Cybersecurity Saturday

Uncategorized

Cybersecurity Saturday

David ErmerCybersecurity, Uncategorized

From the cybersecurity policy front —

Cyberscoop reportsPort

A forthcoming White House cybersecurity strategy document aims to force large companies to shoulder greater responsibility for designing secure products and to redesign digital ecosystems to be more secure, Camille Stewart Gloster, the deputy national cyber director for technology and ecosystem security, said at a CyberScoop event Thursday. 

By “shifting the burden back from the smaller players” and toward larger players “that can build in security by design” the strategy aims to deliver broad security gains, Stewart Gloster said. The strategy documents also looks at how to “rearchitect our digital ecosystem” so “that we are creating future resilience,” she said. 

According to an early draft of the document obtained by Slate — which White House officials have emphasized is not a final document — the strategy includes a wide range of mandatory regulations on American critical infrastructure companies to improve security and authorizes law enforcement and intelligence agencies to take a more aggressive approach to hack into foreign networks to prevent attacks or retaliate after they have occurred. 

The strategy document is expected to broadly abandon the mostly voluntary approach that has defined U.S. policy in recent years in favor of more comprehensive regulation.

PortSwigger delves into the National Institute of Standards and Technology (NIST) plans for “significant changes to its Cybersecurity Framework (CSF) – the first in five years, and the biggest reform yet” as first noted here last week.

From the cyber vulnerabilities front —

The Cybersecurity and Infrastructure Security Agency (CISA) offers this alert

CISA assesses that the United States and European nations may experience disruptive and defacement attacks against websites in an attempt to sow chaos and societal discord on February 24, 2023, the anniversary of Russia’s 2022 invasion of Ukraine. CISA urges organizations and individuals to increase their cyber vigilance in response to this potential threat.

Security Week adds the perspective of “Several cybersecurity companies’ reports [that published] in the past week summarizing what they have seen in cyberspace since the start of the war.”

Cybersecurity Dive reports

  • “Phishing remained the top initial access vector for security incidents last year with more than 2 in 5 of all incidents involving phishing as the pathway to compromise, IBM research found.
  • “Three in 5 of all phishing attacks were conducted through attachments last year, according to IBM Security X-Force’s annual threat intelligence report released Wednesday. Phishing via links accounted for one-third of all phishing attacks. 
  • “One-quarter of attacks involved the exploitation of public-facing applications and 16% abused valid accounts for access. Just 1 in 10 involved external remote services.”

and

  • “Threat actors are shifting tactics and embracing new tools to run more efficient and impactful operations.
  • “Attackers are now often looking to build an economy of scale,” Wendi Whitmore, SVP of Unit 42 at Palo Alto Networks said Wednesday during a keynote at the company’s annual user summit.
  • “Instead of using one attack vector against one company, threat actors are targeting an entire supply chain.
  • “Likewise, instead of encrypting data, then decrypting it on the back end, ransomware groups can just steal the information and threaten to release it publicly if their ransom demand isn’t met.”

CISA added three more known exploited vulnerabilities to its catalog on February 21. It’s worth noting that CISA refreshed its website. As a result, CISA’s known exploited vulnerabilities reports now identifies the additions rather than require the reader to click over to the catalog. Bravo.

From the ransomware front, the Bleeping Computer provides no Week in Ransomware this week, but it does inform us about “A threat actor [that] has been targeting government entities with PureCrypter malware downloader that has been seen delivering multiple information stealers and ransomware strains.”

HHS’s healthcare sector cybersecurity coordination center (HC3) released the following alert

Russia-linked ransomware group Clop reportedly took responsibility for a mass attack on more than 130 organizations, including those in the healthcare industry, using a zero-day vulnerability in secure file transfer software GoAnywhere MFT. Cybersecurity & Infrastructure Security Agency (CISA) added the GoAnywhere flaw (CVE-2023-0669) to its public catalog of Known Exploited Vulnerabilities. This Sector Alert follows previous HC3 Analyst Notes on Clop (CLOP Poses Ongoing Risk to HPH Organizations and CLOP Ransomware) and provides an update on its recent attack, potential new tactics, techniques and procedures (TTPs), and recommendations to detect and protect against ransomware attacks.

