also, inexplicably, the settlement did not address a previous corporate integrity agreement made by the very same AstraZeneca subsidiary, begging another question of what the point of these agreements might be. (Note that such agreements were once touted by former US Attorney, current New Jersey governor, and crony of Donald J Trump as the cutting edge way to deal with bad corporate behavior, look here.)

The former execs also alleged that, by entering into this arrangement with Medco, AstraZeneca violated a corporate integrity agreement that was signed in connection with a 2003 settlement to resolve civil and criminal charges for illegally promoting a cancer medicine. However, the statement from the U.S. Department of Justice does not mention any violation.

Finally, as is also usual in such settlements, no manager of AstraZeneca who might have enabled, authorized, or directed the bad behavior, or whose pay may have increased due to the revenue increase created by this behavior, had to suffer any negative consequences.

Note, however, that this settlement involved allegations of bribery to encourage excess use of AZ products. By giving such products preferred status on formularies, health care professionals would likely have been encouraged to use them preferentially, even though for some patients, other treatments might have been more effective or safer. Thus the alleged actions would have potentially disturbed the integrity of medical care.

Settlement of Allegations of Financially Cheating the US Medicaid Program

This settlement, in July, 2015, involved allegations of financial misbehavior.  As again reported by Ed Silverman in the Wall Street Journal,

Two big drug makers have settled allegations they underpaid rebates owed under the Medicaid prescription drug programs. In one case, AstraZenecareed to pay $46.5 million to the U.S. government and two dozen states,...

The AstraZeneca products involved "included the Crestor cholesterol pill and the Seroquel antipsychotic." Again, the company was allowed to make the settlement without admitting it actually did anything that merited the government action.

An AstraZeneca spokesman writes us that the drug maker 'makes no concessions or admissions of fault in the settlement agreement and its price reporting decisions were undertaken in good faith. We continue to believe that those decisions reflect a reasonable interpretation of the applicable laws and regulations.'

Again, why they were willing to pay so much if they did nothing wrong was unclear.

Once again, no AZ executive who might have enabled, authorized, or directed the scheme in question apparently had to pay any penalty.

Settlement of Allegations of Bribing Foreign Health Care Providers

Finally, again according to the redoubtable Ed Silverman now writing for Stat in August, 2016,

AstraZeneca agreed to pay $5.5 million to settle charges of violating the Foreign Corrupt Practices Act, making it the latest global drug maker to face such accusations as part of a long-running probe by US authorities into companies that paid bribes in order to boost sales of their medicines.

In this instance, the company had been accused of making improper payments to health care providers in Russia and China, according to a cease-and-desist order released Tuesday by the US Securities and Exchange Commission.

Here are some details about the allegations:

The feds charged that AstraZeneca sales and marketing staff, along with 'multiple levels' of company managers at the subsidiaries, 'designed and authorized several schemes' to convey gifts, conference expenses, travel, and cash, among other things, in order to influence purchases of AstraZeneca drugs.

At various times, AstraZeneca sales staff in China sales submitted — and managers approved — fake tax receipts for fraudulent reimbursements to generate cash that was used to bribe health care providers. The employees also established bank accounts in the names of some doctors names as part of their scheme, the SEC alleged.

Like the allegations in the February, 2015, settlement, these were of frank kickbacks or bribes designed to promote the use of AZ products even for patients who might have had better outcomes were they to have been treated in some other way. Despite the possibility that these actions thus harmed patients, yet again, AstraZeneca escaped without having to admit anyone at the company did anything wrong.

An AstraZeneca spokeswoman wrote us that the company is 'pleased to have resolution of these matters. The SEC has acknowledged our cooperation during the entire course of the inquiry, and the US Department of Justice has closed its investigation. … We began enhancing our compliance program prior to the start of the investigation. Strong ethics and acting with integrity are central to AstraZeneca’s code of conduct, which is reinforced through ongoing training and monitoring.'

If "strong ethics and acting with integrity" are so important to the company, one wonders why on earth they are faced with so many allegations about unethical actions that appear to violate the integrity of health care?

Of course, again, no individual who might have enabled, authorized, or directed any kickbacks or bribes felt even the lash of a wet noodle.


AstraZeneca is one of the largest multinational pharmaceutical companies.  According to Google Finance, in 2015 its total revenue exceeded $24 billion.  In 2015, according to the Times (UK), its CEO, Pascal Soriot, received £8.4 million. One might think that thus entrusted by millions of patients around the world to make safe and efffective products, the company would be held to a higher standard.  Yet not only did the company make these three settlements, two of which involved allegations of bribery to promote its drugs even to patients who might have been harmed by these results, but it has a record of previous bad behavior.

In particular, AstraZeneca paid a comparatively large settlement ($520 million) in 2010 to resolve allegations that the company gave kickbacks, and manipulated and suppressed evidence from clinical research to promote the use of its anti-psychotic Seroquel (look here).  The company allegedly covered up information about the adverse effects of its drug, which likely led to its over-prescription for patients who were ultimately harmed by these effects.  Other apparent misbehavior by the company can be seen here.  Despite this track record, the latest round of settlements only provided for financial penalties on the company that were chump change compared to its revenues, and still failed to provide any disincentive to company managers whose bonuses may have been fueled by the revenues generated by bad behavior.

