FEHBlog

Cybersecurity Saturday

David ErmerCybersecurity, Generative AI

From the cybersecurity policy and law enforcement front,

  • Cyberscoop tells us,
    • “Members of Congress are pressing federal agencies and telecommunications companies for more information about a reported Chinese government-backed hacking campaign that breached the networks of at least three major U.S. telecoms.
    • “Earlier this month, the Wall Street Journal reported that a hacking group tied to Beijing successfully broke into the networks of Verizon, AT&T and Lumen Technologies. The hackers reportedly went undetected for months, possibly gaining access to systems and infrastructure used to process court-authorized wiretaps.
    • ‘On Thursday, Republican and Democratic leaders on the House Energy and Commerce Committee wrote to the three telecommunication firms asking for more information on their response, calling the incident “extremely alarming for both economic and national security reasons.” * * *
    • “The members requested a briefing with the telecoms to learn more about when they became aware of the compromise, findings from any internal investigations and subsequent engagement with law enforcement, their plans to notify affected customers and what if any corrective steps have been taken to harden cybersecurity in the wake of the incident.
    • “The House Homeland Security Committee has also requested a briefing on the hack from the Cybersecurity and Infrastructure Security Agency, according to a committee aide.”
  • Federal News Network lets us know,
    • “The Defense Department released the final rule for the long-awaited Cybersecurity Maturity Model Certification program today [October 11], further paving the way for CMMC requirements to show up in contracts starting next year.
    • “The final CMMC program rule was released for public inspection today. It’s expected to officially publish in the Federal Register on Tuesday, Oct. 15.
    • “The rule establishes the mechanisms for the CMMC program. The goal of CMMC is to verify whether defense contractors are following cybersecurity requirements for protecting critical defense information. Many contractors will be required to receive a third-party audit under the program, a significant departure from the current regime of relying on self-attestation.”
  • Per an October 3, 2024, HHS press release,
    • “Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a $240,000 civil monetary penalty against Providence Medical Institute in Southern California, concerning potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule, following a ransomware attack breach report investigation by OCR. Ransomware and hacking are the primary cyber-threats in health care. There has been a 264% increase in large breaches reported to OCR involving ransomware attacks since 2018.
    • “Failures to fully implement all of the HIPAA Security Rule requirements leaves HIPAA covered entities and business associates vulnerable to cyberattacks at the expense of the privacy and security of patients’ health information,” said OCR Director Melanie Fontes Rainer. “The health care sector needs to get serious about cybersecurity and complying with HIPAA. OCR will continue to stand up for patient privacy and work to ensure the security of health information of every person. On behalf of OCR, I urge all health care entities to always stay alert and take every precaution and steps to keep their systems safe from cyberattacks.” * * *
    • “The Notice of Final Determination may be found at: https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/pmi-nfd/index.html
  • Fedscoop notes,
    • “The Department of Health and Human Services is working on a new strategic plan for the use of artificial intelligence across the entire breadth of its mission, the department’s top AI official said Tuesday.
    • “Micky Tripathi — HHS’s acting chief AI officer and its assistant secretary for technology policy — said at the NVIDIA AI Summit in Washington, D.C., that the AI strategic plan should arrive sometime in January and that it will span “the entire, you know, sort of breadth of what the department covers.”
    • “During a panel discussion, Tripathi detailed the complex web of mission sets spanning “the value chain of life sciences and health care” that HHS oversees that the new strategic plan will attempt to wrap its arms around. Those include medical research and discovery, preclinical work, measuring the safety and effectiveness of medical products, health care delivery, health technology standards setting, human services, public health and more, he said.”

From the cybersecurity vulnerabilities and breaches front,

  • Beckers Health IT informs us,
    • “In the past 12 months, 92% of healthcare organizations reported experiencing at least one cyberattack, up from 88% in 2023, an Oct. 8 survey from Proofpoint and Ponemon Institute found.
    • “Of those cyberattacks, 69% reported disruptions to patient care as a direct consequence.”
  • The American Hospital Association News reports,
    • “The FBI, along with the National Security Agency, Cyber National Mission Force and United Kingdom’s National Cyber Security Centre, today released a joint agency advisory on cyber operations by the Russian Federation’s Foreign Intelligence Service (SVR), also known as APT29, Midnight Blizzard, Cozy Bear, and the Dukes, targeting U.S. and global entities. The agencies recommend prioritizing rapid patch deployment and keeping software up to date to protect against cyberattacks.
    • “This alert highlights the SVR’s aggressive targeting of U.S. critical infrastructure for espionage and possible future offensive cyber operations,’ said John Riggi, AHA national advisor for cybersecurity and risk. “Although health care is not cited as being intentionally targeted by this SVR campaign, it is noted that any entity could become a target of opportunity if it has internet-facing vulnerabilities. The SVR takes advantage of opportunistic tactics to host malicious infrastructure, conduct follow-on operations from compromised accounts, or attempt to pivot to other networks on unprotected victim infrastructure. To mitigate this threat and other types of cyberattacks, such as ransomware attacks, it is imperative that health care entities prioritize patching internet-facing vulnerabilities, employ multi-factor authentication and follow the voluntary cybersecurity performance goals.”
  • HHS’s Health Section Cybersecurity Coordination Center issued its September report on vulnerabilities of interest to the health sector.
  • Cyberscoop points out,
    • “The number of malicious packages found in the open-source ecosystem has dramatically grown in the past year, according to a new report from Sonatype.
    • “The cybersecurity firm found that the number of malicious packages intentionally uploaded into open-source repositories has jumped by more than 150% compared to last year. Open-source software, a transparent development process where almost anyone can contribute to the code and components, is the bedrock of the digital age that can be found in most modern digital technologies.
    • “Sonatype, a firm that specializes in the open-source supply chain, looked at more than 7 million open-source projects and found that more than 500,000 contained a malicious package.
    • “Vulnerabilities in open-source packages and the developers who maintain them have become a hot topic following a spree of high-profile bugs and cyberattacks in recent years. Earlier this year, the maintainer of the data-compression tool XZ Utils was the focus of a yearslong campaign by hackers with the aim of inserting a vulnerability that would have been found in Linux servers throughout the world.”
  • The Cybersecurity and Infrastructure Security Agency (CISA) alerted us on October 10,
    • CISA has observed cyber threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to enumerate other non-internet facing devices on the network. F5 BIG-IP is a suite of hardware and software solutions designed to manage and secure network traffic. A malicious cyber actor could leverage the information gathered from unencrypted persistence cookies to infer or identify additional network resources and potentially exploit vulnerabilities found in other devices present on the network.
    • CISA urges organizations to encrypt persistent cookies employed in F5 BIG-IP devices and review the following article for details on how to configure the BIG-IP LTM system to encrypt HTTP cookies. Additionally, F5 has developed an iHealth heuristic to detect and alert customers when cookie persistence profiles do not have encryption enabled. BIG-IP iHealth is a diagnostic tool that “evaluates the logs, command output, and configuration of a BIG-IP system against a database of known issues, common mistakes, and published F5 best practices” to help users verify the optimal operation of their BIG-IP systems.
  • CISA added six more known exploited vulnerabilities to its catalog this week.
  • Cybersecurity Dive adds,
    • “Ivanti released updates for three actively exploited zero-day vulnerabilities in Ivanti Cloud Service Appliance, which hackers are chaining together with a previously disclosed path traversal vulnerability, the company said in a Tuesday blog post
    • “Successful exploitation of the flaws can allow an attacker to gain administrative privileges to bypass restrictions, obtain remote code execution or run arbitrary SQL statements. The vulnerabilities are listed as CVE-2024-9379CVE-2024-9380CVE-2024-9381
    • “Ivanti previously disclosed and issued a patch that would address the prior critical vulnerability, listed as CVE-2024-8963, on Sept. 10. The company said it discovered the path traversal vulnerability when it was investigating exploitation of an OS command injection vulnerability, listed as CVE-2024-8190.”

From the ransomware front,

  • Tech Radar reports,
    • “The number of active ransomware groups over the last 12 months is on the rise as criminals look for more ways to target businesses, new research has claimed.
    • “The 2024 State of Threat Report from Secureworks has revealed a rise in the number of active ransomware groups over the last 12 months – identifying a 30% rise in the number of active groups.
    • “The figures represents a diversification of the landscape rather than a particularly drastic increase in criminals. Since the notorious Lockbit disruption, in which the most prolific group was briefly shut down, the ransomware ecosystem has evolved, with 31 new groups being established.” * * *
    • “One of the key findings from the report is that unpatched vulnerabilities remain the top Initial Access Vector (IAV) in ransomware attacks, making up almost 50% of all IAVs. This outlines more than ever the importance of staying on top of cybersecurity and software updates.”
  • Per Security Affairs,
    • “Sophos researchers warn that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.
    • “In early September 2024, Veeam released security updates to address multiple vulnerabilities impacting its products, the company fixed 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider Console, and One.
    • “The most severe flaw included in the September 2024 security bulletin is a critical, remote code execution (RCE) vulnerability tracked as CVE-2024-40711 (CVSS v3.1 score: 9.8) impacting Veeam Backup & Replication (VBR).”
  • Palo Alto Networks Unit 24 tells us,
    • “In July 2024, researchers from Palo Alto Networks discovered a successor to INC ransomware named Lynx. Since its emergence, the group behind this ransomware has actively targeted organizations in various sectors such as retail, real estate, architecture, and financial and environmental services in the U.S. and UK.
    • “Lynx ransomware shares a significant portion of its source code with INC ransomware. INC ransomware initially surfaced in August 2023 and had variants compatible with both Windows and Linux. While we haven’t confirmed any Linux samples yet for Lynx ransomware, we have noted Windows samples. This ransomware operates using a ransomware-as-a-service (RaaS) model.”

From the cybersecurity defenses front,

  • American Hospital Association cybersecurity expert John Riggi offers his perspective on this year’s cybersecurity challenges in the healthcare sector.
  • “Moffitt Cancer Center was one of many health systems impacted by the Change Healthcare ransomware attack earlier this year. The organization’s VP of RCM operations [Lynn Ansley] explains [in Health Leaders] how she navigated the disaster.”
  • Here is a link to Dark Reading’s CISO Corner.
  • HHS’s 405(d) program shares an endpoints security poster with the public.

Friday Factoids

David ErmerCDC, CMS, COVID-19, FDA, Federal employment benefits, HSA, Medical / Rx research, Medicare, Mental health care, Rx coverage, U.S. Healthcare, Uncategorized
  • Govexec observes “The Office of Personnel Management’s inspector general last month reported that the federal government’s dedicated HR agency faces taller tasks in the form of launching a health insurance program for postal workers and verifying enrollees’ eligibility for the Federal Employees Health Benefits Program.”
  • While Govexec accurately reflects the substance of the OIG’s report, the FEHBlog disagrees with the OIG conclusions for the following reasons —
    • The OIG and GAO focus on family member eligibility issues. FEHB carriers, or their underwriters, hold the FEHB Program’s insurance risk. The biggest eligibility issue is that OPM does not use the HIPAA 820 enrollment roster transaction which would allow carriers to electronically reconcile individual enrollees with the premiums. This remains a yawning internal gap for the FEHBP.
    • OPM intelligently is assigning Postal employees and annuitants to their appropriate PSHB plan this month. OPM is electronically notifying carriers about these enrollments and OPM is mailing notices to these folks about their enrollments which can be changed during Open Season. If OPM’s new enrollment system breaks down (see healthcare.gov in 2013), the FEHBlog is certain that OPM has a Plan B for making PSHB enrollment change. In the FEHBlog’s view, OPM’s plan provides a high likelihood that the PSHB will timely launch on January 1, 2025.
  • Sequoia reminds us,
    • “The Centers for Medicare and Medicaid Services (CMS) issued Final Rules on how and when civil monetary penalties may be imposed when Responsible Reporting Entities (RREs) fail to meet their Medicare Secondary Payer (MSP) reporting obligations.
    • “Under MSP rules, group health plans are required to submit certain information to CMS on plan participants that are dual enrolled in the group health plan and Medicare. By doing so, CMS can better identify when another party should pay primary, thereby avoiding unnecessary claims payment mistakes.
    • “Generally, a group health plan RRE is the insurer for fully insured plans and the third-party administrator (TPA) for self-funded plans. Employers are not likely to be an RRE, or otherwise have direct reporting obligations, unless as plan administrator they both self-fund and self-administer the plan. However, employers will need to provide any required information requested by the RRE (i.e., insurer or TPA) for them to accurately submit the reporting on the employer’s group health plan to CMS.
    • “Penalties against an RRE are up to $1,000 (as adjusted) per instance of noncompliance for each calendar day that a record is late, with a maximum annual penalty of $365,000 per instance. Penalties may be waived if RREs can show “good faith efforts” to report any records identified by CMS as being noncompliant. Also, CMS will apply a five-year statute of limitations on assessing civil monetary penalties for violations of mandatory reporting requirements.”
    • Important Dates
      • December 11, 2023: Effective date for the Final Rules.
      • October 11, 2024 / TODAY: Earliest date the provisions of the Final Rules will be applied.
      • October 11, 2025: Start date for compliance review and penalty enforcement.
      • April 1, 2026: CMS begins quarterly compliance audit; reviewing a random sample of 250 new records per quarter for a total of 1,000 records per year.
  • Bloomberg lets us know,
    • “Medicare patients changed to outpatient “observation status” after they were initially hospitalized now have a chance to appeal their reclassification under a rule finalized by the Biden administration on Friday. 
    • “The rule (RIN 0938-AV16) would implement a 2020 ruling by the US District Court for the District of Connecticut in a class action involving a dispute over Medicare’s obligation to pay for hospitalizations and long-term care for elderly patients.”
  • The Wall Street Journal reports,
    • Teva Pharmaceuticals will pay $450 million to resolve allegations that the generic drug manufacturer submitted false claims and violated a federal law that prohibits the payment of kickbacks to generate federal healthcare business or induce patient referrals.
    • “The Justice Department on Thursday said the settlement amount was based on the company’s, whose U.S. headquarters is in Parsippany, N.J., ability to pay. As part of the settlement, there was no admission of wrongdoing on Teva’s part.
    • ‘Teva said it is pleased to put these matters in the past in order to focus on developing and providing access to medicines for patients who need them.”
  • The American Hospital Association News points out,
    • survey released Oct. 9 and funded by the American Foundation for Suicide Prevention, the Suicide Prevention Resource Center and the National Action Alliance for Suicide Prevention, a public-private partnership whose members include the AHA, shows 63% of U.S. adults are aware of the 988 Suicide and Crisis Lifeline, a 6% increase from 2022. The survey also found that 71% of adults feel comfortable contacting a mental health hotline, while 15% said they have used one previously. Among other findings, 91% of U.S. adults perceive mental health as equal to or more important than physical health, but 49% feel that physical health is treated as more important.