The American Hospital Association adds

“The Russia-linked Clop ‘ransomware-as-a-service’ gang has been targeting health care since 2019, evolving its tactics to effectively combine ransomware and data theft in novel ways,” said John Riggi, AHA’s national advisor for cybersecurity and risk. “Last month HC3 reported that Clop was infecting files disguised to look like medical documents, submitting them to providers and requesting a medical appointment. The objective is to deceive the recipient into clicking on the malicious document and infecting the organization with highly disruptive ransomware. Health care organizations should immediately apply the security patches recommended in these alerts and review the scope, security and necessity of secure file transfer systems.”

For more from the AHA click here, and Health IT Security discusses this Alert here.

To mitigate risk, HC3 urged organizations to patch the GoAnywhere MFT vulnerability where applicable. HC3 also encouraged healthcare organizations to “acknowledge the ubiquitous threat of cyberwar against them” and focus on educating staff and assessing enterprise risk against all potential vulnerabilities.

“Prioritizing security by maintaining awareness of the threat landscape, assessing their situation, and providing staff with tools and resources necessary to prevent a cyberattack remains the best way forward for healthcare organizations,” HC3 concluded.

HC3 posted an Analyst Note about MedusaLocker ransomware yesterday.

Ransomware variants used to target the healthcare sector, from relatively well-known cyber threat groups, continue to be a source of concern and attention. (See HC3 reports on Royal Ransomware and Clop Ransomware). Likewise, the threat from lesser known but potent ransomware variants, such as the MedusaLocker, should also be a source of concern and attention by healthcare security decision makers and defenders.

The Wall Street Journal sums it up with encouraging news

Extortion payments from ransomware, a hacking scourge that has crippled hospitals, schools and public infrastructure, fell significantly last year, according to federal officials, cybersecurity analysts and blockchain firms.

After ballooning for years, the amount of money being paid to ransomware criminals dropped in 2022, as did the odds that a victim would pay the criminals who installed the ransomware. With ransomware, hackers lock up a victim’s computer network, encrypting hard drives until victims pay.

Alphabet Inc.’s Mandiant cybersecurity group said it had responded to fewer ransomware intrusions in 2022—a 15% decrease from 2021. CrowdStrike Holdings Inc., another U.S. cybersecurity firm, said it saw a drop in average ransom-demand amounts, from $5.7 million in 2021 to $4.1 million in 2022, a decline the company attributed to disruption of major ransomware gangs, including arrests, and a decline in crypto values. Ransomware payments are generally made using cryptocurrency.

The blockchain-analytics firm Chainalysis Inc. says that payments that it tracked to ransomware groups dropped by 40% last year, totaling $457 million. That is $309 million less than 2021’s tally.

“It reflects, I think, the pivot that we have made to a posture where we’re on our front foot,” Deputy Attorney General Lisa Monaco said in an interview. “We’re focusing on making sure we’re doing everything to prevent the attacks in the first place.”

Happy Lincoln’s Birthday

David ErmerUncategorized

    The Washington Post shows how one of its staff photographers found enduring traces of the sixteenth President across our country.

    The House of Representatives is on a District work break for the next weeks while the Senate is engaged in Committee business and floor voting on Capitol Hill.

    On Wednesday, February 15, the Senate Foreign Relations Committee will hold a hearing “to examine countering illicit fentanyl trafficking.” The Wall Street Journal adds

    A veterinary tranquilizer that can cause serious wounds for regular users is spreading menace within the illicit drug supply

    Xylazine, authorized only for animals, is one ingredient in an increasingly toxic brew of illicit drugs that killed a record of nearly 107,000 people in the U.S. in 2021. It is typically mixed with fentanyl, a synthetic opioid that itself has broadly infiltrated U.S. drug supply, including in supplies of cocaine and methamphetamine. Taken together, the volatile mixing means drug users often don’t know what’s in the substances they take. 