The Transparency International definition of corruption is "abuse of entrusted power for private gain."  Is there any doubt that for a pharmaceutical company entrusted to provide safe and effective drugs,  repeatedly giving kickbacks and using deception to promote its products is an abuse of power?  Is there any doubt that some of the multi-million dollar (or pounds Sterling) compensation of the top executives of companies alleged to use kickbacks and deception might be private gain produced by these actions?  

Here is more evidence of how corrupt the US (and global) health care system has become.  Large health care organizations repeatedly have been involved in bribery, kickbacks, fraud, and various kinds of corrupt behavior.  Yet there is no pushback.  Health care executives have effective impunity, and in fact are seen as leaders of our great capitalist societies.  With such leadership, is it any wonder that our health care system is increasingly expensive and simultaneously increasingly ineffective?  It is any wonder that our citizens, and patients, think the system is rigged against them?

 So to repeat an ending to one of my previous posts on health care corruption....  if we really want to reform health care, in the little time we may have before our health care bubble bursts, we will need to take strong action against health care corruption.  Such action will really disturb the insiders within large health care organizations who have gotten rich from their organizations' misbehavior, and thus taking such action will require some courage.  Yet such action cannot begin until we acknowledge and freely discuss the problem.  The first step against health care corruption is to be able to say or write the words, health care corruption.

Wednesday, August 31, 2016

Health Care Renewal Bloggers to Teach Short Course on Why Physicians Do Not Make Rational, Evidence-Based Decisions

Health Care Renewal bloggers Dr Roy Poses and Dr Wally Smith will be teaching a short course on Sunday, October 23, 2016, at the annual North American meeting of the Society for Medical Decision Making, in Vancouver, British Columbia, Canada. The course title will be "Why Do Physicians Not Make Rational, Evidence-Based Decisions, and What Might Help?"

We will emphasize many topics relevant to Health Care Renewal.  These will include:

- physician level factors that affect decision making, emphasizing the influence of extraneous values (values that should not be taken into account by physicians when making decisions as an agent for patients), such as perverse incentives, particularly conflicts of interest;

- problems with the evidence on which evidence-based decisions ostensibly ought to be based, including manipulation and suppression of clinical research studies, which may happen when research is sponsored by organizations with vested interests in having the research show particular results; and

- problems with ostensibly evidence-based clinical practice guidelines which are often taken to be the "gold-standard" for rational evidence-based decision making, especially the role of vested interests in constructing these guidelines.

We hope to see some of our Health Care Renewal readers there.  

Thursday, August 25, 2016

Haunted by US Healthcare Inc - $27.9 Million/Year Aetna CEO Threatened Obamacare Pullback in Apparent Retaliation for Government Anti-Trust Litigation

We do not write about health insurance and managed care as much as we used to.  Dysfunction in this area now gets much media attention.  US Physicians frequently complain that bureaucratic impediments imposed on them by health insurance and the government  are major causes of health care dysfunction. 

However, managed care was at the sharp edge of the movement to change the focus of health care from individual patients cared for by individual professionals and at local hospitals, to an (unregulated) business dominated by huge corporate entities.  The wedge with that sharp edge has now driven very deep.  So it may be instructive to look at what is going on now.

The Proposed Aetna-Humana Merger

In 2015, the big news in the US health insurance sphere were big mergers.  One example was the proposed merger between Aetna and Humana.  An Aetna press release trumpeted that the

Combined Entity ... [would] Drive Consumer-Focused, High-Value Health Care

That it would have the

Ability to Lead Effort to Transform Health Care Delivery to a More Consumer-Focused Marketplace

And that it will

Improve Affordability, Quality and Convenience for Consumers

What could possibly go wrong?

Up to now, mergers that created ever bigger drug/ device/ biotechnology companies, hospital systems, and health insurance companies got little US government opposition.  After all, the fashion among health care managers and health policy experts as been to extoll all the efficiences and advantages large organizations could provide, usually absent much evidence in support of this contention. (See, for example, the press release above, and see what we have written about concentration of power.)

The Government Wakes Up to the Anti-Trust Issue

But this time, the government eventually indicated it might push back.  In July, 2016, as reported by the NY Times,

United States Attorney General Loretta E. Lynch announced that the government had filed lawsuits to block the deals, between Aetna and Humana and Anthem and Cigna.

The proposed mergers, she said, 'would leave much of the multitrillion-dollar health insurance industry in the hands of three mammoth insurance companies.'

'If these mergers were to take place, the competition among insurers that has pushed them to provide lower premiums, higher-quality care and better benefits would be eliminated,' she said.

The companies responded by vowing, in varying degrees, to fight the government’s challenge. Aetna, which had hoped to gain an advantage by being the first to reach a deal, aggressively defended its proposed merger, which it contended was different from the larger Anthem-Cigna deal that followed.

'I like my chances in front of a judge,' Mark T. Bertolini, chief executive of Aetna, said in an interview.

 Parenthetically, I wonder what evidence she had that previous competition had led to "lower premiums, higher-quality care and better benefits" up to now, but I digress.

Aetna Suddenly Abandons ACA Exchanges

Soon after that, Aetna announced it was pulling out of the "markets" created by Obamacare, aka the Affordable Care Act (ACA), e.g., per CNBC.

Aetna is sharply cutting its participation in Obamacare exchanges for 2017.

The health insurer said it will offer individual Affordable Care Act exchange plans in just four states, down from 15 this year, in an effort to reduce its losses.

'As a strong supporter of public exchanges as a means to meet the needs of the uninsured, we regret having to make this decision,; Chairman and CEO Marc Bertolini said in a statement.