From the public health and medical research front,

  • The Center for Disease Control and Prevention announced today,
    • “COVID-19 activity is declining in most areas. Seasonal influenza is low nationally. Signs of increased RSV activity have been detected in the southeastern United States, including Florida, particularly in young children.
    • “COVID-19
      • “Nationally, COVID-19 activity has continued declining in most areas. Wastewater levels, laboratory percent positivity, emergency department visits, and hospitalizations are continuing to decrease nationally while deaths remain at low levels.
      • “The new XEC variant is estimated to comprise 7-16% among circulating viruses as of October 12, 2024. Because XEC is recombined from two JN.1 lineage viruses, the 2024-2025 COVID-19 vaccines that already include JN.1 strains are still expected to provide protection. Similarly, there are no impacts currently expected on tests, treatments, or symptoms at this time. For additional information, please see CDC COVID Data Tracker: Variant Proportions. There are many effective tools to prevent spreading COVID-19 or becoming seriously ill.
    • “Influenza
    • “RSV
      • “Nationally, RSV activity remains low. However, continuing signs of increased RSV activity have been detected in the southeastern United States, including Florida, particularly in young children.
    • “Vaccination
      • “Vaccinations to prevent fall respiratory viruses have started for the 2024-25 fall and winter virus season. RSV, influenza, and COVID-19 vaccines are available to provide protection.
  • The University of Minnesota’s CIDRAP tells us,
    • “The California Department of Public Health (CDPH) reported today that the US Centers for Disease Control and Prevention (CDC) has confirmed two of its latest probable H5 avian flu cases, as it reported another likely case based on state testing, which if confirmed would raise the state’s total to seven.
    • “California’s flurry of human cases is occurring amid an ongoing surge of outbreaks affecting the state’s dairy farms, which are concentrated in the Central Valley. Also today, the CDC shared the latest findings from genetic sequencing, which so far show no worrying changes.”
  • and
    • “Genetic sequencing has identified a second cluster of tecovirimat-resistant mpox infections in the United States—the first of its kind involving interstate spread. Researchers from the US Centers for Disease Control and Prevention (CDC) and partners from five affected states reported their findings yesterday in Morbidity and Mortality Weekly Report.
    • “The first Tpoxx-resistant cluster was identified in California in late 2022 and early 2023 in people who hadn’t previously been treated with the drug. The new report describes a new unrelated cluster among 18 people with no previous treatment across multiple states. * * *
    • “In vitro testing of seven samples showed resistance to Tpoxx. Whole-genome sequencing showed that the resistance mutations came from a common ancestor but were distinct from the earlier California cluster.
    • “Researchers said because not all viruses from mpox cases are sequenced, the findings likely underestimate the prevalence of the newly identified drug-resistant variant. They added that more surveillance is needed, as well as adherence to CDC Tpoxx use protocols. Also, they wrote that the findings underscore the need for more treatments for mpox, along with smallpox biothreat preparedness.”
  • Reuters reports,
    • “Roughly 15.5 million U.S. adults have attention-deficit hyperactivity disorder, and most of them struggle with gaining access to treatment for the condition, according to data from a U.S. study released on Thursday.
    • “Only about one-third of those reporting a diagnosis of ADHD said they had received a prescription for a stimulant drug used to treat it in the previous year, researchers reported in the U.S. Centers for Disease Control and Prevention’s Morbidity and Mortality Weekly Report.
    • “In addition, nearly three quarters of those with a prescription for a stimulant drug reported difficulty getting it filled because the medication was unavailable.
    • “Worldwide, around 2% to 5% of adults experience ADHD symptoms such as inattention, hyperactivity, and impulsivity. This study provides the first prevalence data on ADHD in U.S. adults since 2003.”
  • The Wall Street Journal informs us,
    • “The Food and Drug Administration approved Pfizer’s Hympavzi to prevent or reduce bleeding episodes in patients with certain kinds of hemophilia, the pharmaceutical company said.
    • “The approval is for patients with hemophilia A (congenital factor VIII deficiency) without factor VIII inhibitors, or hemophilia B (congenital factor IX deficiency) without factor IX inhibitors, Pfizer said Friday.
    • “Hympavzi, also known as marstacimab, can be given subcutaneously every week for routine prophylaxis in patients aged 12 and up as an alternative to intravenous infusions that are often administered multiple times a week, Pfizer said.
    • “The FDA said the drug is the first non-factor and once-weekly treatment for hemophilia B. The agency said the approval provides “a new treatment option that is the first of its kind to work by targeting a protein in the blood clotting process.”
  • BioPharma Dive adds,
    • “The Food and Drug Administration on Thursday approved a new Roche drug for breast cancer. Called Itovebi, the drug has been cleared for use with Pfizer’s Ibrance and endocrine therapy in people whose HR-positive, HER2-negative breast tumors have a mutation called PIK3CA.
    • It’ll compete for market share with Novartis’ Piqray, another medicine targeting PIK3CA mutations. Itovebi is one of five drugs Roche aims to add to its portfolio of breast cancer treatments, which already includes the targeted therapies HerceptinPerjeta and Kadcyla
  • Per Health Day,
    • “It’s never too late for a person to quit smoking, even if they’re elderly, a new study finds.
    • “Dropping the smokes even as late as 75 can meaningfully increase a person’s life expectancy, researchers reported recently in the American Journal of Preventive Medicine.
    • “Seniors aged 75 will lose on average more than four years of life if they keep smoking, compared to people who never smoked, researchers found.
    • “On the other hand, a 75-year-old smoker who quits has a 14% chance of gaining at least one extra year of life, and a 65-year-old smoker a 23% chance.
    • “And about 8% of those who quit at age 75 gain at least four years of life compared to those who keep smoking, researchers found.
    • “Quitting smoking is the single best thing anyone at any age can do to increase their life expectancy, researchers concluded.”

From the U.S. healthcare business front,

  • MedTech Dive relates,
    • “Fresenius Medical Care said Thursday it will increase its production of IV fluid and peritoneal dialysis (PD) products as the U.S. manages shortages due to Hurricane Helene’s effect on the supply chain.
    • “The company is maximizing production capacity at its international sites to help add supply amid an industrywide supply shortage of PD products and IV fluids, according to the update. Fresenius Medical Care is also exploring other options to address the shortage at the Department of Health and Human Services’ request.”
  • Beckers Payer Issues offer new payer game plans for improving women’s health.
  • Fierce Healthcare provides details on the latest Medicare Advantage star scores.
  • Modern Healthcare notes,
    • “Mary Beth Jenkins will become the president and CEO of University of Pittsburgh Medical Center Health Plan starting Jan. 1. 
    • “Jenkins was also named president of UPMC Insurance Services Division and an executive vice president of the system. She will succeed Diane Holder, who plans to retire Dec. 31 after 40 years with UPMC.
    • “Jenkins has been executive vice president of UPMC Insurance Services Division and chief operating officer of UPMC Health Plan since 2023. She joined Pittsburgh-based UPMC in 1998.” 
  • Optum offers HSA plans tips on personalized member communications strategies.

Thursday Miscellany

David ErmerCDC, CMS, FDA, Federal employment benefits, Medical / Rx research, Medicare, NIH, Rx coverage, U.S. Healthcare
Photo by Josh Mills on Unsplash

In hurricane news,

  • The New York Times reports,
    • “The Daytona Beach plant that makes nearly a quarter of the IV fluids used in the United States is intact in the wake of Hurricane Milton’s tear across Florida, according to a company spokeswoman.
    • “The site, operated by B Braun Medical, gained prominence this week as a backup source for IV solutions because Hurricane Helene had flooded a major producer of the fluids in North Carolina and left hospitals from California to Virginia with diminishing supplies.
    • “Company workers and officials from the federal Administration for Strategic Preparedness and Response took pre-emptive measures before Milton arrived, loading trucks full of finished IV medical products to ship them out of the storm’s reach through the night Tuesday. 
    • “Allison Longenhagen, a company spokeswoman, said on Thursday that the manufacturing and distribution site at Daytona Beach was intact, and would reopen on Friday.”
  • Healthcare Dive adds,
    • Hurricane Milton hit Florida’s West Coast hard Wednesday night as a Category 3 storm, bringing torrents of rain and tornadoes that caused millions to lose power and triggered widespread destruction to roads and water and sewage services.
    • While the region’s hospitals were largely ready for storm due to legacy hurricane preparations, health systems are still grappling with critical infrastructure outages and are making “hour-by-hour” calculations on whether to evacuate more patients, according to Mary Mayhew, CEO and president of the Florida Hospital Association.
  • Per MedTech Dive,
    • “Baxter said Wednesday it would increase allocation levels of certain IV fluids as the U.S. manages supply shortages after the company’s largest manufacturing plant was damaged by Hurricane Helene.
    • “The company increased allocation levels of its “highest demand” IV fluids from 40% to 60% for direct customers and from 10% to 60% for distributors, effective Wednesday, according to the update. Baxter also increased the allocation level of IV solutions and nutrition products for designated children’s hospitals to 100%.
    • “Baxter said its goal is to restart production at the North Carolina facility in phases and “return to 90% to 100% allocation of certain IV solution product codes by the end of 2024.”

From Washington, DC,

  • Fierce Healthcare lets us know,
    • “Just 40% of Medicare Advantage prescription drug plans offered in 2025 achieved a score of four stars or higher, the Centers for Medicare & Medicaid Services (CMS) revealed Oct. 10.
    • “It is the third consecutive year the portion of MA plans offering four-star plans or greater decreased, with 68% of plans meeting the threshold in 2022. Last year 42% of plans achieved at least a four-star rating.
    • “Weighted by enrollment, 62% of enrollees are currently in contracts with a four-star rating or better. In 2022, 90% of enrollees were in at least a four-star plan.
    • “These star ratings impact the 2026-year quality bonus payments, which has significant financial repercussions to MA plans. They are rated on 40 measures in Medicare Advantage Prescription Drug (MA-PD) plans, 30 measures for MA plans and only 12 measures in solely prescription drug plans.
  • Federal News Network tells us,
    • “The final piece of the puzzle fell into place Thursday morning for calculating the 2025 cost-of-living adjustment (COLA) for Social Security and federal retirement benefits.
    • “Starting in January, many federal retirees will see a 2025 COLA of 2.5% added to their Social Security benefits and federal retirement annuities — but not everyone will receive the full adjustment.
    • “Retirees in the Federal Employees Retirement System (FERS) usually receive a smaller cost-of-living adjustment each year for their annuities, though the exact difference depends on how big the COLA is in a given year:
      • “COLA is over 3%: FERS annuitants receive 1% less than the full COLA
      • “COLA is between 2% and 3%: FERS annuitants receive a 2% COLA
      • “COLA is less than 2%: FERS annuitants receive the full COLA
    • For 2025, based on those specifications, FERS retirees will receive a “diet” 2025 COLA of 2% for their retirement benefits beginning in January.
  • Tammy Flanagan, writing in Govexec, provides “a checklist to help [federal and postal employees and retirees] prioritize as [they] sort through your federal retirement and insurance benefits.”
  • Modern Healthcare reports,
    • “Healthcare companies pursuing mergers and acquisitions will be required to submit additional information about their proposals under a final rule approved by the Federal Trade Commission Thursday.
    • “The final rule amends the Hart-Scott-Rodino Act form, which had not been updated for 46 years. When the rule goes into effect, likely early next year, healthcare companies involved in M&A proposals must list acquisitions that occurred within the last five years, disclose private equity and minority stakeholders with decision-making authority and report supplier relationships shared by the merging parties to the FTC, among other requirements.”
  • Bloomberg informs us,
    • Johnson & Johnson did not wrongly manipulate bankruptcy rules when it filed an insolvency case in Texas and not its home state of New Jersey, a federal judge ruled, increasing the odds the consumer health giant can settle claims its baby powder gave women cancer.
    • Judge Christopher Lopez said Thursday he’ll keep a J&J subsidiary in his Houston courtroom, dismissing claims the company improperly skirted a federal appeals court for New Jersey that has twice stopped its bid to end thousands of talc injury lawsuits. 
    • “I want to assure everyone that they are going to get a fair trial in front of me,” Lopez said.
    • J&J is offering more than $8 billion to settle the litigation, a proposal the company has said is supported by roughly 83% of the women who voted on it. The settlement is being offered through a corporate shell J&J created to absorb the cancer claims and file bankruptcy, a controversial legal tactic known as the Texas Two Step.
  • The American Hospital Association News points out,
    • “The Health Resources and Services Administration Oct. 9 announced it will award nearly $19 million to 15 states for identifying and implementing maternal health strategies. The funds are part of HRSA’s Enhancing Maternal Health Initiative and will support State Maternal Health Innovation programs to help identify key drivers of maternal mortality in each state, develop strategies and implement new interventions to address those issues. The state programs have implemented a range of interventions to address maternal health challenges, which include early identification and treatment of hypertension to reduce preeclampsia and other risks, providing mobile simulation trainings to prepare health care providers for a range of adverse labor events, expanding access to trainings to rural and frontier hospitals that do not have a dedicated obstetrics department, and creating resources to improve first responders’ ability to respond to patients with substance use disorder during and after pregnancy.”