    Dealers may mix xylazine into fentanyl to save money, federal law-enforcement authorities said. The drug—known as “tranq” among some users—can be purchased at low prices from Chinese suppliers and offset some of the opioid in the mix. Its presence in the drug supply is part of the arms race between criminals seeking to enhance their products and authorities trying to disrupt the market. Public-health authorities are working on ways to monitor the constantly changing drug market.

    For users, xylazine can also lengthen a high—with serious risks. The overdose-reversal drug naloxone that can be critical to saving fentanyl users doesn’t work against xylazine. And users can become physically dependent on xylazine in addition to fentanyl, complicating treatment. 

    No bueno.

    From the Omicron and siblings front, NPR Shots tells us

    In another sign of the changing state of the pandemic, an invaluable source of information about the virus over the last three years is shutting down, NPR has learned.

    The Johns Hopkins Coronavirus Resource Center plans to cease operations March 10, officials told NPR.

    “It’s bittersweet,” says Lauren Gardner, an engineering professor who launched the project with one of her students on March 3, 2020. “But it’s an appropriate time to move on.

    Agreed.

    From the No Surprises Act front, the American Hospital Association has removed from its reports on Judge Kernodle’s February 6 opinion the erroneous statement the Judge had struck down the entire rule. The FEHBlog has redlined the Judge’s edits to the Public Health Service Act provisions in the NSA’s August 26 Independent Dispute Resolution Rule for your edification. As of Friday, February 10, the Justice Department has not noticed an appeal from this final judgment. The government has sixty days to notice an appeal.

    From the public health front, the New York Times reports

    In the United States, the richest mothers and their newborns are the most likely to survive the year after childbirth — except when the family is Black, according to a groundbreaking new study of two million California births. The richest Black mothers and their babies are twice as likely to die as the richest white mothers and their babies. * * *

    The study, published last month by the National Bureau of Economic Research, includes nearly all the infants born to first-time mothers from 2007 to 2016 in California, the state with the most annual births. For the first time, it combines income tax data with birth, death and hospitalization records and demographic data from the Census Bureau and the Social Security Administration, while protecting identities. * * *

    Rich and poor mothers were equally likely to have high-risk pregnancies, but the poor mothers were three times as likely to die — even within the same hospitals. Rich women’s pregnancies “are not only the riskiest, but also the most protected,” the paper’s authors wrote.

    This finding suggests that the American medical system has the ability to save many of the lives of babies with early health risks, but that those benefits can be out of reach for low-income families.

    * * *

    There is clear evidence that Black patients experience racism in health care settings. In childbirth, mothers are treated differently and given different access to interventions. Black infants are more likely to survive if their doctors are Black

    the richest white Californians in this study still gave birth to less healthy babies than the richest Swedish women. Their newborns were more likely to be premature or underweight. The two groups had roughly equal maternal death rates.

    “That finding really does strongly suggest that it’s something about the care model,” said Dr. Neel Shah, chief medical officer of Maven Clinic for women’s and family health and a visiting scientist at Harvard Medical School. “We have the technology, but the model of prenatal care in the United States hasn’t really gotten an update in the last century.”

    What is a new model of prenatal care? The Mayo Clinic and the ACOG, among others, have ideas.

    Midweek update

    David ErmerUncategorized
      Photo by Manasvita S on Unsplash

      Becker’s Hospital Review and Fierce Healthcare report on the President’s State of the Union address from a healthcare standpoint. At the same time, the Society for Human Resources management does the same for workplace policies.

      Bloomberg adds

      The federal budget deficit is widening rapidly, according to the latest estimates by the Congressional Budget Office, raising the risk of the Treasury running out of cash earlier than expected amid a debt-ceiling standoff.

      The excess of spending over receipts totaled $459 billion for the first four months of the fiscal year, which started Oct. 1, according to CBO estimates released on Wednesday. That’s a $200 billion increase over the same period a year earlier. * * *

      Among the causes of the drop in revenue, the CBO noted that the Treasury is no longer receiving as much from the Federal Reserve, which is now paying out more in interest to commercial banks on the reserves they park at the Fed. 