This despite the fact that

as recently as April, Aetna's Bertolini had expressed strong support for the exchanges, telling analysts that it would have cost the company more than a $1 billion to acquire the million new customers it had signed up on Obamacare exchanges.

Cut to Michael Hiltzik writing for the Los Angeles Times. As he noted,

Aetna’s announcement this week that it was pulling out of most of the states where it was serving the Obamacare individual exchanges was a head-scratcher; after all, just three months earlier, Chief Executive Mark Bertolini was calling its participation in the market 'a good investment,' despite near-term losses.

Bertolini also had tried to tamp down speculation that its withdrawal was anything like a payback for the government’s move to block its $37-billion merger with Humana. That was 'a separate conversation' from its evaluation of the exchange business, he said during an Aug. 2 conference call with Wall Street analysts.


Now evidence has emerged that Aetna was lying. The smoking gun is a July 5 letter from Bertolini to Ryan Kantor of the Justice Department, unearthed by Jonathan Cohn and Jeffrey Young of the Huffington Post via a Freedom of Information Act request. In the letter, sent before the DOJ formally announced it would sue to block the Humana deal, Bertolini explicitly ties the two issues together.

'Our analysis to date makes clear that if the deal were challenged and/or blocked we would need to take immediate actions to mitigate public exchange and ACA small group losses,' Bertolini wrote. 'Specifically, if the DOJ sues to enjoin the transaction, we will immediately take action to reduce our 2017 exchange footprint. We currently plan, as part of our strategy following the acquisition, to expand from 15 states in 2016 to 20 states in 2017. However, if we are in the midst of litigation over the Humana transaction, given the risks described above, we will not be able to expand to the five additional states.'
So to review, Aetna and Humana, already large for-profit managed care organizations/ health care insurance companies announced a merger, proclaiming it was all about better, higher value care for patients .  The government begged to differ.  Aetna suddenly announced its retreat from government backed insurance markets.  Its CEO denied that move was retaliation, but was allegedly "lying."

Why am I not surprised by Aetna's apparent untrustworthiness?

The History of US Healthcare Inc

As we just discussed, many large health care organizations are the products of mergers, acquisitions, and other kinds of financial engineering.  This makes their corporate history and culture much harder to comprehend.

In particular, let us not forget that the current Aetna is a product of the merger of US Healthcare Inc and Aetna in 1996.  Many readers may not remember much about this merger, and it may have occurred before others' time.

Promises of Wonders to Come

In short, US Healthcare Inc was one of the earliest for-proft managed care companies.  A 1996 Philadelphia Inquirer story described its origin.  It was started by Leonard Abramson, based on work done in the early 1970s. 

By the early 1970s, Abramson had shifted gears and gone to work for R.H. Medical Inc., a small but innovative hospital-management company then headquartered in Cheltenham.

Abramson held the title of vice president for corporate development. But even colleagues didn't know what that meant. `Nobody knew him,' one former R.H. Medical executive says. 'He was running some project nobody knew anything about.'

The project Abramson was running turned out to be a prototype of the health maintenance organization a prototype of the health maintenance organization: a new form of health plan that turned a la carte medicine on its head by paying doctors and hospitals set, all-inclusive fees for their services, instead of paying each and every time they treated a patient.

The idea was to change the incentives from doing more to doing only what was appropriate and kept the patient healthy, Abramson once said. In short, it was a lower-cost alternative to the inflationary fee-for-service medicine then in vogue.

Managed care has been promising lower costs for patients and society, better access, and higher quality for a long time.  Yet, there was never any good evidence that it ever really was "a low-cost alternative" for patients, and while it helped enable the decline of fee-for-service medicine, its alternative was not obviously less "inflationary."

Making the Insiders Rich

On the other hand,  US Healthcare Inc was good at extracting a large amount of money from the health care system to benefit its founder and CEO, and his family tremendously wealthy. Again per the Inquirer in 1996,

Abramson's 1993 salary of $3.52 million, based on a 40-hour week, worked out to $1,692.30 an hour. That's not including his $6.3 million in stock options.  [That would be total compensation of at least $9.82 million in 1993.]

A 1995 proxy listed Abramson's 1994 base salary at $1.8 million, plus a bonus of $1.6 million.

Forbes magazine estimated his 1994 worth at $780 million, making him No. 110 among the 400 richest people in America. He was ranked that year as the Philadelphia area's highest paid CEO of a publicly traded company.

In addition,

He's made sure his children haven't had to struggle. A proxy report showed U.S. Healthcare paid daughter Nancy Wolfson $239,999 in salary and bonuses in 1993, and her husband, Richard, who directs the pharmacy and dental operations, $270,000. Another daughter, Marcy A. Shoemaker, made $280,000.

Company shares also are held in trust for Abramson's grandchildren.
Angry Doctors and Allegations of Worse Care

While the company provided monetary advantages to its insiders, but not clearly to patients or society, I remember US Healthcare Inc from my days as a fellow and then junior faculty member in the Philadelphia area as rather a nasty player.  At the time of the 1996 merger, a Philadelphia Inquirer story about the CEO of US Healthcare Inc stated

U.S. Healthcare is considered one of the nation's toughest HMOs....

And retold

a joke making the rounds in Philadelphia-area doctors' lounges:

[US Healthcare CEO Leonard] Abramson dies and goes to heaven, where he compliments God on what a great place he has. 'Don't get too comfortable,' God advises. 'You're only approved for a three-day stay.'

