Reacting to the proposal, privacy and security attorney Stephen Wu of the law firm Silicon Valley Law Group notes: “In the short run, anything that can help doctors improve their cybersecurity is good. However, in the long run, you don’t want doctors to be overly dependent on hospitals for their cybersecurity.”

In a statement Wednesday, the Department of Health and Human Services said its two proposed rules - one issued by the Centers for Medicare and Medicaid Services, and the other by HHS Office of Inspector General - aim to “modernize and clarify the regulations that interpret the Physician Self-Referral Law - the ‘Stark Law’ - and the Federal Anti-Kickback Statute.”

Portraying the proposals as a way to help improve patient care coordination by ensuring secure health information exchange, HHS says the two rules would “provide greater certainty for healthcare providers participating in value-based arrangements and providing coordinated care for patients. The proposals would ease the compliance burden for healthcare providers across the industry, while maintaining strong safeguards to protect patients and programs from fraud and abuse.”

The proposals are part of what HHS calls its “regulatory sprint to coordinated care,” designed to “promote value-based care by examining federal regulations that impede efforts among providers to better coordinate care for patients.”

When commercial automobiles became widely available in the early 20th century, they resembled horse-drawn wagons. Over time, countless iterations were refined to improve style, safety and accessibility.

These updates didn’t happen in a vacuum. Feedback, legislation, experimentation and market competition drove the changes. Diverse stakeholders and experiences helped evolve the vehicles that much of humanity now relies on for transportation.

Similarly, diverse voices in healthcare IT are critical to improving tools that boost outcomes and reduce disparities in a nation where more than 38 million people live in poverty — and where communities of color generally face more barriers to care. Age and gender balance in the workplace is important too. After all, the core purpose of health technology is not only to create more efficient and effective care delivery but also to help democratize it.

Phishing is popular because it works. Researchers, as part of a recent investigation published in JAMA Network Open, spent the past seven years studying the tactic, sending over 2.9 million simulated phishing attacks to employees across six different U.S. hospitals.

The results were stark: Roughly 1 in 7 of the simulated emails sent were clicked on by healthcare employees.

Leslie Corbo, assistant professor of cybersecurity for the School of Business and Justice Studies at Utica College and a co-author of the investigation, explains that there are several reasons that healthcare organizations are particularly vulnerable to this type of attack.

“Think about the way the phishing email itself is composed: A lot of times, attackers use a sense of urgency,” she says, “or the person thinks they are following an order.”

In other words, the high-stakes, high-speed, hierarchical world of medicine can push employees to react to phishing emails without pausing to fully evaluate the content and hyperlinks they contain — which should greatly disturb every leader across the healthcare industry.

Moreover, a recent Email Security Risk Assessment from Mimecast states that email impersonation attacks now account for 1 in every 350 emails in the healthcare, with 1 in 3,741 carrying malware. As these attacks continue to grow and evolve, organizations must find a way to combat them to protect valuable assets, such as patient data, from being compromised.

A few weeks ago, WTF Health took the show on the road to Australia’s digital health conference, HIC 2019. We captured more than 30 interviews (!) from the conference, which is run by the Health Informatics Society of Australia (hence the HISA Studio branding) and I had the opportunity to chat with most of the Australian Digital Health Agency’s leadership, many administrators from the country’s largest health systems, and a number of health informaticians, clinicians, and patients. I’ll be spotlighting a few of my favorites here in a four-part series to give you a flavor of what’s happening in health innovation ‘Down Under.’ For much more, check out all the videos on the playlist here.

I’d like to kick off the series with my interview on all things interoperability with arguably the most famous Australian in health tech, Grahame Grieve.

Grahame Grieve, “the Father of FHIR” architected healthcare’s best shot at EMR data interoperability when he founded HL7’s Fast Healthcare Interoperability Resources (FHIR), but have you heard what prompted Grahame to pursue creating a common standard for electronic health data exchange in the first place? Grahame shares the surprisingly personal and emotional story and weighs in how he thinks FHIR adoption is going so far. If your business has anything to do with health IT, EMR, or healthcare’s play in big data, be sure to tune in to find out what’s next for FHIR, whether or not Big Tech’s new role in healthcare can help speed up adoption, and if Grahame thinks we’ll ever finally solve healthcare’s interoperability problem.

Patient engagement has long been a tough nut for healthcare to crack, and it’s not for a lack of trying. New technologies that meet the patient in their home offer a clear opportunity to meet patients throughout the course of their daily lives, but the tools themselves are only half of the solution — making a real connection is just as much about addressing and responding to each individual’s mentality.