      Corporate-tax revenue has also dipped, while individual income-tax refunds rose, the CBO also said. Meantime, spending on areas including Social Security, Medicare and Medicaid have jumped over the fiscal year through January, the agency said.

      From the U.S. healthcare business front —

      CVS Health announced “strong fourth quarter and full-year 2022 results” and “entering into a definitive agreement under which CVS Health will acquire [primary care provider] Oak Street Health in an all-cash transaction at $39 per share, representing an enterprise value of approximately $10.6 billion.” As the Sopranos would say that’s a lot of boxes of ziti.

      STAT News and Healthcare Dive explore the transaction. Of immediate note from Healthcare Dive

      In a statement, the companies said they expect the transaction to close this year, subject to closing conditions. ​​​​​However, it will likely face regulatory scrutiny. One antitrust advocacy group is already opposing the deal. * * *

      In addition, CVS is still trying to close its $8 billion buy of home health provider Signify Health. The deal, which CVS said it expects to close in the first half of 2023, is under Department of Justice review, and a new buy could threaten that process, bankers told Axios. * * *

      STAT News also highlights five health tech startups targeting chronic kidney disease — Monogram Health, Cricket Health, Strive Health, Healthmap Solutions, and Square Knot Health.

      From the FDA / Rx Coverage front

      The American Medical Association tells us

      The Food and Drug Administration Friday cleared for commercial distribution a test to diagnose multiple respiratory viral and bacterial infections in respiratory specimens from patients with suspected COVID-19 or other respiratory infections. The BioFire SPOTFIRE Respiratory Panel is the first COVID-19 test cleared with a Clinical Laboratory Improvement Amendments waiver, meaning any laboratory with at least a CLIA certificate of waiver can perform the test.

      GenomeWeb adds

      “We believe the BioFire Spotfire solution is a real game changer in patient care, allowing physicians to give patients an accurate and rapid diagnosis, using only one test, during the actual patient visit,” Pierre Boulud, chief operating officer, clinical operations at BioMérieux, said in a statement. “Our syndromic offer[ing] will cover most patient care settings in the US, expanding our business coverage and opportunities dramatically.”

      According to BioMérieux’s website, the Spotfire R Panel uses a nasopharyngeal swab sample to detect as many as 15 targets including SARS-CoV-2, the cause of COVID-19. Other viral targets include influenza A and B virus, parainfluenza virus, respiratory syncytial virus (RSV), human rhinovirus, human metapneumovirus, seasonal coronavirus, and adenovirus. Bacterial targets include Bordetella pertussisB. parapertussisChlamydia pneumoniae, and Mycoplasma pneumoniae. The panel’s full commercial launch in the US is expected in April.

      That’s cool.

      BioPharma Dive informs us,

      One of the nation’s largest healthcare insurers has changed its policy for a new and in-demand ALS medicine, deciding not to cover it due to “a lack of clinical efficacy data.”

      Cigna considers the medicine, called Relyvrio, to be “experimental, investigational or unproven” and now won’t cover it for the treatment of ALS, or amyotrophic lateral sclerosis. Relyvrio was developed by the Massachusetts-based biotechnology company Amylyx Pharmaceuticals, and approved by the Food and Drug Administration last September.

      At the time of the FDA action, the New York Times reported

      A new medication for A.L.S., the devastating neurological disorder that causes paralysis and death, will have a list price of $158,000 a year, its manufacturer disclosed Friday.

      The treatment, to be marketed as Relyvrio, is a combination of two existing drugs and will be available to patients in the United States in about four to six weeks, according to officials of the company, Amylyx Pharmaceuticals.

      Relyvrio was approved by the Food and Drug Administration on Thursday, even though the agency’s analysis concluded there was not yet sufficient evidence that the medication could help patients live longer or slow the rate at which they lose functions like muscle control, speaking or breathing without assistance.