The Philadelphia Inquirer separately described Mr Abramson thus:

to his detractors in the health-care industry, Abramson is anything but charitable. They view him as a ruthless, bottom-line-oriented executive who has made himself and his Blue Bell company fabulously wealthy while ratcheting down payments to hospitals and skimping on patient care.

For years, some of the most prestigious hospitals in Philadelphia refused to sign contracts with U.S. Healthcare. Those that did often complained bitterly about the hard-line negotiating style of Abramson and his colleagues, which resulted in lower reimbursement rates for the hospitals.

The story concluded,

 Abramson continues to receive heavy criticism from some in the health-care industry. These critics say his HMOs have stressed profits and shareholder value over quality patient care.
So US Healthcare Inc was one of the first important US for-profit managed care organization.  It promised lower costs for patients and society, and better health care.  While there is no evidence these promises were fulfilled, it made its top insiders very wealthy, while alienating health care professionals, many who thought it led to worse health care for their patients.

This pattern repeated when Aetna merged with US Healthcare.

The Aetna - US Healthcare Merger

 Promises of Wonders to Come

When the merger between Aetna and US Healthcare Inc was proposed, according to the Philadelphia Inquirer in 1996,

The deal would put the new company in a position 'to redefine the way in which medical care is delivered in the country,' said Aetna chairman Ronald E. Compton, who would serve as the combined firm's chief executive. 'U.S. Healthcare was the best possible partner for Aetna. . . . This is, no kidding, a once-in-a-lifetime opportunity to create a model for exceptional' health care.

Yet in retrospect there is no evidence that the merger produced "exceptional health care," at least not exceptional in terms of being exceptionally good for patients.

Making the Insiders Rich

But like the old US Healthcare Inc, Aetna did succeed in making its CEOs very wealthy.  In 2012, we noted that the first new CEO of the combined entity, Dr John Rowe, was to get an initial salary of $1 million and bonuses of $1 to $3 million to start in 2000.  And by 2010, as we posted here, according to its 2010 proxy statement, Aetna CEO Ronald A Williams' total compensation in 2009 was a mere $18,058,162. Other top executives made proportionate amounts, from more than $1 million to more than $12 million.

In 2015, as noted by the Hartford Courant,

Aetna Chairman and CEO Mark Bertolini received $27.9 million in compensation last year, according to a filing Friday with the Securities and Exchange Commission.

About $24.8 million of the package was due to gains in value on restricted stock that vested in 2015 and on stock options he was awarded 10 years ago and exercised in 2015.

The total was up from $15 million in 2014.

His compensation also included $1,034,483 in salary, $1.84 million in cash bonus, and $271,908 in perks, mostly from the cost of his using the corporate aircraft for personal use.
Angry Doctors and Allegations of Worse Care

Also, once Aetna and US Healthcare Inc merged, Aetna acquired a bad reputation among physicians.  As we wrote in 2012, by 1998, an American Medical News article documented the "rocky relations" between Aetna and physicians. By early 2000, Aetna CEO Richard Huber was known as "the managed care executive physicians love to hate," per the American Medical News. His departure was characterized by then American Medical News Street Smarts columnist Dr Scott Gottlieb, as partly due to how

Huber talked out of one side of his mouth about his company's obsessive quest for 'quality' health care -- while out of the other he was screaming at doctors, hospitals and drug firms about controlling costs. Yet Aetna's medical costs were still creeping up. As Richard Huber learned, you can't talk the talk if you don't walk the walk.
So once again, after US Healthcare merged with Aetna, the combined, larger company did not deliver on promises of lower-cost, higher-quality care, while it made its insiders very wealth, angered health care professionals, and allegedly led to poor health care.


So the story of US Healthcare Inc, and its merger with Aetna showed a repeating pattern: unfulfilled promises of wonders to come, angry health professionals complaining of bad health care, while the corporate insiders become rich.  So do we really think that the proposed Aetna Humana merger would "Drive Consumer-Focused, High-Value Health Care?"  If so, could I sell you a bridge from Brooklyn to Manhattan?

This case shows how we have turned health insurance over to large for-profit corporations, in an era of laissez faire capitalism and light touch regulation, and in an era in which managerialism enables the leadership of health care organizations by business trained people with little understanding of or sympathy for the health care calling, but who can get rich by pursuing short-term revenue, and can deploy armies of marketers and public relations specialists to obfuscate what is going on.

Why on earth should we expect by continuing in the same direction we will now actually produce lower-cost, higher-quality care?

One big problem is that many people in the US now think of commercialized health care as the norm, and cannot conceive of any alternatives.  Even our recent attempt at health care reform, the Affordable Care act, depended on the continued dominance of health insurance by for-profit corporations.

True health care reform would consider alternatives.  At least we could start with much tougher regulation of commercial health care.  For example, in his article noted above, Michael Hiltzik suggested

We’ve mentioned before that the government isn’t entirely powerless to goad big insurers like Aetna into greater participation in the ACA exchanges. Among other things, the companies make money hand over fist by serving Medicaid expansions in many states and in Medicare managed-care plans. Why not tie their access to those lucrative markets to sticking with the exchanges until they’re finally stabilized?

Bertolini implicitly tied Aetna’s participation in Obamacare to a green light from the government on the Humana merger. But two can play that game.

That would not go over well with neoliberals who believe all corporate regulation is bad.