From the public health and medical research front,

  • The International Foundation of Employee Benefit Plans lets us know,
    • “Today is World Mental Health Day, a time to recognize the importance of mental health and to reaffirm commitments to improving mental health through education, awareness and advocacy. Many plan sponsors look toward mental health trends to stay informed on strategies for their workforce. Read on for key takeaways from a recent International Foundation webcast on 2024 mental health trends.
    • “The after-effects of the COVID-19 pandemic have resulted in increases in mental health needs across North America. In a 2024 survey from Gallup, U.S. adults reported how they thought mental health issues are handled compared to physical health issues: 38% reported “much worse,” 37% reported “somewhat worse,” and 15% reported “about the same.” The same survey indicates a perception that mental health conditions, including depression and anxiety, have increased over the past five years.
    • “According to a report from SunLife Canada, employers are seeing a rise in mental health care costs, including short- and long-term disability claims. The increased costs are sparking conversations about mental health treatment and leading employers to improve their employee benefits offerings to address mental health care.”
  • Per a U.S. Department of Agriculture press release,
    • BrucePac, a Durant, Okla. establishment, is recalling approximately 9,986,245 pounds of ready-to-eat (RTE) meat and poultry products that may be adulterated with Listeria monocytogenes, the U.S. Department of Agriculture’s Food Safety and Inspection Service (FSIS) announced today.
    • The ready-to-eat meat and poultry items were produced from June 19, 2024, to October 8, 2024. These products were shipped to other establishments and distributors nationwide then distributed to restaurants and institutions. Information regarding product labels and the list of products will be provided when available.
    • The products subject to recall bear establishment numbers “51205 or P-51205” inside or under the USDA mark of inspection.
  • The American Hospital Association News notes,
    • “The National Institutes of Health Oct. 10 released results of a study that found that infection from COVID-19 in the first wave of the pandemic appeared to significantly increase the risk of heart attack, stroke and death for up to three years for unvaccinated individuals. When infected, those individuals had double the risk for cardiovascular events, and people with severe cases had nearly four times the risk. The study also is the first to show that increased risk of heart attack and stroke in people with severe COVID-19 may have a genetic component involving blood type. It is unclear if the risk of cardiovascular disease is or may be persistent for people who have had severe COVID-19 from 2021 to the present, NIH said.”
  • The Wall Street Journal reports,
    • “Researchers are making progress toward vaccines that train healthy people’s immune systems to eliminate signs of cancer before it develops. 
    • “Vaccines are in early trials for people with inherited genetic mutations that put them at a greater risk. Other shots are designed to destroy precancerous lesions to stop full-blown disease. 
    • “It’s the future of cancer prevention,” says Dr. Ajay Bansal, a gastroenterologist at the University of Kansas Cancer Center.” * * *
    • “Many consider cancer vaccines to be a form of immunotherapy, a kind of treatment that has revolutionized cancer care by using the immune system to beat back cancer cells. Some of those therapies release the brakes on the immune system. Cancer vaccines, by contrast, are meant to boost the immune response and direct it where to go.
    • “Cancer cells and even pre-cancer cells know how to hide from the immune system,” says Dr. Neeha Zaidi, a medical oncologist at the Sidney Kimmel Comprehensive Cancer Center at Johns Hopkins. “It needs that help from a vaccine.”
  • The National Institutes of Health’s Director, writing her in blog, tells us,
    • “Developing a new drug from scratch can take a decade or more. But sometimes promising treatment options come from repurposing existing drugs for completely different medical conditions. I’m happy to share a new example of this: a cancer drug called pomalidomide that was found in a clinical trial to be safe and effective for treating a blood disorder called hereditary hemorrhagic telangiectasia (HHT).
    • “HHT is an inherited blood vessel disorder that can cause excessive or even life-threatening bleeding. The disease is rare, affecting about 1 in every 5,000 people worldwide, but because HHT is poorly understood and often misdiagnosed, its true incidence is likely greater. Most people with HHT experience recurrent severe nosebleeds, often in combination with mental health disorders such as depression and post-traumatic stress disorder, as well as other health conditions. HHT can also worsen with age and impact quality of life.
    • “However, recent findings from an NIH-supported clinical trial, reported in the New England Journal of Medicine, show that daily treatment with pomalidomide in people with HHT led to a significant reduction in nosebleed severity. Compared to trial participants taking a placebo, those taking pomalidomide needed fewer blood or iron transfusions and reported improvements in their quality of life. Because of these results, the trial was stopped months ahead of schedule, having found sufficient evidence that the treatment was safe and effective.”
  • Per MedPage Today,
    • “Medicare annual wellness visits were associated with a 21% increase in mild cognitive impairment diagnoses.
    • “Those with a wellness evaluation received a diagnosis 76 days earlier than others.
    • “Findings suggest the Medicare wellness visit policy may help identify cognitive impairment earlier.”

From the U.S. healthcare business front,

  • Modern Healthcare reports,
    • “CVS Health is moving ahead with expansion plans for Oak Street Health, even as the company reportedly considers a restructuring in the coming months.
    • “CVS is conducting a strategic review, according to media reports citing people familiar with the matter and is weighing options for separating some of the company’s businesses, which include its retail pharmacy, insurance arm Aetna, pharmacy benefit manager CVS Caremark and primary care provider Oak Street.
    • “A spokesperson said CVS is sticking with its previously announced expansion plan for Oak Street but did not respond to questions about how many clinics it has opened this year. As of August, Oak Street had opened 16 clinics in 10 states since December, with aggressive plans to open another 38 or so clinics by the end of the year.”
  • Per Fierce Healthcare,
    • “Henry Ford Health has launched a population health subsidiary to help manage high-risk patients’ conditions and reduce costs tied to preventable hospitalizations or readmissions.
      Troy, Michigan-based Populance is described by the nonprofit health system as an extension of the “dozens” of case management programs it and its insurance subsidiary, Health Alliance Plan, have designed over the past two decades.
    • “Those programs—often designed with value-based care strategies in mind—will be supported at Populance with health analytics capabilities to help spot and address high-risk patients, the system said.
    • “Because we know this approach to population health management works—for our patients, our members and our physicians—we want to make these services available to other physicians, health systems and health plans to create healthier, more equitable outcomes in all the communities we serve,” Robin Damschroder, president of value-based enterprise and chief financial officer at Henry Ford Health, said in a release.”
  • RAND issued a paper titled “The Expense of Heath Care Explained: What Americans Need to Know.”
    • “Health care costs remain a critical concern for policymakers, providers, and patients alike. As voters head to the polls, the effectiveness of recent policies like the No Surprises Act and Medicare drug price negotiations are just beginning to be felt. Meanwhile, other major concerns loom, including how to deal with massive consolidation across the health care industry, and the complex dynamics of drug pricing, as well as burnout and other forces leading to shortages of health care providers.
    • “We asked three experts on the economics of health care to explain some of the financial and public policy forces at work. Cheryl Damberg holds the distinguished chair in Health Care Payment Policy and is director of the RAND Center of Excellence on Health System PerformanceAndrew Mulcahy is a senior health economist at RAND who focuses on payments for health care services and prescription drugs. Erin Taylor is a senior policy researcher at RAND who is currently co-project director of the evaluation of the Medicare Part D Senior Savings Model.”
  • Per BioPharma Dive,
    • Within the pharmaceutical industry, a multibillion-dollar race is underway to top Novo Nordisk’s and Eli Lilly’s in-demand obesity drugs.
    • Dozens of companies, large and small, have set out to test experimental medicines they claim could be more potent, convenient or have fewer side effects than Novo’s Wegovy and Lilly’s Zepbound. But those two companies are already hard at work with successors of their own.
    • The next six months figure to be an important preview. Data are expected for a number of drugs that are already, or are shaping up to be, contenders in this high-stakes competition. The readouts will be closely watched, as they will set expectations for how the obesity drug market — currently a duopoly between Lilly and Novo — will look in the future.
  • The article tells you what to expect.
  • The Washington Post reports,
    • “Amazon plans to expand its drug delivery business as the company seeks more ways to insinuate itself into the daily lives of everyday Americans. The move would see the largest online retailer in the United States compete more directly with pharmacy retailers like CVS and Walgreens.
    • “Next year, Amazon customers in 20 cities — including Dallas, Minneapolis and Philadelphia — will be able to get Amazon Pharmacy medications delivered by the company, Amazon Pharmacy VP Hannah McClellan Richards said Wednesday. And a growing number of those deliveries will be completed within less than 24 hours, the company said.
    • “Richards said Amazon will double the number of cities with same-day delivery of medications next year, in part by building pharmacies in existing same-day delivery facilities that are “integrated directly into Amazon’s core logistics network.”

Midweek Update

David ErmerACA, CDC, CMS, FDA, Federal employment benefits, Medical / Rx research, Medicare, NIH, OPM, U.S. Healthcare

From Washington, DC,

  • The New York Times reports,
    • “Healthcare facilities across the west coast of Florida, from clinics to nursing homes, are temporarily shutting their doors and evacuating patients in preparation for Hurricane Milton’s potentially devastating landfall.
    • “Mandatory evacuation orders in Pinellas County, which includes Clearwater and St. Petersburg, affect about 6,600 patients at six hospitals, 25 nursing homes and 44 assisted living facilities, according to the order. Scores of medical clinics and dialysis centers across the region have also closed, including dozens of outpatient facilities operated by the BayCare, a health care network.
    • “The region’s only Level 1 trauma center, Tampa General Hospital, has deployed a temporary flood barricade that officials hope will stave off the storm surge. Most of the hospitals in the region that are still open have suspended elective operations or have stopped accepting new patients.
    • “University of Florida Health, which operates about a dozen hospitals across the state, had enough food, water and fuel to keep its facilities operating for 96 hours, according to Peyton Wesner, a spokesman.”
  • and
    • “U.S. officials approved airlifts of IV fluids from overseas manufacturing plants on Wednesday to ease shortages caused by Hurricane Helene that have forced hospitals to begin postponing surgeries as a way to ration supplies for the most fragile patients.
    • “The current shortage occurred when flooding coursed through western North Carolina and damaged a Baxter plant, which is now closed for cleaning. The plant makes about 60 percent of the United States’ supply of fluids used in IVs, for in-home dialysis and for people who rely on IV nutrition. They include premature babies in intensive care and patients who rely on tube feeding to survive.
    • “The situation could become even more dire now that Hurricane Milton is hitting Florida. On Tuesday, workers at B. Braun, makers of a fourth of the nation’s IV fluids, loaded trucks at the company’s plant in Daytona Beach with the medical bags and drove them north through the night to what they hoped would be a safer location.
    • “The Baxter plant, in Marion, N.C., and the B. Braun site in Daytona Beach manufacture about 85 percent of the nation’s supply of IV fluids. Experts on shortages have long pointed out the risk of such over-concentration of critical supplies, citing exposure to disasters like those now at hand. Even before the latest storm, supplies were tight and reflected a longstanding problem of how few companies are willing to produce crucial but low-cost and low-profit medical products.”
  • Here’s a link to an HHS Secretary letter to healthcare leaders about the IV fluid shortage, and Beckers Payer Issues offers five notes on insurer response to Hurricane Milton.
  • Kevin Moss, writing in Govexec, takes a closer look at 2025 FEHB premiums.
  • CMS has issued a memorandum with payment parameters guidance for the 2026 plan year
    • The 2025 maximum limit on cost sharing for FEHB and other group plans is $10.150 for self only coverage and $20,300 for other than self only coverage. These limits represent approximately a 10.3% increase over the 2025 maximum limits of $9,200 for self only coverage and $18,400 for other than self only coverage.
  • “The International Foundation of Employee Benefit Plans shares links to the final 1094-B, 1095-B, 1094-C, and 1095-C forms [and instructions] that employers, plan sponsors and group health insurers will use to report 2024 health coverage to plan members, and the IRS as required by the Affordable Care Act (ACA).” 
  • STAT News tells us,
    • “A new report from congressional budget experts this week estimated that it would cost Medicare an additional $35 billion over nine years if the program began covering GLP-1 drugs for obesity. But the report also noted that half of seniors who would qualify for obesity coverage already have access to the drugs for other conditions.”
  • The American Hospital Association News notes,
    • “The Centers for Medicare & Medicaid Services Oct. 9 released a request for information and a sample list of prescription drugs it intends to include under a proposed Medicare $2 Drug List Model. Under the model, people enrolled in a Part D plan would have access to these drugs for a low, fixed copayment no higher than $2 for a month’s supply per drug. The model would provide individuals more certainty about out-of-pocket costs for these generic covered drugs that would target common conditions such as high cholesterol and high blood pressure. The Center for Medicare and Medicaid Innovation’s model aims to test whether a simplified approach to offering low-cost, clinically important generic drugs can improve medication adherence, lead to better health outcomes and improve satisfaction with the Part D prescription drug benefit among Medicare beneficiaries and prescribers. It is also aligned with Executive Order 14087, “Lowering Prescription Drug Costs for Americans,” which directed the creation of new payment models to lower drug costs and promote access. Comments are due Dec. 9 through a CMS survey.”
  • KFF provides us with “A Current [Detailed] Snapshot of the Medicare Part D Prescription Drug Benefit.”
  • The Wall Street Journal reports,
    • CVS Health filed a motion seeking to disqualify top Federal Trade Commission officials from participating in a case regarding some of its businesses over alleged bias against pharmacy benefit managers.
    • “The healthcare company said Chair Lina Khan, Commissioner Rebecca Kelly Slaughter and Commissioner Alvaro Bedoya through public statements show they have prejudged the matter at hand and that their participation would violate the due process rights of respondents Caremark Rx and Zinc Health Services.
    • “CVS specified that past statements made false assertions that are critical to the merits of the case, including that pharmacy benefit managers “control” drug pricing and patient access to drugs including insulin.
    • Cigna Group, on behalf of Express Scripts and other of its businesses, also filed a motion seeking to disqualify Khan, Slaughter and Bedoya.
    • UnitedHealth Group, who reportedly filed a similar motion, didn’t immediately respond to a request for comment.”