      The F.D.A. decided to greenlight the drug instead of waiting until 2024 for results of a large clinical trial partly because the treatment is considered to be safe. The agency said that although the evidence of effectiveness was uncertain, “given the serious and life-threatening nature of A.L.S. and the substantial unmet need, this level of uncertainty is acceptable in this instance.”

      Amylyx officials predicted that most patients would pay little or nothing for the treatment because the company expects insurers, both private and public, to cover it. Amylyx plans to provide it free to uninsured patients experiencing financial hardship.

      Still, the list price is much higher than that recommended by the Institute for Clinical and Economic Review, a nonprofit organization that evaluates the value of medicines. In a statement, the group’s chief medical officer, Dr. David Rind, said that while “there are clear benefits to patients with a rapidly fatal disease to have early access to a safe therapy,” his organization had concluded that “an annual price of $9,100 to $30,700 would be reasonable if the therapy actually works.”

      Dr. Rind added that “while awaiting proof, we believe that patients would benefit from a price closer to the price of production of Relyvrio rather than a price more than five times higher than the top of a value-based range.”

      It’s complicated.

      Tuesday’s Tidbits

      David ErmerCOVID-19, FDA, OPM, Rx coverage, Telehealth, U.S. Healthcare, Uncategorized

      From the Omicron and siblings front

      • The New York Times accurately describes this Covid winter as a bump rather than a surge.
      • The Washington Post discusses a large medical study that supports the need for pregnant women to be vaccinated against Covid.

      On a related note the Wall Street Journal reports

      An experimental vaccine from Moderna Inc. significantly reduced the risk of a viral respiratory disease among older adults in a large clinical trial, the latest promising sign in drugmakers’ efforts to fight the deadly RSV virus. * * *

      The results are the latest for an experimental RSV vaccine. Also developing shots are GSK PLC, Pfizer Inc. and Johnson & Johnson

      Meanwhile, Sanofi SA and AstraZeneca PLC have co-developed an antibody-based drug to be used for the prevention of RSV in infants. They applied for FDA approval of the drug and expect a decision in the third quarter of 2023.

      From the FEHB front, Reg Jones, a retired OPM FEHB contracting officer, provides an “insiders look at FEHB” in FedWeek. His first observation is

      First, when the FEHB became law some 60 years ago, I think it would have been better if there had only been a single risk pool. In other words, no Self Only, Self Plus One, and Self and Family options. Because there are these distinctions, enrollees have ever since wanted to further carve up the risk pool, creating subcategories, such as employees vs. retirees or retirees with or without Medicare as their primary insurer.

      While the FEHBlog fully agrees with Mr. Jones about the value of risk pooling to FEHB, the self only, self plus one, and self and family choices are enrollment choices that affect the premiums paid but not the risk pool. OPM does break out risk pools by plan option, e.g., Standard, Basic, Elevate.

      Mr. Jones is concerned about the risk pool splitting occasioned by the creation of the new Postal Service Health Benefits Program. The FEHBlog has stated his belief that OPM could have avoided this outcome by allowing FEHB plans to offer Medicare Part D EGWPs back in 2005. The FEHBlog expects that once FEHB enrollees see the lower premiums in PSHBP, Medicare D EGWPs will be added to FEHB and before the PSHBP and FEHB will become one again.

      Mr. Jones also presses concern about access to medically necessary benefits which coincidentally is a topic that STAT News addressed today stemming from the Institute for Clinical and Economic Research’s publication of its “Second Annual Assessment of Barriers to Fair Access Within US Commercial Insurance Prescription Drug Coverage.” Here is a summary of the ICER Assessment’s results:

      The assessment found a high level of alignment between coverage policies and fair access criteria across the formularies with the highest number of covered lives of large private payers and the VHA in the United States.  Across all relevant payer policies, ICER gave concordance ratings of 70% (59/84) for cost-sharing policies of drugs that ICER found to be reasonably priced, 96% (310/322) for clinical eligibility criteria, 98% (316/322) for step therapy criteria and 100% (322/322) for prescriber restrictions.