Furthermore, mabye we should reconsider whether most, or any health insurance should be provided by for-profit corporations. The "government option" is no longer a taboo topic in conversations about "Obamacare." There are other options. Other countries rely on tightly regulated, accountable non-profit organizations to provide health insurance. Such organizations may not enrich insiders as well as big for-profit health insurance companies, but maybe for once we should think of putting patients' and the public's health ahead of these insiders' enrichment.

Thursday, August 18, 2016

The Haunting of CVS - by the Ghosts of Its, Caremark's, MedPartners' and HealthSouth's Past

In our brave new neoliberal world of commercialized health care, many US health care organizations are products of numerous mergers, acquisitions, and other excercises in financial engineering. This makes it easier to obscure these organizations' history, especially their past sins.  Yet these past sins may continue to haunt them.

The MedPartners Settlement

For example, a recent story only recounted in detail in one Alabama newspaper, the Birmingham News, focused on the settlement of a lawsuit originally filed against a company called MedPartners.

A Jefferson County judge on Monday gave final approval to a $310 million settlement of a lawsuit that claims MedPartners, a health care company once led by former HealthSouth CEO Richard Scrushy, lied to more than 20,000 stockholders about how much the company could pay them under the settlement of a 1990s lawsuit.

The new settlement is one of the largest fraud recoveries in Alabama legal history, according to a statement from Hare, Wynn, Newell & Newton, LLP, one of the law firms that represented investors.

The opening of the story harkened back to one of the more notorious cases of health care corruption, that of HealthSouth and Richard Scrushy:

The original fraud allegations from the 1990s stemmed from a proposed deal by former MedPartners CEO Larry House for competitor PhyCor Inc. to pay $7 billion to buyout MedPartners. The deal, billed at the time as the biggest deal in Alabama history, fell through after PhyCor found questions about MedPartner's practices and bookkeeping.

House had been chief operating officer of HealthSouth at one point before taking over as CEO of MedPartners.

Scrushy, who had also been involved in MedPartner's founding while leading HealthSouth, for a time served on the MedPartner's board and later as its interim CEO.

HealthSouth is a chain of rehabilitation hospitals.  Its former CEO, Mr Scrushy, was acquited of federal fraud charges, but was eventually convicted in a state court of bribery, conspiracy, and mail fraud in 2006 (look here).   HealthSouth settled allegations of fraud and violating securities laws in 2006, and is still in operation, claiming to be the largest chain of US rehabilitation hospitals (look here).

Yet while HealthSouth has been haunted by its prior settlement and Mr Scrushy's conviction, this new story should primarily haunt another huge health care corporation, CVS Caremark.

MedPartners Became Caremark, Merged Into CVS Caremark

Back to the Birmingham News 2016 article,

The lawsuit against CVS Caremark Corp., the company that ended up owning the former MedPartners, is a class-action litigation in which investors claim they lost $3.2 billion in a 1990s securities fraud.

Twenty one lawsuits were filed by investors in 1998 against MedPartners. Those lawsuits claimed MedPartners made false and misleading statements to the public about its financial condition and prospects at the time.

The lawsuits were combined and settled for $56 million after MedPartners claimed it was teetering on the edge of bankruptcy and that $50 million was all its insurance would cover.

However, five years later investor John Lauriello, one of the original plaintiffs, filed a new lawsuit claiming MedPartners lied about having limited insurance coverage during the settlement negotiations. The lawsuit claims that in October 1998, prior to the original settlement being finalized, MedPartners paid for unlimited insurance coverage.

If the unlimited insurance coverage had been known at the time, Lauriello's suit claims, investors could have negotiated a higher settlement amount. Sam Johnson and the City of Birmingham Retirement and Relief System later became the named plaintiffs.

MedPartners changed its name in 2000 to Caremark and in 2007 merged with CVS.

CVS will be on the hook for good part of the current settlement's financial liability.

Under the terms of the settlement insurance company AIG will pay $230 million and CVS will pay $80 million.

CVS Health Denies the Meaning of its History

As is typical of most legal actions against big health care organizations, no individual who presided over, authorized, directed or implemented the bad behavior will apparently suffer any negative consequences.  And current CVS management said in effect, "it's not me."

In the settlement CVS denies it has any liability for the claims asserted against them and believes it has good defenses to those claims. But the company agreed to enter into the agreement 'to eliminate the burdens, distractions, expense, and uncertainty of further litigation and thereby to put this controversy to rest fully and finally by obtaining complete dismissal with prejudice of the Class Action,' according to the settlement.

In particular,

CVS issued a statement when the preliminary settlement was approved by Ballard.

'This relates to a 1999 settlement of a securities class action by MedPartners, the former parent company of Caremark and is not related in any way to the business practices of CVS Health, which was formed from the merger between CVS and Caremark in 2007,' according to the statement from Mike DeAngelis , Senior Director, Corporate Communications CVS Health.

'The company denies that its predecessor entity engaged in any wrongdoing and denies any liability in the action,' DeAngelis wrote. 'A settlement was reached in order to eliminate the burdens, expenses and uncertainty of continued litigation. We are pleased that the settlement agreement has been preliminarily approved by the court and we look forward to putting this matter behind us.' 

Let us briefly regard the logic, or lack thereof, in this public relations pronouncement.