“We use a unique interface for approaching patients — we put a cute little robot in homes as opposed to a call center of nurses or sending someone out to patients’ homes,” Dr. Cory Kidd, CEO and founder of care engagement startup Catalia Health, told MobiHealthNews. “The reason behind that is not so much about the technology, but the psychology. … That psychology of human face-to-face interaction works really well there, and acts as an effective way to keep patients engaged over time.”

Catalia has come a long way since its first seed funding round back in 2015 and its most recent raise in late 2017. Just last month, its unique approach to in-home engagement yielded the startup a new partnership with Pfizer headlined by a 12-month pilot of its platform among patients receiving specialty drugs.

“One of the things we see in that specialty drugs market in general is there are typically care management programs that are associated with those and paid for by the drug manufacturer. The majority of those look like a call center,” Kidd said. “So at a high level we provide the same kind of program … but instead of a call center of nurses we put our robot, Mabu, into homes and use that to talk to patients every day, and then relay relevant information back to the clinician so they can provider better care. At a higher level it’s a care management program like would be delivered today, but it’s just something much more effective in being able to interact with each and every patient.”

Facebook is looking serve as the facilitator of constructive, supportive mental health discussions between friends with today’s release of new features for the social media network and its private messaging service, Messenger.

Timed for release on the World Health Organization’s World Mental Health Day, the company has unveiled a “Let’s Talk” photo filter for Stories that invites peers struggling with mental health issues to privately reach out and confide in users with an open ear.

“Much important work has been done, and will continue to be done, on social media to de-stigmatize mental health, but our research tells us that some people will never be comfortable publicly sharing their story,” a Facebook spokesperson told MobiHealthNews in an email statement. “We learned that for many people, options like private messaging play a major role in helping to communicate about mental health. In fact, more than one-third of people surveyed say that private messaging makes it easier to talk about it.”

It may have been easy to miss, given the excitement of the quarter’s IPOs, but the third quarter of 2019 was actually a light one for digital health mergers and acquisitions, with just 10 deals — compared to 17 in Q1 and 12 in Q2.

As usual, we’ve ordered acquisitions by price first, then chronologically for the unknown terms — which is most of them. It’s worth noting that the quarter also saw rumors of a possible Fitbit acquisition, but nothing’s come of that so far.

OptimizeRx acquires RMDY Health for $16 million — In the only deal of the quarter with disclosed terms, OptimizeRx, a software company that enables digital health messaging between pharmas and providers, acquired RMDY Health, a SaaS platform designed for digital therapeutics. RMDY shareholders will receive $8 million in cash and another $8 million in equity upon the deal’s closure. OptimizeRx views the acquisition of RMDY’s team and technology as an opportunity to expand its messaging platform’s capabilities, as well as to reach a new client base beyond pharmas and providers. More.

The Department of Health and Human Services (HHS) announced proposed changes to modernize and clarify the regulations that interpret the Physician Self-Referral Law (the “Stark Law”) and the Federal Anti-Kickback Statute.

The nation’s largest employer announced a list of five new priorities on Oct. 3 intended to make healthcare easier to navigate for its employees in 2020.

To start, in three areas of the country – Orlando-Tampa, Dallas-Ft. Worth and northwestern Arkansas – the company will curate a list of “high quality physicians” in eight specialties: primary care, cardiology, gastroenterology, endocrinology, orthopedics and pulmonology.

At the same time, healthcare data analytics company Embold Health will monitor quality data from employee visits to doctors on the curated list to provide quarterly updates to Walmart corporate HQ.

“Walmart said the goal is to both give workers the information needed to make healthcare decisions based on quality and to offer feedback to regional physicians who may want to work their way on to the featured lists,” according to an article in FierceHealthcare.

In addition to the list of featured healthcare providers, the four other additions for 2020 benefits are:

expanded telehealth a personal healthcare assistant a national quality provider resource, and nationwide access to fitness clubs. In the telehealth area, employees already had telemedicine in nearly every plan, but Walmart is adding a “personal online doctor” for employees in plans in Colorado, Minnesota and Wisconsin.

This pilot program allows workers to manage chronic conditions, and get referrals and nutritional counseling. The company expects these additions to cut down on employees’ current wait times to within one hour for a virtual care visit and within one week for a behavioral health visit.

Could other corporations follow Walmart’s lead in improving healthcare options?

“I think some employers are somewhat hesitant to take the lead on a change in healthcare,” Steve Wojcik, vice president for public policy at the National Business Group on Health, told FierceHealth. “If they see other employers – especially big-name employers – doing it, they might be willing to step forward and do something similar.