From the public health and medical research front,

  • STAT News points out,
    • “A trio of scientists who opened new doors in our understanding of the structure of proteins — the fundamental building blocks of biology — and even came up with ways to create new proteins won the Nobel Prize in chemistry Wednesday.
    • “The prize went to David Baker of the University of Washington, and to Demis Hassabis and John Jumper, who work at Google DeepMind in London. Baker will receive half the 11 million Swedish kronor (just over $1 million) prize, while Hassabis and Jumper will split the other half.” * * *
    • “Baker said he was sleeping when he received the Nobel call early Wednesday morning, as is often the case for laureates in the U.S. When he was told he had won the prize, his wife started yelling, drowning out the person on the phone. He had to go to another room so he could hear the rest of the call, he said. 
    • “Asked by one journalist to pick his favorite protein, Baker demurred, saying he didn’t want to identify just one. But he did highlight one that he and his colleagues had crafted that could potentially block the coronavirus behind Covid-19 from infecting cells, hinting at one of the applications of his discoveries that researchers are now pursuing. 
    • “I’ve been very excited about the idea of a nasal spray of little designed proteins that would protect against all possible pandemic viruses,” he said.”
  • Kudos to the recipients.
  • The American Medical Association tells us what doctors wish their patients knew about microplastics.
  • The National Cancer Institute shares its Cancer Information Highlights about “Breast Cancer | Jaw Necrosis | Leiomyosarcoma.”
  • Per National Institutes of Health press release,
    • “The National Institutes of Health has launched a nationwide consortium to address the dramatic rise in youth diagnosed with type 2 diabetes over the past two decades, a trend that is expected to continue. The effort aims to advance understanding of the biologic, social, and environmental drivers of youth-onset type 2 diabetes, with the goals of determining which children are at highest risk for developing the disease and how to better prevent, screen for, and manage type 2 diabetes in young people.
    • “Our children who are overweight or have obesity are at risk, but we don’t know how best to identify the children who will progress to type 2 diabetes,” said Rose Gubitosi-Klug, M.D., Ph.D., study lead, and chief of pediatric endocrinology at Case Western Reserve University/Rainbow Babies and Children’s Hospital, Cleveland. “This study will bring us closer to our goal of prevention of type 2 diabetes in future generations of youth.” * * *
    • “For more information about the study, known as DISCOVERY of Risk Factors for Type 2 Diabetes in Youth, please visit discovery.bsc.gwu.edu.”

From the U.S. healthcare business front,

  • The American Hospital Association News lets us know,
    • “The average annual premium for employer-sponsored family health coverage rose 7% in 2024 to $25,572, according to the latest KFF annual survey. It is the second consecutive year with a 7% increase. For workers who have an annual deductible for single coverage, the 2024 average is $1,787, similar to last year’s $1,735 and up 8% from 2019. The survey found that the amount workers’ pay toward annual premiums has increased less than 5% since 2019, which may be due to a tight labor market.”
  • Per Beckers Hospital CFO Report,
    • “Chicago-based CommonSpirit is “investing significantly in high-growth markets,” such as Arizona and Colorado, to ensure the long-term sustainability of the health system, CFO Dan Morissette said during the company’s investor call on Oct. 4.
    • “Last year, Centennial, Colo.-based Centura Health folded into CommonSpirit, which manages 20 hospitals and more than 240 care sites in Colorado, Kansas and Utah that were previously managed by Centura. 
    • “The news came shortly after CommonSpirit and Altamonte Springs, Fla.-based AdventHealth said they would end their Centura Health joint venture after 27 years, with each system directly managing their respective care sites in Kansas and Colorado. 
    • “Much of our focus in this market is on transition alignment and ambulatory care sites, as well as future inpatient growth to meet the rapidly expanding demand,” Mr. Morissette said. “We also announced a partnership with Kaiser in this market, which is an important new collaboration for us.Intentional capital deployment means taking a system-level approach to reviewing and 
    • “CommonSpirit is also diversifying its service line in these high-growth markets. Areas of focus include behavioral health, cancer care and outpatient care.”
  • Per Fierce Pharma,
    • “GSK has agreed to pay up to $2.2 billion to resolve approximately 80,000 lawsuits brought by users of Zantac who claimed the heartburn drug caused their cancer.
    • “The agreement frees the British pharma giant from litigating 93% of the state court cases it faced in the U.S., most of which had been consolidated in Delaware. The settlement was reached with 10 plaintiff firms with the agreement that GSK does not admit liability, the company said.
    • “With the deal, lawyers representing the plaintiffs are unanimously recommending that clients accept terms of the settlement, which is expected to be complete by the end of the first half of 2025, GSK said.
    • “The agreement is in line with a similar settlement Sanofi reportedly made earlier this year. The French pharma consented to pay $100 million to resolve roughly 4,000 Zantac claims, Bloomberg reported in April. That deal paid plaintiffs roughly $25,000 each. The GSK settlement comes to approximately $27,500 per claimant.
    • ‘In May of this year, Pfizer also settled approximately 10,000 Zantac lawsuits for an undisclosed figure. Pfizer had the rights to sell the antacid from 1998 to 2006.
    • “In addition to the $2.2 billion deal, GSK also said on Wednesday that it will pay $70 million to resolve a qui tam complaint filed by Connecticut-based laboratory Valisure, which first raised alarm bells about Zantac’s risks in 2019 during routine batch testing.”
  • Per MedTech Dive,
    • “The number of medical devices with artificial intelligence technology has risen sharply in the past decade. 
    • “The Food and Drug Administration has authorized 950 AI or machine learning-enabled devices as of Aug. 7, 2024, according to the agency’s database. While the FDA authorized the first AI-enabled device in 1995, the number of submissions has spiked in recent years.
    • “In 2015, the FDA authorized six AI medical devices. In 2023, the agency authorized 221 devices, according to data reviewed by MedTech Dive.
    • “The trend has been driven by more connected devices, more investment into AI and machine learning and growing familiarity with how software is regulated as a medical device, experts said in interviews.
    • “We’re definitely seeing huge increases in investment. There’s no doubt about that,” said Jennifer Goldsack, CEO of the Digital Medicine Society, an industry group for digital health.”

Tuesday Tidbits

David ErmerACA, CDC, FDA, Federal employment benefits, Medical / Rx research, NIH, OPM, Rx coverage, SCOTUS, U.S. Healthcare
Photo by Patrick Fore on Unsplash

From Washington, DC,

  • Yesterday, the Supreme Court invited the Solicitor General to submit a brief expressing her views on the 10th Circuit’s decision in PCMA v. Mulready which is favorable to ERISA and Medicare preemption of state PBM reform laws.
  • The Solicitor General typically submits a brief favoring Supreme Court review no later than December so that the Court can hear the case in its current term. If the Solicitor General opposes Supreme Court review, her brief likely will be submitted next April.
  • The FEHBlog hopes that the Solicitor General files an April 2025 brief.
  • Also yesterday, the Defense Department announced a one-year pilot program to provide no-cost supplemental health support services to DoD civilian employees serving in Japan after a yearlong effort to identify and address concerns regarding access to medical care.
    • “This pilot is called the Pilot Health Insurance Enhancement for DoD Civilian Employees in Japan and will assist [11,000] eligible civilian employees with health care navigation and upfront costs associated with accessing Japan’s healthcare system.
    • “To be eligible, the employee must be enrolled in a participating health plan through the Federal Employees Health Benefits (FEHB) program. The enrollment window for eligible employees will be the Federal Benefits Open Season, which runs this year Nov. 11 through Dec. 9. Federal Benefits Open Season allows federal civilians to enroll in or change health care options.
    • “The services provided under this pilot will begin Jan. 1, 2025, when participants can use the services and access support through a call center. The call center will be open 24/7 and staffed with bilingual service representatives who will assist callers with identifying their needs, make appointments with provider offices, and issue payment guarantees up front. Dependents are not eligible for services during the pilot, which runs through Sept. 29, 2025. * * *
    • “The Office of the Assistant Secretary of Defense for Health Affairs will oversee the pilot program and has awarded a $4.2 million contract to International SOS Government Services Inc., which is also the prime contractor for the TRICARE Overseas Program. The contract for this pilot is being funded by the military departments, defense agencies and DoD field activities that have civilian employees working in Japan.
    • “Active-duty service members and TRICARE Prime beneficiaries have prioritized access to health care in military hospitals and clinics based on current federal law and DoD policy. DoD civilians who are not TRICARE beneficiaries may use military health facilities on a space-available basis. [This unfortunate 2023 policy change led to this pilot.]
    • “Agreements with FEHB insurance carriers who currently provide coverage for DoD civilian employees in Japan will be established to provide direct billing agreements. Non-appropriated Fund (NAF) employees are eligible for this program if enrolled in an Aetna International plan.”
  • The FEHBlog finds it odd that the DOD pilot does not cover eligible family members.
  • Health Affairs Forefront provides even more details on the lengthy proposed 2026 Notice of Benefit and Payment Parameters for the ACA marketplace released last Friday.
  • Federal News Network tells us,
    • “After making improvements for two months, the Office of Personnel Management retirement backlog saw a decline in claims received and processed claims for the month of September.
    • “OPM received 5,618 claims in September, 1,465 less than the month of August’s claims received. OPM processed 6,302 claims in September, 1,400 less than in August.”
    • That appears to be a wash to the FEHBlog.

From the public health and medical research front,

  • American Hospital News informs us,
    • “The Centers for Disease Control and Prevention last week confirmed the first two human cases of H5 bird flu in California. The individuals were workers who had contact with infected dairy cows, CDC said. There have been 16 total human cases of H5 bird flu reported in humans across the country this year, with six being linked to exposure to sick or infected dairy cows, nine with exposure to infected poultry, and one case in Missouri with an origin that has yet to be determined. The CDC’s risk assessment of a bird flu outbreak for the general public remains low.”
  • Per BioPharma Dive,
    • “Vaccine maker GSK unveiled new data Tuesday showing its respiratory syncytial virus vaccine Arexvy protected older adults over three seasons against disease caused by infection.
    • “Across the entire time period, one dose of Arexvy was 63% effective against RSV broadly, and 67% effective against severe disease, GSK said. However, the shot’s efficacy waned, falling to an estimated 48% in the third season alone.
    • “Currently, the Centers for Disease Control and Prevention doesn’t recommend a second RSV vaccine dose. While GSK described the three-season data as evidence of the shot’s “significant health impact,” it said that “over time, revaccination is expected to be required to maintain an optimal level of protection.”
  • CNN reports,
    • “A new study found that having your arm in the wrong position during blood pressure checks — either at home or the doctor’s office — can result in readings “markedly higher” than when your arm is in the recommended position: appropriately supported on a table with the middle of the cuff positioned at heart level.
    • “This suggests that not consistently having your arm positioned and supported appropriately during a blood pressure reading might result in a misdiagnosis of high blood pressure, which some experts worry could possibly lead to unnecessary treatment.
    • “The study, published Monday in the journal JAMA Internal Medicine, found that having your arm resting in the lap during a blood pressure reading can lead to an overestimated systolic blood pressure measurement by 3.9 mm Hg and overestimated diastolic reading by 4 mm Hg. And having your arm hang by your side can lead to an overestimated systolic reading by 6.5 mm Hg and overestimated diastolic reading by 4.4 mm Hg.”
  • Per Healio,
    • “A blood test for men at the time of a metastatic prostate cancer diagnosis may predict treatment response and survival, according to study results.
    • “The test could help oncologists decide which patients should receive standard treatment and who might derive more benefit from a clinical trial, researchers concluded.”
  • The Washington Post lets us know,
    • “Children should spend up to two hours a day outside to reduce their risk of myopia, or nearsightedness, according to a new consensus report from the National Academies of Sciences, Engineering and Medicine. At least one of those hours should take place during the school day, the report says.
    • Myopia is a condition in which distant objects are blurry but close-up objects look clear. The National Academies report cites research indicating a significant rise in myopia worldwide.”
  • The National Institutes of Health posted the latest issue of “Women’s Health In Focus at NIH, Volume 7, Issue 3, 2024.” This is a quarterly publication of NIH’s Office of Research on Women’s Health.
  • The International Foundation of Employee Benefit Plans offers flu season advice to employers.