In fact, in 1996, MedPartners, which was a small for-profit corporation that owned physician practices, and was hence on the cutting edge of the movement to bring the corporate physicians to main street, bought Caremark (per the Wall Street Journal).  In 1999, after divesting itself of the physician practices, MedPartners changed its name to CareMark Rx (see this news release.)  The merger of CVS and Caremark was announced in 2006 (per the NY Times).

Yet Mr DeAngelis asserted first that MedPartners was merely "the former parent company of Caremark" [italics added].  The use of the word "former" in that sentence seems to be pure obfuscation.  MedPartners became Caremark.  Then, Caremark and CVS merged to become CVS Caremark.

So Mr DeAngelis' assertion that the modern CVS Health business practices are "not related in any way" to MedPartners cannot even can be dignified as a logical fallacy.  It seems just flat out untrue, somewhat ironic given that the original charges against MedPartners, now a renamed piece of CVS Health, is that it "lied" about its insurance coverage.

Furthermore, I see no suggestion that the current CVS Caremark has specifically changed so as to provide assurance that the events that led to the current settlement could not occur again.  No manager at MedPartners (became Caremark, merged into CVS Caremark) who enabled, authorized, or directed the alleged deception of the shareholders was identified, or suffered any negative consequences.  There has been no obvious change in management processes that would prevent something similar from happening again.  So how did the company put "this matter behind" it?

Despite current management's attempts to deny that the settlement they just made has anything to do with their current company, I suspect the case may continue to haunt them, just like many other cases are haunting them. 

The Haunting of CVS Caremark

Just this week, according to the Charleston (WV) Gazette-Mail, CVS Caremark was one of three companies that settled allegations by the state that it shortchanged the state's Medicaid program.

And Caremark, CVS Caremark, and CVS Health have had a truly extensive record of other settlements since 2005.  Those that we have discussed on this blog, or that were in my files, are below.


- Caremark settled allegations that its AdvancePCS subsidiary took kickbacks from drug companies to give the companies favorable treatment in federal employee health programs (per the Philadelphia Inquirer, here.)  

CVS, CVS Caremark, CVS Health

- Rhode Island state legislator John A Celona pleaded guilty of fraud and sale of his honest services for taking money from CVS to advocate for legislation on the company's behalf (see post here).  (Note that two CVS executives were indicted for the bribery of Celona, but acquited by a jury, per USAToday.) 

- Rhode Island state legislator and former House Majority leader Gerard M Martineau pleaded guilty of sale of his honest services for taking money from CVS again to advocate for legislation on the company's behalf (see post here).  

- CVS Caremark settled charged by the state of Illinois of deceptive business practices (per the Chicago Tribune, here.)

- CVS Caremark settled charges by the US Federal Trade Commission (FTC) for false advertising (per the FTC, here.)  

-  CVS settled allegations made by the state of Massachusetts that it overcharged public entitites for drugs (see post here).
-  CVS settles allegations for violating the US Controlled Substances Acts in its stores in California, and Nevada (see post here).

- CVS Caremark settled allegations made in three whistleblower lawsuits that it defrauded three state pension plans, including that of California (see post here).

- CVS Caremark settled allegations made by the US Federal Trade Comission (FTC) that it deceived elderly patients about drug prices (see post here).

- CVS Caremark settled allegations made by the US Department of Justice that it violated the US Controlled Substances Act in Oklahoma (per the Wall Street Journal, here).
- CVS Caremark division settled allegations in multiple states that it failed to properly reimburse Medicaid programs (per the WSJ, here.)

-  CVS Health settled charged by Massachusetts public pension funds that it concealed its revenue loss (per Reuters, here.)


So CVS Health is another example of a huge modern health care company, formed out of mergers, acquisitions, and other examples of financial engineering, that should truly be regarded as haunted by the ghosts of its past sins.  Yet this history remains ghostly, and its clammy touch on present events is barely perceived.  None of the earlier settlements seemed to influence how the later settlements were made.  No judge refused a given settlement because of the company's history of past alleged misbehavior.  No company manager ever suffered any negative consequences of these settlements.  Thus they enjoyed impunity.

Hardly anyone remembers that what was once called MedPartners is now an integral part of CVS Caremark, much less that MedPartners was once a partial creature of HealthSouth and Richard Scrushy. 

So once more, with feeling....

Nearly every big US health care corporation now seems to now have a long history of bad behavior, sometimes criminal behavior, that has not stopped the revenues from flowing, and the top managers from becoming millionaires, or billionaires.  Is it any wonder that a few years ago, nearly a majority of US respondents to a Transparency International poll declared our health care system to tbe corrupt (look here)?

Their dark musings may be partially due to their awareness that health care corruption is a taboo topic.  As we wrote about it in 2016 (look here)...

 Essentially, there is so much money to be made through pharmaceutical (and by implication, other health care corruption) that the corrupt have the money, power, and resources to protect their wealth accumulation by keeping it obscure.  In the Transparency International 2016 Report on health care corruption in the pharmaceutical industry,
However, strong control over key processes combined with huge resources and big profits to be made make the pharmaceutical industry particularly vulnerable to corruption. Pharmaceutical companies have the opportunity to use their influence and resources to exploit weak governance structures and divert policy and institutions away from public health objectives and towards their own profit maximising interests.

Keep in mind that the money made from corruption does not just go to innocent peoples' retirement funds that are invested in pharmaceutical stocks.  It predominantly goes to top corporate executives and managers, and their cronies who preside over the corrupt practices.

I might as well repeat myself once again.  As I wrote in 2015,

If we are not willing to even talk about health care corruption, how will we ever challenge it? 