Ransomware and malware attacks continue to plague hospitals and institutions, scoring frequent and disruptive hits. Internal data breaches are commonplace. Risk-laden network links with external agencies and partners abound. Security weak spots are discovered in legacy systems and new applications alike. Clinicians working around medical device security protocols expose chinks of vulnerability in the IoMT.

Anyone building a picture of the state of cybersecurity in healthcare globally would struggle to find encouragement for the beleaguered hospital CIO, with many organisations apparently unable to break out of a reactive cycle and shift to more proactive defence strategies.

Bold statistics do little to improve the anecdotal picture. In April, the U.S. Department of Health and Human Services reported 44 healthcare data breaches for the month, a record. The fact that the number of individuals affected fell by 29% from 963,794 to 686,953 compared with March was not exactly grounds for optimism, given the potential scale of the impact.

Cyber risk and privacy management specialist IT Governance publishes a monthly blog of data breaches reported worldwide. The healthcare sector is well-represented and while these lists are a litany of phishing, ransomware and distributed denial-of-service (DDoS) attacks, they are also peppered with more banal cybersecurity failures that hint at the cultural challenge of managing risk in many institutions. These range from unauthorised employees accessing patient records to coding errors that unwittingly expose records.

This paper explores which demographic characteristics substantially bias self-reported physical and cognitive health status of older Europeans. The analysis utilises micro-data for 19 European countries from the Survey of Health, Ageing and Retirement in Europe to compare performance-tested outcomes of mobility and memory with their self-reported equivalents. Relative importance analysis based on multinomial logistic regressions shows that the bias in self-reported health is mostly due to reporting heterogeneities between countries and age groups, whereas gender contributes little to the discrepancy. Concordance of mobility and cognition measures is highly related; however, differences in reporting behaviour due to education and cultural background have a larger impact on self-assessed memory than on self-assessed mobility. Southern as well as Central and Eastern Europeans are much more likely to misreport their physical and cognitive abilities than Northern and Western Europeans. Overall, our results suggest that comparisons of self-reported health between countries and age groups are prone to significant biases, whereas comparisons between genders are credible for most European countries. These findings are crucial given that self-assessed data are often the only information available to researchers and policymakers when asking health-related questions.

For emergency room physicians, arranging a transfer of care for a patient in need can be extremely stressful – a stress they don’t need. In this guest post, Angie Franks, CEO and president of a company that provides transfer center technology that enables hospitals and health systems to more effectively manage patient transfers and optimize command center operations, will detail how a cumbersome transfer process can lead to physician burnout and how an efficient one can lead to physician retention and better patient outcomes.

Organizations must take a number of critical steps to prepare a response to ransomware attacks before they hit, says Caleb Barlow, the new president and CEO of

Deep Dive: The final installment of the four-part series on cybersecurity offers practical advice on preventing attacks and mitigating their fallout.

Machine learning can improve outcomes and reduce unnecessary spending, says Accredited Health CTO Mark Plaskow.

Helen Balsdon, assistant director of nursing informatics at Cambridge University Hospitals, says just because the technology exists doesn’t mean that it’s the right technology for clinicians.

Alabama-based DCH Health System made a payment to hackers behind a ransomware attack that disrupted operations at three hospitals in the past week.

In collaboration with law enforcement and independent IT security experts, health system officials said they began a methodical process of system restoration, organization officials said in a statement posted on the health system’s website Oct. 5.

“We have been using our own DCH backup files to rebuild certain system components, and we have obtained a decryption key from the attacker to restore access to locked systems,” officials said.

Healthcare organizations can take steps to start mitigating risks while waiting for vendors to issue software patches to address URGENT/11 IPnet vulnerabilities in medical devices, says researcher Ben Seri of the security firm Armis, which identified the flaws.

The U.S. Food and Drug Administration and the Department of Homeland Security recently issued alerts about the vulnerabilities.

The problems exist in IPnet, a third-party software component that supports network communications and is embedded into a variety of legacy medical and industrial devices that are still in use today, despite the software, in many cases, being no longer supported by the original vendors (see FDA Issues Alert on Medical Device IPnet Vulnerabilities).

The collection of URGENT/11 vulnerabilities was first identified by Armis researchers in July as affecting some versions of the real-time operating system VxWorks by Wind River.

But on Oct. 1, the FDA issued its alert, and the DHS updated an earlier advisory after Armis researchers identified six additional real-time operating systems supporting the IPnet TCP/IP stack that are also potentially impacted by the URGENT/11 vulnerabilities.

Exploitation of the vulnerabilities could lead to remote code execution and allow an attacker to take over a whole device without interacting with the user, posing potential harm to patients if a medical device subsequently malfunctions.