From the U.S. healthcare business front,

  • The KFF-Peterson Health Tracker shares a “chart collection explores how health spending is expected to grow in coming years, based on National Health Expenditure (NHE) projections from federal actuaries. A related chart collection explores how U.S. health spending has changed over time using historical data, and an interactive tool allows users to explore health spending changes over time.”
  • Modern Healthcare reports,
    • “Four large nonprofit health systems created a new company to use as a testing ground for boosting access to drugs, improved care coordination for Medicare Advantage patients and streamlined billing processes.
    • Baylor Scott & White HealthMemorial Hermann Health SystemNovant Health and Providence are the founding members of Longitude Health. Each health system has made an undisclosed financial commitment to fund Longitude, which is a Delaware-based holding company owned and managed by its founders.
    • “The health system-led, for-profit entity plans to form three operating companies that will essentially act as startups on pharmaceutical development, care coordination and billing. Chief executive officers of the participating systems make up the Longitude board, along with Longitude CEO Paul Mango, former chief of staff at the Centers for Medicare and Medicaid Services.
    • “Executives hope to create additional operating companies and attract more health systems and investors over the next year.”
  • Beckers Hospital Review adds, “The U.S. spent $99 billion on both oral and clinician-administered cancer therapies in 2023, according to a report published in April by analytics firm IQVIA. As cancer drug prices continue to increase, spending is projected to grow.”
  • Per Fierce Pharma,
    • “As the eastern U.S. braces for another storm in the form of Hurricane Milton, at least one major drugmaker is stepping up to support Florida locals and preserve access to critical medical supplies and drugs.
    • “Pfizer—which opened a global hub in Tampa, Florida, in 2021—is setting out to bolster emergency services, pool donations and ease medical supply needs as Milton touches down this week, the company’s CEO, Albert Bourla, Ph.D., said in a post on X (formerly Twitter) Tuesday.
    • “Like many people, I have watched with a heavy heart as the scale of the damage caused by Hurricane Helene has become fully evident,” the chief executive said. “Now it seems Hurricane Milton is heading toward the Tampa area, where we have a major Pfizer facility.”
    • “In light of the impending natural disaster, Bourla said Pfizer is pledging all it can to support the community during this trying time.”
  • Per MedTech Dive,
    • “Baxter said Monday it has made progress restoring a North Carolina manufacturing plant damaged by Hurricane Helene. 
    • “Rain and storm surge from Hurricane Helene flooded the plant and damaged access bridges. So far, Baxter has not identified any structural damage to the facility. The Marion, North Carolina, site is the company’s largest manufacturing facility and produces dialysis solutions and IV fluids.
    • “Baxter is resuming shipments of dialysis products to hospitals and patients after a temporary hold last week.”
  • and
    • “Mercury Medical has recalled 1,300 emergency breathing support devices in response to a problem that can affect ventilation of the patient.
    • “The Food and Drug Administration, which published an alert about the problem Monday, categorized the action as a Class I recall. Mercury asked customers to stop the use and distribution of the affected devices.
    • “No reported injuries or deaths have been associated with the issue, but the FDA said affected products could cause serious adverse health consequences.”
  • Beckers Hospital Review points out,
    • “A group representing companies that produce copycat versions of Eli Lilly weight loss medications has filed a lawsuit against the FDA following the agency’s recent decision to remove the drugs from its shortage list, Bloomberg reported Oct. 7. 
    • “The Outsourcing Facilities Association, along with compounding pharmacy FarmaKeio Superior Custom Compounding, alleged the FDA acted arbitrarily and failed to provide prior notice regarding its decision. 
    • “The plaintiffs asserted that the shortage of Lilly’s drugs is not truly over and argued that the FDA’s action limits patient access to essential medications. The lawsuit seeks to overturn the FDA’s removal of Lilly’s weight loss drugs from the shortage list. 
    • “With the FDA announcement, many patients who relied on compounded versions of the medications now face the choice of switching to higher priced brand-name medications or seeking alternatives from Novo Nordisk.” 
  • Per SHRM, Mercer Consulting predicts
    • “Employers may be cautious about pay due to economic concerns, but they are planning to stay consistent with salaries next year—at least for now.
    • “On average, U.S. employers are budgeting for 3.3% merit increases and 3.6% increases for their total salary budgets for nonunionized employees, according to new data from consulting firm Mercer, which surveyed more than 1,100 employers to gauge what pay will look like in 2025. These numbers are the same as the actual pay increases that employers delivered in 2024.
    • “Mercer’s analysis also found that, in addition to remaining consistent with salary increases, employers are planning to promote just under 10% of their employees in 2025. For companies with a separate promotion budget, the average promotion increase budget for 2025 is 1%, down slightly from 1.1% in 2024.
    • “There are variations in compensation projections across industries, Mercer found. For example, technology and life sciences reported above-average compensation budgets, with merit and total increase budgets at 3.5% and 3.9%, respectively. On the other end of the spectrum, retail and wholesale reported merit and total increase budgets of 3.1% and 3.3%, respectively.”

Monday Roundup

David ErmerACA, COVID-19 testing, FDA, Generative AI, Medical / Rx research, OPM, Rx coverage, U.S. Healthcare
Photo by Sven Read on Unsplash

From Washington, DC,

  • Federal News Network tells us,
    • “Close to 15,000 blue-collar federal employees working in trade, craft and manual labor jobs are likely to see their federal pay rates increase by as much as 12%, once a new proposed rule from the Office of Personnel Management becomes finalized.
    • “The proposed regulations, which OPM released on Monday, aim to improve overall pay parity for roughly 168,000 blue-collar federal workers who are paid hourly through the Federal Wage System (FWS). In practice, OPM’s proposal would align the map of FWS wage areas more closely with the General Schedule’s locality pay map.
    • “This would lead to greater equity across federal pay systems, with FWS workers’ pay more aligned with GS workers who work in the same geographic area,” OPM wrote in a press release Monday.
    • ‘As a result of the proposed re-mapping, around 15,000 blue-collar federal employees would begin receiving higher pay rates once OPM’s regulations become final — as long as there are no major changes to how the proposed regulations are currently written.”
  • and
    • “The Postal Service, more than three years into a 10-year reform plan, is seeking a higher borrowing limit with the Treasury Department to sustain its infrastructure upgrades.
    • ‘USPS, in an update to its “Delivering for America” plan last week, said its current $15 billion debt limit with Treasury was set in the 1970s, and has not been adjusted for inflation in decades.
    • “We continue to lack access to capital and credit markets that most in the private sector rely on in transformative situations like ours,” USPS wrote in a report last week.
    • “USPS is also calling on the Office of Personnel Management to reassess what it pays into the Civil Service Retirement System, the pension system for federal employees who began government service before 1987.”
  • Gallagher timely reminds us about ACA FAQ 63 which told us
  • The American Hospital Association News informs us,
    • “AHA President and CEO Rick Pollack Oct. 7 sent a letter to President Biden urging the Administration to take immediate actions to increase the supply of IV solutions for hospitals and other health care providers that are struggling with shortages following the closure of a Baxter manufacturing plant as a result of Hurricane Helene.  
    • “Our members are already reporting substantial shortages of these lifesaving and life-supporting products,” Pollack wrote. “Patients across America are already feeling this impact, which will only deepen in the coming days and weeks unless much more is done to alleviate the situation and minimize the impact on patient care.”  
    • “The letter includes a number of specific actions the AHA is asking the Administration to take to support hospitals’ ability to care for patients and communities. In addition, the AHA invited the White House and agency experts to join the association in a forum to communicate directly with hospitals and health systems to “inform each other in real time on the status of the situation while we work together to mitigate the impact on patients.” 
  • Fierce Healthcare offers a summary of HHS’s proposed 2026 notice of benefit and payment parameters for the ACA marketplace. The public comment deadline is November 12, 2024.

From the Food and Drug Administration front,

  • Per an FDA press release,
    • “Today [October 7], the U.S. Food and Drug Administration granted marketing authorization for the Healgen Rapid Check COVID-19/Flu A&B Antigen Test. The test, authorized for use without a prescription, is for use by individuals experiencing respiratory symptoms and uses a nasal swab sample to deliver at-home results in approximately 15 minutes for COVID-19 and influenza (flu). The test detects proteins from both SARS-CoV-2 (the virus that causes COVID-19) and influenza A and B (the viruses that causes flu).  
    • “This is the first over the counter (OTC) test that can detect influenza to be granted marketing authorization using a traditional premarket review pathway, which enables the test to be marketed in the absence of an applicable emergency use declaration. Other OTC flu/COVID tests are currently available under emergency use authorization.” 
  • Per MedTech Dive,
    • The Food and Drug Administration approved Exact Sciences’ Cologuard Plus colorectal cancer test, the company said Friday [October 4]
    • The product is an updated version of Exact Sciences’ existing stool-based cancer test. The company expects to launch the test, which has higher specificity than its predecessor, with Medicare coverage and guideline inclusion in 2025.
    • Exact Sciences recently failed to land a Medicare price premium for Cologuard Plus, but Leerink Partners and William Blair analysts expect one of the company’s subsequent attempts to succeed.

From the public health and medical research front,

  • The Wall Street Journal reports,
    • “The Nobel Prize in medicine was awarded to Victor Ambros and Gary Ruvkun for the discovery of microRNA, molecules that help control how genes are expressed.
    • “Their findings unlocked new areas of research into the roles these molecules play in human health. Researchers are exploring microRNA treatments for cancer, heart disease and dementia.”
    • “Ruvkun and Ambros were giddy with excitement on Monday after learning of their Nobel honors.”
    • Kudos to the recipients.
  • and, on a different topic,
    • “Inflammaging, a chronic low-grade inflammation, is associated with an increased risk of heart attack, cancer, Alzheimer’s and other conditions. It occurs as we age, but some people develop it more than others.
    • “Chronic inflammation can be caused by cellular senescence, where damaged aging cells secrete inflammatory proteins. 
    • “Prevention and treatment measures include lifestyle changes such as exercise, healthy diet and adequate sleep.”
  • The American Medical Association lets us know eight things that doctors wish their patient knew about the flu vaccine.
  • Consumer Reports, writing in the Washington Post, fills us in on how to choose the right multivitamin for your body’s needs.
  • Per BioPharma Dive,
    • “An experimental, muscle-preserving therapy from Scholar Rock succeeded in a Phase 3 trial in spinal muscular atrophy, positioning the biotechnology company to seek approvals in the U.S. and Europe early next year.
    • “A regimen of Scholar Rock’s drug, apitegromab, and a standard SMA therapy significantly improved motor function after one year versus treatment with a typical SMA medicine and a placebo, the company said Monday. Specifically, a prespecified, pooled analysis showed children between 2 and 12 years old who received one of two tested doses had an average difference versus placebo of about a 1.8-point change from baseline on a scale used to evaluate their physical abilities.
    • “Motor function benefits were also observed in a smaller, exploratory group of 13- to 21-year-olds, according to the company. No new safety findings were reported, and no one dropped out of the trial due to side effects. “We believe these data collectively show that apitegromab has the potential to become part of a new standard of care,” CEO Jay Backstrom said on a conference call. Shares more than quadrupled in value Monday.”

From the U.S. healthcare business front,

  • Per Fierce Healthcare,
    • “The healthcare industry is making the push toward greater adoption of value-based care, yet it’s not a secret that progress has been slow-moving.
    • “With that backdrop, UnitedHealth Group has released its latest “A Path Forward” report, which is a biennial look at progress in the shift to value. The paper includes dozens of policy recommendations that the team believes can accelerate that transformation.
    • “Wyatt Decker, M.D., UnitedHealth Group executive vice president and chief physician who’s leading the charge at the company on value-based care and innovation, told Fierce Healthcare in an interview that the U.S. healthcare system is extremely effective at addressing crises, complex patient conditions and end-stage needs. But it’s in prevention where “we really fall down,” he said.
    • “We don’t, by and large, have a system that focuses on keeping people healthy and well,” Decker said. “Most people wonder why their physician or their assistants don’t reach out when it’s time to get a screening and why they have so much trouble scheduling appointments, finding doctors, and, of course, figuring out how much it’s all going to cost.” 
  • and
    • “GenAI experimentation, research and potential use cases proliferate by the day. Like other industries, healthcare is hurrying to jump on the opportunity. A growing number of companies are creating genAI products to help organizations streamline their administrative workflows, simplify physician notetaking or respond to basic patient questions. But publicly available tools, like ChatGPT, are popular, easy to access and simple to use. If consumers are using them, are doctors, too?
    • “The answer, Fierce Healthcare finds, is yes. In the first in-depth look of its kind into physician use of public genAI tools, Fierce Healthcare spoke with nearly two dozen doctors, students, AI experts and regulators, and helped conduct a survey of more than 100 physicians. The reporting confirms that some doctors are turning to tools intended for non-clinical uses to make clinical decisions. With no standardized guidelines, lagging physician training and regulators racing to try to keep up with rapidly changing technology, guardrails to protect patients appear to be years behind current rates of utilization.
    • “You have an uncertain regulatory environment, you’ve got a march of technology and at the same time, you have an uptake by both consumers and healthcare professionals. And the consequences of that are very much uncertain,” Peter Bonis, M.D., chief medical officer at Wolters Kluwer, an information services company, told Fierce Healthcare.”