So to repeat an ending to one of my previous posts on health care corruption....  if we really want to reform health care, in the little time we may have before our health care bubble bursts, we will need to take strong action against health care corruption.  Such action will really disturb the insiders within large health care organizations who have gotten rich from their organizations' misbehavior, and thus taking such action will require some courage.  Yet such action cannot begin until we acknowledge and freely discuss the problem.  The first step against health care corruption is to be able to say or write the words, health care corruption.

If only we knew who you gonna call...

Tuesday, August 16, 2016

Yes, the OS and filesystems on our EHR servers were hacked and our data encrypted for ransom, but "no medical information was looked at or compromised"

On this blog I have an entire series of posts regarding EHR crashes that point out an absurd-on-its-face and, in fact, insulting boilerplate executive response to the EHR unavailability:

"BUT patient care has not been compromised." 

The posts can be accessed via the query link

It seems I may need another, related indexing term when EHRs get hacked and ransomware is inserted:

"BUT no information was looked at or compromised."

I've seen this in various incarnations several times now. 

For instance, see my Feb. 18, 2016 post "Hollywood Presbyterian Medical Center: Negligent hospital IT leaders allow hacker invasion that cripples EHRs, disrupts clinicians ... but patient safety and confidentiality not compromised" at and my March 29, 2016 post "Bad health IT at Medstar Health: FBI probing virus behind outage" at

This type of statement suggests that thieves who are able to gain access at highly granular levels of a server's filesystem and OS in order to encrypt the contents and insert the ransomware are "honest thieves" who would not look at the PHI for purposes of identity theft, or even sadistically alter data for purposes of causing harm.  In other words, it's the executives reassuring the populace that the thieves have honor.

The latest example:

Novato firm remains silent about ransomware attack on patient records
Richard Halstead, Marin Independent Journal
Officials at a Novato [California,,_California - ed.] company that provides medical billing and electronic medical records services to many Marin physicians aren’t talking about a ransomware attack on their system this month that left doctors unable to access patient records for more than 10 days.

Ten days without charts is unprecedented in the paper world, except perhaps after a major physical catastrophe.

Clearly, the refrain "BUT patient care has not been compromised" would be absurd under such conditions.

Lynn Mitchell, CEO of Marin Medical Practice Concepts, issued a terse email on Aug. 4 confirming that her company had paid a ransom to regain access to its data. She wrote, “To date, there is no evidence that any patient information was accessed, transferred or otherwise compromised.”

Honest thieves were involved.

Since then, Mitchell has declined to comment on how many patient medical records were involved, how Marin Medical determined that the records weren’t compromised and whether the company reported the security breach to law enforcement or — as required by law — the state Attorney General’s Office and U.S. Department of Health and Human Services.

“We have nothing further to add at this time,” Mitchell said in an email Thursday.

Not specifying how such a determination was made significantly decreases the credibility of an already non-credible assertion, in my view.

Joe Cohen, an information technology consultant based in Greenbrae, said, “They claim no information was looked at or compromised. I don’t believe it.”

Cohen, whose personal data is in Marin Medical’s system, said he is worried that whoever encrypted the company’s files may have copied the data before demanding the ransom.

That's a best-case scenario, considering the possibility of deliberate or accidental alteration or corruption.

Typically in such ransomware attacks, a sophisticated computer virus finds its way into a victim’s system when an unsuspecting employee opens an email attachment. The virus encrypts the system’s data and attackers essentially hold the data hostage until the owners of the information pay a ransom, typically in an untraceable digital currency such as Bitcoin.

"Finds its way into a victim's system" is a rather mild way of saying "invades a victim's system due to inadequate security precautions."

Carl Chapman, operations manager of the Northern California Computer Crimes Task Force and an inspector in the Marin County District Attorney’s Office, said Marin Medical did not report the extortion to his task force.

“Typically, people don’t report them because I think it is well known throughout information technology departments that we are unable to unlock the information,” Chapman said.

... In 2012, the state began requiring businesses and government agencies to notify the attorney general on breaches affecting more than 500 Californians. The law applies to any business or agency whose unencrypted personal information was acquired, or reasonably believed to have been acquired.

I'd say it's more likely that organizations that don't report such crimes want to keep their victimhood due to negligence out of the public spotlight.

According to a report issued by the Attorney General’s Office in February, in the past four years the attorney general has received reports on 657 data breaches affecting a total of more than 49 million records of Californians. ... health care, which accounted for 16 percent of breaches, is starting to see an increase in hacking breaches as the sector transitions to electronic medical records. ... the “most vulnerable information in health care was medical information, such as patient records, and Social Security numbers.”

That level of incidents leads me to state the following:

  • Lack of EHR interoperability, so often complained about, is actually a good thing in 2016, as it may limit the scope of individual breaches of EHR security; and
  • The utopian dream of a national health information network connecting the entire country's EHR systems is a very, very bad idea in 2016 and should be postponed.  Reality is a harsh master, and the risks are clearly great in 2016 due to the immaturity of computer security.

More on ransomware:

Gordon [Amy Gordon, a partner in the Chicago law firm of McDermott Will & Emery LLP] said in addition to encrypting data, ransomware may also transfer information to a remote location.

“In this day and age, people’s personal information is valuable,” Gordon said, “so unfortunately some of these hackers may be selling this information in addition to getting the ransom from the hacked entity.”