Responsible for more than 270,000 annual deaths in the U.S., sepsis claims a life in this country every two minutes. The condition, which arises from the body’s inflammatory response to infection, costs over $27 billion in hospitalizations each year.

Despite advancements in understanding and managing sepsis, the fight is far from over. This is why an evolved strategy using predictive technology is critical.

By leveraging patient data, artificial intelligence is helping healthcare organizations identify patients in the early stages of sepsis. With the help of machine learning, custom dashboards to display risk scores and automatic alerts that notify caregivers of potential trouble, an AI-guided approach allows clinicians to get in front of the condition and even predict an adverse event.

Since introducing a sepsis warning system in 2017, Fishersville, Va.-based Augusta Health has witnessed a decrease in mortality rates from sepsis, saving an estimated 282 lives as a result. This drop in mortality rates is promising news and could prompt wider deployment of the tools.

Augusta’s warning system is able to examine patients’ vital signs via their electronic health records, recognize familiar warning signs of sepsis onset and alert clinicians and staff if abnormalities arise.

A number of healthcare organizations are doing the same by adopting or building upon existing AI models to help combat sepsis. Here’s a look at some notable recent efforts.

Humana is shifting from “an insurance company with elements of healthcare to a healthcare company with elements of insurance,” according to Vishal Agrawal, chief strategy and corporate development officer at Humana.

Researchers from Intermountain Healthcare and Stanford University have built an artificial intelligence model that can analyze chest x-ray images in ten seconds.

In the last couple of years, artificial intelligence moved from being a futuristic promise into a reference point for innovation. The technology also started to transform healthcare with great vigor. That’s why we thought it’s high time to talk about what A.I. can really bring to medicine, where does innovation stand at the moment, and what are the greatest challenges in its application to clinical settings. That’s what you can find in our latest e-book, the updated version of A Guide To Artificial Intelligence In Healthcare. Check it out!

From reducing medical errors to enhancing the patient experience, interoperability offers many benefits.

From SWOLF through EDA until heart rate, heart rate variability, respiratory rate, single-lead ECG, period tracking, sleep pattern analyzing: dozens of vital signs demonstrate that there’s no single square centimeter of the human body without quantifiable data. As an experiment, we tried to collect every trackable parameter to draw the boundaries of your “health data self”. Let us know if there’s anything left out.

Why is measurement useful? To know thyself The famous ancient Greek aphorism was inscribed on a wall in the Temple of Apollo at Delphi, the oracle, which was believed to tell humans about the plans of the Gods for the future. But for successfully peeking into the secrets of time to come, the Greeks believed one should know themselves well.

Their wisdom has remained timeless: self-knowledge is still the basis for better life choices – and thus a more predictable future. Luckily, technology offers more and more means to have a clearer picture of the workings of your body so that you can have fitting choices to live a healthier and more balanced life – if you want.

Along these lines, self-knowledge through self-tracking has the ultimate goal to have all that quantified information to be able to improve your lifestyle and your health. What data can we measure about ourselves, you ask? The list must be endless, nevertheless we attempt to incorporate here all the parameters that you can measure about yourself. Are you ready for it?

After a very active and lucrative Q1 and Q2, funding for digital health companies has cooled a bit in Q3, according to the latest Rock Health report. The raises came in at a total of $1.3 billion this last quarter, down from the roughly $2 billion seen in Q1 and Q2.

Additionally, the report points to three major trends this quarter: more mega deals over $100 million, companies exiting via IPOs and the rise of behavioral health and femtech products.

After a few frigid years without any digital health IPOs, 2019 has turned a corner. So far five digital health companies have gone public, according to the report.

However, results have been lukewarm now that these digital health companies are in the public arena, the Rock Health researchers wrote.

“Early public market performance for these IPOs has been mixed,” Sean Day, a researcher at Rock Health and author of the report, wrote in the document. “As of October 1, Health Catalyst is trading about 20% below its closing price on the first day of trading after increasing more than 20% in the weeks following its public offering. Livongo’s share price fell following its first earnings report as losses were greater than analysts expected, despite 156% revenue growth that beat Wall Street estimates. Phreesia and Change Healthcare have largely traded within +/- 10% of their offering price. And Peloton’s stock price dipped after the company went public on September 26, which some took as a sign that 2019’s hot IPO market is cooling off for the moment.”

Rock Health also reported that digital behavior health companies accounted for 8% the total funding this quarter. Behavioral health companies have also seen an increase in the size of their deals to $26 million, up a staggering 73% from 2018.

Women’s health companies have also seen significant rises in funding as well. Rock Health reports that funding for women’s health companies increased by 812% from 2014 to 2018.