  • The FEHBlog learned a new use for the work “hallucination” today at the Texas Bar Association’s Health Law Conference. A generative AI mistake is a hallucination.
  • McKinsey and Company discuss “Advancing inclusive care pathways for people with disabilities. Across disease types, patients with disabilities experience inequities all along the care pathway—with consequently worse outcomes. Inclusive pathway designs and targeted interventions could help.”

Weekend Update

David ErmerCongress, Federal employment benefits, OPM, SCOTUS
  • Congress remains on the campaign trail until November 12 according to Govexec.
  • Last Friday, the Supreme Court issued its list of petitions granted its review at its September 30 conference. Oklahoma’s petition seeking review of the 10th Circuit’s ERISA preemption opinion involving Oklahoma’s PBM reform law (No. 23-1213) was not on the list. Tomorrow the Court will release other orders that conference.
  • The Social Security Administration is expected to announce its new Social Security cost of living adjustment on Thursday according to CBS News. “The 2025 cost-of-living adjustment is forecast to come in at about 2.5%, according to the Senior Citizens League (TSCL), an advocacy group for older Americans.”  
  • Fedweek has collected projections on the federal employee pension program (CSRS and FERS) COLAs which will be announced later this month.
  • This month, OPM is reconciling carrier and government data to identify all of the Postal Service Health Benefit Program enrollees effective January 1, 2025. OPM will be auto enrolling those folks in the appropriate PSHB plan. OPM will be mailing out auto-enrollment notices to each PSHB enrollee before Open Season begins on November 11, 2024. Here is a link to OPM’s website on the auto enrollment program.
  • The FEHBlog will be attending the Texas Bar Association’s Health Law Conference tomorrow and Tuesday in Austin.

Cybersecurity Saturday

David ErmerCybersecurity

October is Cybersecurity Awareness Month.

  • Here is an excerpt from CISA’s October 1 announcement,
    • Today, the Cybersecurity and Infrastructure Security Agency (CISA) announced the kickoff of the 21stCybersecurity Awareness Month. Throughout October, CISA and the National Cybersecurity Alliance (NCA) will focus on ways to “Secure Our World” by educating the public on how to stay safe online.  
    • This October and year-round, CISA challenges everyone to help secure our world by adopting four simple steps that everyone can take to stay safe online:  
      • Use strong passwords that are long, random, and unique to each account, and use a password manager to generate them and to save them.
      • Turn on multifactor authentication on all accounts that offer it. We need more than a password on our most important accounts, like email, social media, and financial accounts. 
      • Recognize and report phishing, as we like to say, think before you click. Be cautious of unsolicited emails or texts or calls asking you for personal information, and don’t click on links or open attachments from unknown sources.
      • Update software. In fact, enable automatic updates on software so the latest security patches keep devices we are connected to continuously up to date.
  • Here are links to CISA’s Cybersecurity Awareness Month website, the HHS Section 405(d) program’s poster and NIST staff reflections.

From the cybersecurity policy and law enforcement front,

  • Federal News Network lets us know,
    • “The Department of Health and Human Service’s Administration for Strategic Preparedness and Response is considered HHS’ “one stop shop” for working on cyber issues facing the healthcare and public health sector.
    • “But Brian Mazanec , deputy director in ASPR’s Center for Preparedness, said that doesn’t mean his organization is handling every health sector cybersecurity issue at HHS.” * * *
    • “But even before the Change Healthcare ransomware attack, HHS had already laid out plans to expand ASPR and its role as the “sector risk management agency” for healthcare.
    • “ASPR has since established a cybersecurity division within its Office of Critical Infrastructure Protection. Mazanec said the division is the focal point for ASPR’s cyber work with the sector. The division has hired an “initial tranche” of federal staff, he said.
    • “One of the cyber division’s core responsibilities will be incident response, Mazanec said. When a cyber attack hits a major hospital, for instance, ASPR’s team will work with the FBI and the Cybersecurity and Infrastructure Security Agency to help respond and offer support.
    • “Mazanec said ASPR can help hospitals grapple with how to address the fallout from a cyber incident, like the potential diversion of patients to other facilities.” * * *
    • In addition to hospitals, Mazanec said ASPR is focused on third-party risks, such as the dangers posed by relying on large providers like Change Healthcare. He said ASPR is currently working on a new sector risk assessment as part of a new national security memorandum on critical infrastructure. 
    • “A key part of that is going to is looking at that systemic and third party risk,” Mazenec said. “And the NSM also directs us to develop a sector specific plan informed by that risk assessment . . .  That’s where we’ll grapple with, ‘OK, here’s what the risk posture looks like. What can we do to hit those critical entities and help them better, to make sure we’re as secure and resilient as possible across the ecosystem?’”
  • Cyberscoop reports,
    • Microsoft and the U.S. Department of Justice on Thursday [October 3] announced the seizure of more than 100 domains used by a Russian-backed hacking unit to target more than two dozen civil society organizations between January 2023 and August 2024.
    • Microsoft’s Digital Crimes Unit filed a lawsuit with the NGO Information Sharing and Analysis Center (NGO-ISAC) to seize 66 unique domains used by a hacking group Microsoft tracks as Star Blizzard, but which the U.S.British, and other western governments have attributed to the Russian Federal Security Service, more commonly known as the FSB.
    • The Department of Justice simultaneously seized 41 additional domains used by the same group, which it described as an operational unit within the FSB’s Center 18. The U.S. government indicted two Russian nationals working with the group in December 2023, levied sanctions against them and offered a $10 million reward for information on their location.
    • “Rebuilding infrastructure takes time, absorbs resources, and costs money,” Steven Masada, assistant general counsel of Microsoft’s Digital Crimes Unit, said in a statement. “By collaborating with DOJ, we have been able to expand the scope of disruption and seize more infrastructure, enabling us to deliver greater impact against Star Blizzard.” 
  • Per a Justice Department press release,
    • The Justice Department today [October 1] unsealed an indictment charging Russian national Aleksandr Viktorovich Ryzhenkov (Александр Викторович Рыженков) with using the BitPaymer ransomware variant to attack numerous victims in Texas and throughout the United States and hold their sensitive data for ransom.
    • According to the indictment, beginning in at least June 2017, Ryzhenkov allegedly gained unauthorized access to the information stored on victims’ computer networks. Ryzhenkov and his conspirators then allegedly deployed the strain of ransomware known as BitPaymer and used it to encrypt the files of the victim companies, rendering them inaccessible. An electronic note left on the victims’ systems contained a ransom demand and instructions on how to contact the attackers to begin ransom negotiations. Ryzhenkov and his conspirators allegedly demanded that victims pay a ransom to obtain a decryption key and prevent their sensitive information from being made public online.
    • The indictment further alleges that Ryzhenkov and others used a variety of methods to intrude into computer systems, including phishing campaigns, malware, and taking advantage of vulnerabilities in computer hardware and software. Ryzhenkov and coconspirators used this access to demand millions of dollars in ransom. Ryzhenkov is believed to be in Russia. View the FBI’s wanted poster for him here.

From the cybersecurity vulnerabilities and breaches front,

  • Cybersecurity Dive tells us,
    • “Phishing is the leading initial-access vector for attacks in cloud environments, IBM X-Force said Tuesday in its latest Cloud Threat Landscape Report. IBM’s latest findings are in line with a collection of other recent research from incident response firms and cybersecurity vendors about the prevalence and impact of phishing.
    • “The mode of attack, which threat groups use to harvest credentials for systems and network access, accounted for one-third of all cloud-related incidents IBM X-Force responded to during the two-year period ending in June.
    • “Threat groups most often use phishing emails to trick recipients into entering login information on malicious sites for adversary-in-the-middle attacks, IBM X-Fource found. AITM phishing is a more sophisticated form of a phishing attack that can bypass some forms of multifactor authentication, the report found.”
  • and
    • “Threat actors are actively exploiting a critical vulnerability in Ivanti Endpoint Manager that was previously disclosed by the company in May.
    • “The SQL injection vulnerability in the core server of Ivanti EPM 2022 SU5 and prior versions can permit an attacker to execute arbitrary code, according to an advisory from the company updated Wednesday. The vulnerability, listed as CVE-2024-29824, has a CVSS score of 9.6.
    • “The Cybersecurity and Infrastructure Security Agency on Wednesday added the CVE to its known exploited vulnerabilities catalog. Ivanti updated a previously issued advisory on the CVE and confirmed a limited number of customers have been impacted.”
  • Dark Reading informs us,
    • “Apple has patched two quirky bugs that might have offended privacy-oriented iPhone and iPad owners.
    • “The first — an issue with Apple’s VoiceOver accessibility feature — could have caused iPhones or iPads to announce sensitive passwords out loud. The other issue — affecting voice messages on new iPhone models — could have recorded users for brief seconds before they knew they were being recorded.
    • “New operating system versions are available for both iOS and iPadOS (18.0.1), fixing each bug with improved validation and checks, respectively. Users should update their devices to avoid being vulnerable.”
  • Cybersecurity Dive adds,
    • “Federal civilian agencies triaged more than 7,000 vulnerabilities submitted to the Vulnerability Disclosure Policy Platform in 2023, the Cybersecurity and Infrastructure Security Agency said Monday in an annual report on the program.
    • “Federal agencies remediated 872 vulnerabilities last year, a 78% increase from 2022, CISA said in the report. The federal government determined 15% of the vulnerabilities submitted to the VDP Platform last year were valid.
    • “The program consistently sorts through an increase in critical vulnerabilities. The VDP Platform identified 250 critical vulnerabilities in 2023, a 130% jump from 2022.”
  • Per Cyberscoop,
    • Researchers uncovered 14 vulnerabilities, one of them the most severe kind, that left more than 700,000 routers made by Taiwan-based DrayTek exposed to the public internet, but that the company has since patched.
    • ForeScout’s Vedere Labs revealed the vulnerabilities Wednesday and urged security pros to make sure they implemented the fixes, adding that 75% of the routers are used in commercial settings.
    • “These devices are not just hardware; they represent potential entry points for devastating attacks,” ForeScout said. “Our research shows these vulnerabilities could be used in espionage, data exfiltration, ransomware, and denial of service (DoS) attacks.”
    • More than half of the routers at risk (approximately 425,000) are in the European Union and United Kingdom, followed by Asia (190,000), Australia and New Zealand (37,000), the Middle East (30,000), Latin America (15,000) and North America (7,200).

From the ransomware front,

  • The Record points out,
    • “Insurance companies must stop issuing policies that incentivize making extortion payments in ransomware attacks, a senior White House official said on Friday.
    • “The call for the practice to end, which was made without any indication the White House was formally proposing to ban the practice, follows the fourth annual International Counter Ransomware Initiative (CRI) summit in the United States this week, where the 68 members of the CRI discussed tackling the problem.
    • “Writing an opinion piece in the Financial Times newspaper, Anne Neuberger, the U.S. deputy national security adviser for cyber and emerging technologies, warned that ransomware was “wreaking havoc around the world.”
    • “She wrote: “Some insurance company policies — for example covering reimbursement of ransomware payments — incentivise payment of ransoms that fuel cyber crime ecosystems. This is a troubling practice that must end.” 
  • The Health Sector Cybersecurity Coordination Center posted a threat actor profile about a relatively new actor, Trinity Ransomware.
  • Per Cyberscoop,
    • “A new ‘FakeUpdate’ campaign targeting users in France leverages compromised websites to show fake browser and application updates that spread a new version of the WarmCookie backdoor.
    • “FakeUpdate is a cyberattack strategy used by a threat group known as ‘SocGolish’ who compromises or creates fake websites to show visitors fake update prompts for a variety of applications, such as web browsers, Java, VMware Workstation, WebEx, and Proton VPN.
    • “When users click on update prompts designed to appear legitimate, a fake update is downloaded that drops a malicious payload, like info-stealerscryptocurrency drainers, RATs, and even ransomware.
    • “The latest campaign was discovered by researchers at Gen Threat Labs, who observed the WarmCookie backdoor being distributed as fake Google Chrome, Mozilla Firefox, Microsoft Edge, and Java updates.”

From the cybersecurity defenses front,

  • An ISACA commentator discusses “The Hidden Culture Crisis and Human Burden Undermining Cybersecurity Resilience.”
  • Here’s a link to Dark Reading’s informative CISO Corner.
  • The Wall Street Journal reports,
    • “Cybersecurity executives now earn an average of $565,000, reflecting a moderate increase at a time when cyber threats are growing and regulatory pressure is adding stress to the role.
    • “Corporate chief information security officers are on the hook for defending their companies against cyberattacks, as well as handling breach response, participating in regulatory inquiries and, at times, supplying information during litigation. Pay is rising as the job evolves, but not at the pace of change. 
    • “The scope of the role and the demands of the CISO are increasing at a much faster rate than the rewards and compensation,” said Nick Kakolowski, senior research director at cybersecurity firm IANS.
    • “Average compensation for cyber leaders in the U.S. in 2024 is $565,000, according to a survey from IANS and recruiting company Artico Search published Wednesday. Last year, average CISO compensation was $550,000 and $495,000 in 2022. The survey polled 755 security executives between April and August.”