The thieves are already taking a significant risk, and smart thieves would certainly be expected to maximize their haul..

In February, Hollywood Presbyterian Medical Center in Los Angeles paid a ransom of $17,000 in the hard-to-trace digital currency Bitcoin in order to regain access to its data.

Then in March four more organizations fell victim: MedStar Health, which operates 10 hospitals throughout the District of Columbia and Maryland; Chino Valley Medical Center in Chino and Desert Valley Hospital in Victorville, California; and Methodist Hospital in Louisville, Kentucky.

The first two incidents are covered in the aforementioned posts.

John Hall, who operates Sausalito Networking, a small system integration firm, said, “If someone hits a hospital they can usually get a lot of money because the hospital needs to get the darn patient data.”

Indeed, making them among the most pliable of victims.

Hall said several of his clients — a small construction company, a tax advisory firm and a medical facility — have been hit by ransomware attacks recently. He said he is advising all of his clients to install special anti-ransomware software.

Bret Lowry is the founder of Florida-based WinPatrol, which produces the anti-ransomware software that Hall recommends.

“This year ransomware attacks have just exploded,” Lowry said, “because organized crime has gotten involved and is using it to make money.”

That is not surprising to me.   Further evidence the "ready, aim, fire" push to national health IT by our government and IT industry with little consideration to risk, now in a stage of coercive penalties for non-users, once again has been proven to have been reckless.  As examples of the government and industry leaders downplaying risk:

March 6, 2013
On EHR's: See No Evil, Hear No Evil, Speak No Evil: Part 1

March 8, 2013
On EHR's: See No Evil, Hear No Evil, Speak No Evil: Part 2

In the first post I noted this:
... The head of CCHIT, Mark Leavitt, has penned the following at iHealthBeat: 

June 19, 2009 - Perspectives 

Health IT Under ARRA: It's Not the Money, It's the Message

by Mark Leavitt 

... Before ARRA, most surveys concluded that cost was the No. 1 barrier to EHR adoption. But as soon as it appeared that the cost barrier might finally be overcome, individuals with a deeper-seated "anti-EHR" bent emerged. Their numbers are small, but their shocking claims -- that EHRs kill people, that massive privacy violations are taking placethat shady conspiracies are operating -- make stimulating copy for the media. Those experienced with EHRs might laugh these stories off, but risk-averse newcomers to health IT, both health care providers and policymakers are easily affected by fear mongering.

Fear mongering.  Right.

In the second I noted this:

... Blumenthal, at the time Director of ONC at HHS had reportedly stated that:

... [Blumenthal's] department is confident that its mission remains unchanged in trying to push all healthcare establishments to adopt EMRs as a standard practice. "The [ONC] committee [investigating FDA reports of HIT endangement] said that nothing it had found would give them any pause that a policy of introducing EMR's [rapidly and on a national scale - ed.] could impede patient safety," he said.

The "nothing" includes 44 injuries voluntarily reported to FDA and 6 reported deaths in an enviroment where few know where to report such things and where no reporting requirements exist, and a statement from the head of CDRH at FDA that due to systematic impediments to accurate knowledge the known figures likely are a small fraction ("tip if the iceberg") of the actual occurrence.


Chapman said, “In the cases we’ve investigated, all of the leads go to Eastern European countries for which we don’t have the ability to do any further investigation. I’m not aware of any federal agencies that are specifically working on ransomware.”

In other words, the hackers cannot be identified nor brought to justice.

Under these conditions, continued pushes for interoperability and mass networking of multiple EHR's is simply reckless.  The proper caution calls for a slowdown in those efforts until security issues are under reasonable control.  However, the past decade has shown that "caution" seems an abstract concept to our government and industry with respect to the health IT sector.


"BUT no information was looked at or compromised"
is a phrase that also needs to be backed up by robust proof, because it rings as hollow as, or perhaps more hollow than "BUT patient care has not been compromised." 

-- SS

Monday, August 15, 2016

Stanford authors: Evolutionary Pressures on the Electronic Health Record - "Deimplementing the EHR could actively enhance care in many clinical scenarios"

A brief post.  In this new JAMA article by Stanford authors:

Evolutionary Pressures on the Electronic Health Record 
Donna M. Zulman, MD, MS1,2; Nigam H. Shah, MBBS, PhD3; Abraham Verghese, MD4

I note the passage:

... Deimplementing the EHR could actively enhance care in many clinical scenarios. Simply listening to the history and carefully examining the patient who presents with a focused concern is an important means of avoiding diagnostic error.7 Many phenotypic observations (the outline of a cigarette packet in a shirt pocket, or spotting neurofibroma, fasciculation, or rash) change the diagnostic algorithm and are easy to miss when work revolves around the computer and not the patient.

I predict pushback against such a bold and contrarian "de-implementation" assertion (contrarian to the hyper-enthusiast and industry narratives, that is).

The authors continue:

There is building resentment against the shackles of the present EHR; every additional click inflicts a nick on physicians’ morale. Current records miss opportunities to harness available data and predictive analytics to individualize treatment. Meanwhile, sophisticated advances in technology are going untapped. Better medical record systems are needed that are dissociated from billing, intuitive and helpful, and allow physicians to be fully present with their patients.
I also wrote the primary author with a link to an alternate solution to de-implementation that can "allow physicians to be fully present with their patients", namely, my Aug. 9, 2016 post "More on uncoupling clinicians from EHR clerical oppression" at
-- SS