Friday Factoids

David ErmerCDC, CMS, Congress, COVID-19, Federal employment benefits, Medical / Rx research, Medicare, Obesity, OPM, U.S. Healthcare

From Washington DC

  • Federal News Network points out
    • “The Office of Personnel Management is still facing several long-standing management challenges, but one challenge in particular has been knocked off the latest list from OPM’s inspector general office.
    • “Due to “continued improvements,” the federal retirement claims processing backlog at OPM is no longer a top management challenge for the agency, OPM IG Krista Boyd wrote in an Oct. 1 report.”
  • Here are some of the FEHBlog’s long-standing management challenges which are not mentioned in the IG’s report
    • OPM and Congress should place a moratorium a new FEHB benefit mandates in order to allow competition in the FEHB to flourish.
    • OPM should at long last implement a statute added to the FEHB Act in 1989, 5 U.S.C. Section 8910(d), requiring OPM in cooperation with CMS to offer FEHB carriers a Medicare coordination of benefits database.
    • OPM should share with carriers much more information from its study of the FEHB Program called for by 5 USC Section 8910(a).
    • OPM should follow the path created by all other large employers in the U.S. by providing carriers with a HIPAA 820 electronic enrollment roster that would allow carriers to reconcile enrollment and premiums at the individual enrollee level.
  • The Congressional Budget Office released a report about “Alternative Approaches to Reducing Prescription Drug Prices.”
  • Bloomberg reports,
    • “Proposed guidelines for operating Obamacare insurance exchanges in 2026 call for tightening protections against unauthorized actions by agents and brokers who help consumers enroll in coverage. 
    • ‘The proposal, released Friday by the Centers for Medicare & Medicaid Services, sets standards for health insurers and ACA marketplaces, as well as requirements for agents, brokers, and others who help consumers enroll in marketplace coverage. It also includes policies that affect Medicaid, the Children’s Health Insurance Program, and the Basic Health Program.
    • “The 2026 Benefit and Payment Parameters proposed rule (RIN 0938-AV41) includes a number of proposals, including ways to prevent unauthorized marketplace activity by agents and brokers; standards for allowable “Silver Loading,” the raising of premiums for silver plans to offset the cost of providing cost-sharing reductions; and advancing health equity and mitigating health disparities.
    • “Our goal with these proposed requirements is providing quality, affordable coverage to consumers while minimizing administrative burden and ensuring program integrity,” the proposed rule’s preamble said.”
  • Fierce Healthcare informs us,
    • “Last month, Rep. Debbie Dingell, D-Michigan, introduced a new bill in the House to profoundly expand dental coverage for millions of Americans through The Comprehensive Dental Care Reform Act of 2024 [HR 9622].
    • “The bill is a clean companion to similar legislation brought forward by Senator Bernie Sanders, D-Vermont, which would expand coverage for individuals in Medicare, Medicaid, the individual market and the Department of Veterans Affairs.
    • “A lack of dental care can worsen other serious medical conditions, but without adequate coverage, millions of Americans go without the critical oral care they need,” said Dingell in a statement. “This comprehensive legislation will make it easier for Americans to get the dental care they deserve, by expanding coverage and increasing care providers, especially in rural and underserved communities.”

From the U.S. public health and medical research front,

  • The Centers for Disease Control and Prevention announced today,
    • “Summary
      • “COVID-19 activity is declining in most areas. Seasonal influenza is low nationally. Signs of increased RSV activity have been detected in the southeastern U.S. including Florida, particularly in young children.
    • “COVID-19
      • “Nationally, COVID-19 activity has continued declining in most areas. COVID-19-associated ED visits and hospitalizations are decreasing overall. Laboratory percent positivity is 9.2%. ED visits for COVID-19 are highest among infants and older adults. Hospitalizations for COVID-19 are highest among older adults. Provisional trends in deaths associated with COVID-19 have remained stable at 2.0% of all deaths nationally.
      • “A new variant, XEC, has been detected and is estimated to comprise 2-13% of circulating viruses in the U.S. as of September 28, 2024. Because XEC is recombined from two JN.1 lineage viruses, the 2024-2025 COVID-19 vaccines that already include JN.1 strains are still expected to provide protection.
      • Similarly, there are no impacts currently expected on tests, treatments, or symptoms at this time. For additional information, please see CDC COVID Data Tracker: Variant Proportions. There are many effective tools to prevent spreading COVID-19 or becoming seriously ill.
    • “Influenza
    • “RSV
      • “Nationally, RSV activity remains low. However, signs of increased RSV activity have been detected in the southeastern U.S. including Florida, particularly in young children.
    • “Vaccination
      • “Vaccinations to prevent fall respiratory virus have started for the 2024-25 respiratory illness season. RSV, influenza, and COVID-19 vaccines are available to provide protection during the 2024-25 respiratory illness season.”
  • The University of Minnesota’s CIDRAP adds that “wastewater levels—still highest in the West [for Covid] —now are at moderate levels.”
  • CBS News reports,
    • “The effectiveness of this year’s influenza vaccine was lower in South America than last season, the Centers for Disease Control and Prevention reported Thursday, which might be a clue to how much protection the shots could offer people in the U.S. this winter.
    • “Vaccine effectiveness was 34.5% against hospitalization, according to interim estimates from a new article published by the CDC’s Morbidity and Mortality Weekly Report, among high-risk groups like young children, people with preexisting conditions and older adults. That means, vaccinated people in those groups were 34.5% less likely than unvaccinated people to get sick enough to go to the hospital.
    • “Last year, the CDC’s report had estimated vaccine effectiveness in South America was 51.9% against hospitalization among at-risk groups. A study by the same group looking at data from 2013 to 2017 estimated effectiveness was around 43% for fully vaccinated young children and 41% for older adults.
    • “These data come from a research network coordinated by the Pan American Health Organization, including Argentina, Brazil, Chile, Paraguay and Uruguay.” 
  • STAT News notes, “After a rocky debut for new RSV tools [in 2023], hopes are high as a new season approaches. The fall’s rollout of a vaccine and an antibody shot is expected to be smoother.”
    • “Anyone who works in the pediatric field understands that if we can immunize children against RSV, whether it’s through maternal vaccination or through nirsevimab, that’s really going to be life changing as far as admissions to the hospital,” Peacock, director of the immunization services division in the Centers for Disease Control and Prevention’s National Center on Immunization and Respiratory Diseases, told STAT in a recent interview.
    • “The good news is that many people who work in this field believe this year’s rollout of the new medical tools will run a lot smoother than last year’s rocky debut outing. They warned, though, that some hurdles will remain.
    • “I expect it will be better. I can’t say how much better,” said Sean O’Leary, professor of pediatrics at the University of Colorado School of Medicine, and a pediatric infectious diseases specialist at Children’s Hospital Colorado.” * * *
    • “Despite the potential for lingering challenges, [Dr. Joseph] Domachowske, from SUNY Upstate Medical University, is hopeful the societal benefit of protecting babies from RSV will soon be apparent. “It’s working,” he said, pointing to a study the CDC published in early March that showed the effectiveness of Beyfortus in preventing RSV hospitalization in infants was 90% from October 2023 to February 2024. “We just need to improve our distribution and make sure we increase the number of babies that are eligible who are getting it.”
  • The University of Minnesota’s CIDRAP tells us,
    • “California health officials yesterday announced the state’s second H5N1 avian flu infection in a dairy farm worker who had no known connection to its first case, as federal health officials announced new steps to boost the supply of H5N1 vaccines, if needed.
    • “In related developments, federal officials today shared updates about the investigation into a recent Missouri H5N1 case with no clear exposure source and what other federal agencies are doing to manage the threat to people and animals.
    • “California’s second patient also had conjunctivitis
    • “Hours after California announced its first H5N1 case in a farm worker yesterday, officials announced a second similar case in a worker at a second farm impacted by recent outbreaks in cows. Both patients worked on farms in the Central Valley, where the virus has now been detected in 56 dairy farms since September.
    • “The California Department of Public Health said, as in the first case, the second patient had mild symptoms, including conjunctivitis. Neither reported respiratory symptoms or was hospitalized.”
  • Fierce Pharma adds,
    • “CSL Seqirus, Sanofi and GSK have collectively secured $72 million in funding from the U.S. health department to boost the country’s supply of bird flu vaccines.
    • “The grant comes from the Department of Health and Human Services’ Center for Biomedical Advanced Research and Development Authority (BARDA) under a national preparedness initiative, the Administration for Strategic Preparedness and Response said Friday.
    • “The three companies will fill and finish additional doses of their influenza A(H5) vaccines, turning bulk materials into ready-to-use vials or syringes that can be immediately distributed if needed.”
  • NBC News informs us,
    • “After the recommended age to start screening for colorectal cancer was lowered to 45, there was a small but significant increase in screenings among younger people, according to a study published in the journal JAMA Network Open
    • “The lower screening age was put into place in 2021 by the U.S. Preventive Services Task Force, which previously recommended starting screenings at age 50. 
    • “Colorectal cancer cases have been rising in people younger than 50 over the last two decades. The U.S. Preventive Services Task Force isn’t the first group to suggest lowering the screening age. In 2018, the American Cancer Society also recommended to start getting checked at 45.” 
  • Per Healio,
    • “Tirzepatide and semaglutide confer greater weight loss than other FDA-approved obesity medications with no significantly higher risk for adverse events, according to findings from a network meta-analysis published in Obesity.
    • “Over the years, we’ve had all these drugs that were approved by FDA,” Priyanka Majety, MD, assistant professor of internal medicine and adult outpatient diabetes director in the division of endocrinology, diabetes and metabolism at Virginia Commonwealth University Health System, told Healio. “Recently, the GLP-1s and tirzepatide have had such huge success, so we wanted to compare all of the FDA-approved medications for obesity and see if we can provide some guidance to physicians and patients to see which one would be the most beneficial.”
  • Per an FDA press release,
    • “On Thursday, the FDA Office of Women’s Health (OWH) released its updated Women’s Health Research Roadmap. The Roadmap, provides a science-based framework to address women’s health research questions and to build women’s health science into the FDA’s research activities and outlines priority areas in which new or further research is needed and serves as a catalyst for research collaborations both internal and external to the FDA. 
    • “The updated roadmap serves as a guide to drive research that will address the health needs of women and bridge knowledge gaps to improve health outcomes.,” said Kaveeta Vasisht, M.D., Pharm.D., FDA’s Associate Commissioner for Women’s Health and Director, Office of Women’s Health.”

From the U.S. healthcare business front,

  • Beckers Payer Issues offer sixteen expert opinions about the headwinds facing payers.
  • Modern Healthcare reports,
    • “VillageMD’s tumultuous year continues as Dr. Rishi Sikka, president of Village Medical primary care operations, is leaving the role after one year.
    • “Effective Oct. 21, Sikka will succeed Dale Maxwell as CEO at Presbyterian Healthcare Services, a nine-hospital nonprofit system based in Albuquerque, New Mexico. Maxwell is retiring after 23 years at Presbyterian, according to a Thursday news release.”
  • and
    • “There’s a new morning ritual in Pinedale, Wyoming, a town of about 2,000 nestled against the Wind River Mountains.
    • “Friends and neighbors in the oil- and gas-rich community “take their morning coffee and pull up” to watch workers building the county’s first hospital, said Kari DeWitt, the project’s public relations director.
    • “I think it’s just gratitude,” DeWitt said.
    • “Sublette County is the only one in Wyoming — where counties span thousands of square miles — without a hospital. The 10-bed, 40,000-square-foot hospital, with a similarly sized attached long-term care facility, is slated to open by the summer of 2025.”
  • Kaufmann Hall lets us know,
    • “Hospital financial performance remained relatively stable during the month of August, and despite higher patient volume, revenue and expenses declined on a volume-adjusted basis.
    • “The median Kaufman Hall Calendar Year-To-Date Operating Margin Index reflecting actual margins for the month of August was 4.2%.
    • “The most recent National Hospital Flash Report with August 2024 metrics covers these and other key performance metrics.”
  • Beckers Health IT notes,
    • “Cleveland Clinic expanded its Care at Home program to Weston (Fla.) Hospital, a 258-bed nonprofit facility. 
    • “The program was launched in April 2023 at Cleveland Clinic Indian River Hospital and has since expanded to two other locations. The program reduced hospital readmissions and helped 1,800 patients recover successfully in the first 18 months.
    • “The Care at Home patients are digitally connected to physicians and nurses who continuously monitor them and are available for immediate connection if the patient pushes a button. The program serves patients with congestive heart failure, kidney infections and pneumonia, among other ailments.”
  • Per Healthcare Dive,
    • “Iredell Health System announced this week it completed a deal to purchase two North Carolina-based hospitals from Community Health Systems.
    • “The hospitals include Davis Regional Psychiatric Hospital and Davis Regional Medical Center in Statesville, North Carolina. Terms of the deal were not disclosed. 
    • “The acquisition comes five months after CHS’ previous deal to sell struggling Davis Regional Psychiatric to Novant Health fell apart amid a challenge from the Federal Trade Commission.” 
  • Per BioPharma Dive,
    • “Over the past decade, the medicine Enjaymo has been passed around no less than five times by developers large and small. Now it’s trading hands again, through a deal announced Friday.
    • “Sanofi is selling global rights to Enjaymo to the Italy-based drugmaker Recordati, in exchange for an upfront payment of $825 million. And if the medicine hits certain sales goals, Sanofi could take home up to $250 million more.
    • “For Recordati, which specializes in rare diseases, the deal adds a ninth marketed product to the company’s portfolio. Enjaymo is approved in the U.S., Europe and Japan as a treatment for an uncommon type of anemia. In this condition, known as cold agglutinin disease or CAD, the body’s immune system mistakenly attacks and destroys some red blood cells. Enjaymo is designed to tamp down that immune response and spare the cells, thereby decreasing the need for red blood cell transfusions.”

Thursday Miscellany

David ErmerCMS, Congress, FDA, Medical / Rx research, Medicare, NIH, Rx coverage, U.S. Healthcare, Uncategorized
Photo by Josh Mills on Unsplash

From Washington, DC

  • The Wall Street Journal reports,
    • Eli Lilly has finally made enough supply of its popular medicine tirzepatide to meet soaring demand, which should help the company widen its share of the booming weight-loss drug market.
    • “The Food and Drug Administration said late Wednesday that Lilly had resolved the shortage. It had started in 2022, just months after the drug was introduced with the brand Mounjaro for diabetes. Tirzepatide was approved as Zepbound in late 2023 as a weight-loss treatment.
    • ‘The milestone means that compounding pharmacies that make knockoff versions of tirzepatide will likely face new restrictions on what they can produce.
    • “The compounding pharmacies had legal cover to sell knockoff tirzepatide as long as it was on the FDA shortage list, and many patients turned to these products as a cheaper alternative. Yet in announcing the end of the shortage, the FDA said federal law bars compounders from making copies of drugs that aren’t on the shortage list, though they may make certain amounts.
    • “This essentially precludes compounded tirzepatide from being produced commercially,” BMO Capital Markets analysts said.” * * *
    • “Lilly’s rival, Novo Nordisk, also has been expanding its production capacity to resolve shortages of a similar drug, semaglutide, sold as Ozempic for diabetes and Wegovy for weight loss. The lowest dose of Wegovy is currently in shortage, while higher Wegovy doses and all Ozempic doses are available, according to the FDA shortage list.”

  • Per Healthcare Dive,
    • “A bipartisan group of two dozen lawmakers is urging the Biden administration to extend telehealth prescribing flexibilities for opioid use disorder treatment. 
    • “The representatives, led by Reps. Annie Kuster, D-N.H., and Carol Miller, R-W.Va., argued flexibilities allowing telehealth prescriptions of buprenorphine without an in-person visit has increased access to treatment and reduced overdoses.
    • “But those flexibilities are set to expire at the end of the year. Lawmakers also raised concerns that the Drug Enforcement Administration could propose more stringent requirements for telehealth prescriptions of buprenorphine, a medication that be used to treat opioid use disorder, limiting its use just as overdose deaths have begun to decline.” 
  • STAT News reports,
    • “A key aspect of the Democrat-passed law to lower drug prices is significantly more expensive to the government than expected, according to nonpartisan budget experts in Congress.
    • “The redesign of the Medicare Part D drug benefit will cost $10 billion to $20 billion more next year than the Congressional Budget Office initially projected. That office estimates that a separate recently announced program to pay insurers to lower drug premiums will cost $5 billion.”
  • Per Fierce Healthcare,
    • The Biden administration could stand to take a firmer hand on hospital price transparency, especially when it is unclear whether the price data being published are even accurate, the Government Accountability Office (GAO) wrote in a Wednesday report.
      The Centers for Medicare & Medicaid Services (CMS) has required hospitals to post the prices for numerous services annually and this past summer raised the bar by ensuring hospitals were doing so using a standardized file format.
    • Numerous reports from stakeholders criticized hospitals’ compliance along the way, with hospitals themselves often saying that the requirements were burdensome and often too vague.
    • On instruction from Congress, the GAO conducted a review of the requirements, the CMS’ enforcement and whether the agency’s policy was successfully serving patients, payers and researchers.
    • The GAO interviewed 16 stakeholder groups—representing those three groups—who described difficulties making effective comparisons and compiling the data for large-scale use. These hurdles were tied to inconsistent file formats, pricing complexities that came across poorly in the machine-readable format and what they perceived to be incomplete and inaccurate data sets.
    • “While the use of hospital price transparency data has been limited so far, many stakeholders we interviewed noted that they expect use to increase over time if the data usability challenges are overcome or addressed,” the GAO wrote in the report. “Further, some stakeholders also noted that it will take health plans and employers time to figure out how to effectively use the pricing data as part of their price negotiations and their efforts to develop networks of health care providers.”
  • The GAO also issued a healthcare capsule report on treatment for drug misuse.
  • Per an HHS press release,
    • “As part of the Biden-Harris administration’s efforts to ensure Americans access to affordable medicines and strengthen American medical supply chains, the Administration for Strategic Preparedness and Response (ASPR) today announced a $12.3 million agreement with California-based Amyris to expand U.S.-based manufacturing of key starting materials and active pharmaceutical ingredients needed to make essential medicines.” 
  • Tammy Flanagan, writing in Govexec, discusses end of year retirement planning for federal couples.
  • Per an OPM press release,
    • “The U.S. Office of Personnel Management (OPM) has authorized the use of an emergency leave transfer program (ELTP) for federal employees and their families adversely impacted by Tropical Cyclone, Tropical Storm, and Hurricane Helene.    
    • “After coordinating with federal agencies to assess the impact on employees by Tropical Cyclone, Tropical Storm, and Hurricane Helene and its aftermath, OPM, in consultation with the Office of Management and Budget (OMB), has determined that the establishment of an ELTP is warranted. The establishment of an ELTP permits employees in the executive and judicial branches, or agency leave banks established under 5 U.S.C. 6363 to donate unused leave for transfer to employees within their agency or at other agencies who are severely adversely affected or have family members who are severely adversely affected by a major disaster or emergency as declared by the President and who need additional time off from work without having to use their own paid leave. This ELTP will assist federal employees in the declared disaster areas in Alabama, Florida, Georgia, North Carolina, South Carolina, Tennessee, and Virginia. Furthermore, if President Biden approves other disaster declarations because of Helene, federal employees in those areas will also become eligible for ELTP donations.”    
  • Federal News Network tells us,
    • “The Merit Systems Protection Board has brought a historic backlog of federal employee adverse action cases down to nearly zero.
    • “By the end of September, MSPB reported that it had issued decisions on 94% of the thousands of federal employee appeal cases that had been sitting stagnant during the record five-year period without a quorum. Between 2017 and 2022, vacant board seats left the agency unable to issue case decisions, and thousands of federal employees without answers on their pending appeals.
    • “As an agency, MSPB aims to protect federal employees against prohibited personnel practices, like whistleblower retaliation, by adjudicating adverse action appeals from employees. But during more than five years without a quorum — which requires at least two of the three board seats to be occupied — MSPB amassed nearly 3,800 pending cases from federal employees looking to appeal a decision on an adverse action.
    • “The process of shrinking the significant case backlog has so far taken about 2.5 years for the current MSPB members. During fiscal 2025, the board expects to fully eliminate the remaining pending cases that built up during the lack of quorum. The agency will likely take the “inherited inventory” down to zero by the end of December, according to an MSPB spokesperson.”

From the public health and medical research front,

  • The Wall Street Journal reports,
    • “The U.S.’s largest maker of intravenous fluids will slash shipments to hospitals after Hurricane Helene took down one of its manufacturing plants in North Carolina. 
    • Baxter sent letters to hospitals telling them that future shipments of IV fluids would be about 40% of what they normally receive after the storm flooded its facility in Marion, N.C., Dr. Paul Biddinger, chief preparedness and continuity officer at Mass General Brigham in Boston said during a conference call Thursday. 
    • “Mass General Brigham, a prestigious hospital system, said it is continuing to treat patients normally, but is conserving its fluid supplies. This includes switching to oral hydration—Gatorade or water—for patients who are healthy enough for it, and not discarding partially used IV fluid bags when patients are moved to a different part of the hospital, Biddinger said. The organization uses hundreds of thousands of liters of IV fluids each month, and a majority of patients admitted to a hospital receive fluids at some point, Biddinger said.
    • “Right now we’re continuing all of our clinical care as we normally do,” Biddinger said. “Our intent is to preserve clinical care in the face of this shortage as long as we possibly can.” 
  • Beckers Hospital Review identifies the 73 drugs and intravenous fluids made at the flooded Baxter facility.
  • The Washington Post explains “Why fears of human-to-human bird flu spread in Missouri are overblown. Hospital workers reported respiratory symptoms after encountering a Missouri patient with H5N1 who had not been exposed to farm animals. Officials say bird flu transmission is unlikely.”
  • The NIH Director, writing in her blog, tells us,
    • “In recent years, medical researchers have been looking for ways to use artificial intelligence (AI) technology for diagnosing cancer. So far, most AI models have been developed to perform specific tasks in cancer diagnosis, such as detecting cancer presence or predicting a tumor’s genetic profile in certain cancer types. But what if an AI system could be more flexible, like a large language model such as ChatGPT, performing a variety of diagnostic tasks across multiple cancer types?
    • “As reported in the journal Nature, researchers have developed an AI system that can perform a wide range of cancer evaluation tasks and outperforms current AI methods in tasks like cancer cell detection and tumor origin identification. It was tested on 19 cancer types, leading the researchers to refer to it as “ChatGPT-like” in its flexibility. According to the research team, whose work is supported in part by NIH, this is also the first AI model based on analyzing slide images to not only accurately predict if a cancer is likely to respond to treatment, but also to validate these predictions across multiple patient groups around the world.” * * *
    • “This is all good news, but there’s much more work ahead before an AI model like this could be used in the clinic. Next steps for the researchers include training the model on images of tissues from rare cancers, as well as from pre-cancerous and non-cancerous conditions. With continued development and validation, the researchers aim to enable the system to identify cancers most likely to benefit from targeted or experimental therapies in hopes of improving outcomes for more people with cancer in diverse clinical settings around the world.”
  • Healio informs us,
    • “The addition of HPV vaccination into routine postpartum care may increase vaccination rates, which can reduce patient costs, prevent HPV-related cancers and vaccinate vulnerable populations, researchers reported in Obstetrics & Gynecology
    • “The postpartum period has been identified as a missed opportunity for HPV vaccination counseling and administration,” Sara E. Brenner, MD, MPH, third-year resident in the department of gynecology and obstetrics at Emory University School of Medicine, and colleagues wrote. “Many vaccinations are already given routinely in the postpartum period such as the Tdap and the measles-mumps-rubella vaccines. These are often incorporated into perinatal workflows so that patients are routinely educated on their options for vaccination during their prenatal visits and postpartum patients can receive them before leaving the hospital.”
  • The American Hospital Association News informs us about “refreshed webpages dedicated to maternal and child health. The redesigned platform offers three distinct subpages focused on Better Health for Mothers and Babies, child and adolescent health, and advocacy and policy. Hospitals and health systems are encouraged to explore the tools and resources, such as case studies, podcasts, infographics and action plans to drive their own improvement in maternal and child health.”
  • Per STAT News,
    • “Apple Watch may help keep people with Parkinson’s disease out of the hospital. That’s according to early data from a Kaiser Permanente pilot program.
    • “Since late 2023, Kaiser Permanente has been giving some of its Parkinson’s patients in California an Apple Watch app called StrivePD, developed by Rune Labs. The app uses the onboard sensors in the device to track tremors associated with the disease; dyskinesia, a side effect of medication; activity; sleep; and falls. Using Rune’s software, people can also track medication intake and other data.” * * *
    • “Kaiser and Rune presented data from 138 patients enrolled in the program at the International Congress of Parkinson’s Disease and Movement Disorders in late September. In a limited run, the program reduced patient visits to the emergency department by 42% and reduced visits to movement disorder specialists by 18%. Three-quarters of people in the program reported that they found StrivePD helpful for staying on top of medications.
    • “It’s important to note that the data is only a snapshot from the first 100 days that people are in the program. It is not a randomized control that researchers would want to see to establish the benefits of a treatment program. And the data has not been published in a peer-reviewed publication.”

From the U.S. healthcare business front,

  • The Wall Street Journal reports this evening,
    • “U.S. dockworkers agreed to return to work after port operators sweetened their contract offer, ending a three-day strike that threatened to disrupt the American economy.
    • “The breakthrough Thursday came after port employers offered a 62% increase in wages over six years, according to people familiar with the matter.
    • “The agreement ends a strike that had closed container ports from Maine to Texas and threatened to disrupt everything from the supply of bananas in supermarkets to the flow of cars through America’s factories.”
  • Per Fierce Healthcare,
    • “Another significant legal headache related to star ratings is on the table of the federal government just days before open enrollment begins.
    • “UnitedHealthcare companies in various states are suing the Centers for Medicare & Medicaid Services (CMS) for decreasing the insurer’s star ratings unfairly. They are looking for an injunction and corrected ratings before Oct. 15.
    • “The plaintiffs allege one metric, call center customer service performance, was downgraded based on an “arbitrary and capricious assessment” of one phone call [by a CMS test caller] that lasted eight minutes. It caused the insurer to earn a four-star rating on the call center measure instead of a five-star rating.”
    • UnitedHealthcare said the star ratings downgrade would “misinform millions of current and potential customers” from choosing their plans, the insurer said in the lawsuit.
  • Per BioPharma Dive,
    • “Eli Lilly on Wednesday announced plans to spend $4.5 billion on a new facility that will use advancements in technology for research and manufacturing.
    • “Dubbed the Lilly Medicine Foundry, the new site will be located in the “LEAP Research and Innovation District” in Lebanon, Indiana. The latest infusion of cash brings Lilly’s investment in the LEAP district to more than $13 billion.
    • “The facility will allow Lilly to produce medicines for clinical trials while also researching new methods of manufacturing, the company said. Technologies developed at the foundry can then be deployed at other production sites around the world.”