      In the exploratory transparency analysis for select migraine and ulcerative colitis (UC) drugs aimed at discerning whether prospective plan members can find information about cost-sharing and clinical eligibility, payers were found to provide relatively good transparency into their formularies (16/18 payers met transparency criteria) but only 10/18 payers provided adequate transparency into their clinical coverage policies. In an exploratory analysis for documentation burden which reviewed the number of questions on prior authorization forms, prior authorization policies for UC and migraine drugs had a median number of questions from 25 to 36 and a range of questions from 22 to 71.

      One of the most notable results of this effort is the change in coverage policies made by five payers for 11 drugs following receipt of draft results of the assessment. These changes all served to bring coverage into alignment with fair access criteria.

      Note bene

      ICER will host a public webinar at 12:00 p.m. ET on January 18, 2023 to discuss the key conclusions and policy implications of this assessment. Webinar presenters will include:

      • Sarah Emond, MPP, Executive Vice President and Chief Operating Officer, ICER
      • Mary B. Dwight, Senior Vice President and Chief Policy & Advocacy Officer, Cystic Fibrosis Foundation 
      • Meghan Buzby, Executive Director, Coalition for Headache and Migraine Patients (CHAMP) 

      Register here for the webinar.

      Also from the Rx coverage front

      Fierce Healthcare reports “California has filed suit against a slew of major drugmakers and pharmacy benefit managers, alleging that they acted unlawfully to drive up the cost of insulin.”

      Pharmacy Times informs us

      The FDA has approved a label update for semaglutide (Rybelsus; Novo Nordisk) that allows the drug to be used in addition to diet and exercise as a first-line option to improve glycemic control in adults with type 2 diabetes.

      This update removes a previous limitation that stated the medication should not be used as initial therapy for treating patients with type 2 diabetes. With its initial FDA approval in 2019, semaglutide became the first and only glucagon-like peptide-1 (GLP-1) analog in pill form.

      “The removal of the limitation of use is an important step forward for people living with type 2 diabetes and provides the option for Rybelsus to be taken earlier,” said Aaron King, MD, a family medicine and diabetes specialist, in a press release. “By taking Rybelsus first, people with type 2 diabetes, in conjunction with their care teams, are now able to utilize this medicine early in their diabetes treatment journeys.”

      On a related note, the Wall Street Journal tells us

      Parents and doctors are looking for new strategies to help adolescents with obesity. One controversial approach drawing the interest of some families is intermittent fasting, which limits people to eating for just a part of the day or week

      Intermittent fasting has gained traction among adults who use it to try to manage weight and improve health. Doctors have largely avoided trying it with adolescents out of concern that introducing a fasting period to their schedules might result in nutritional gaps or trigger eating disorders when teens are rapidly growing and developing.

      Now, a small number of doctors and researchers are evaluating types of intermittent fasting in adolescents, searching for solutions as rates of obesity and Type 2 diabetes rise. One pediatric endocrinologist in Los Angeles is launching a clinical trial looking at eating within a set time window in adolescents with obesity. Researchers in Australia are completing a separate trial, the results of which they expect to publish later this year.

      Healthcare Dive and Fierce Healthcare offer tidbits from the medical technology front. Healthcare IT News considers whether telehealth can be used for preventive care.

      From the U.S. healthcare front,

      • Beckers Hospital Review lists Healthgrades’ Top 50 Hospitals.
      • Insurance News Net fills us in on AHIP’s foci for 2023. “Access and affordability are the top two concerns of the health insurance industry as we move into a new year.”
      • You can scan Fierce Healthcare’s Fierce 15 of 2023 honorees here.

      Thursday Miscellany

      David ErmerCongress, COVID treatment, COVID-19, FDA, Rx coverage, Uncategorized
      Photo by Josh Mills on Unsplash

      The Washington Examiner reports that “President Joe Biden signed the nearly $2 trillion omnibus spending bill into law Thursday night while vacationing in St. Croix.”

      The New York Times relates,

      The Food and Drug Administration’s process for approving the Alzheimer’s drug Aduhelm, despite great uncertainty about whether it worked, was “rife with irregularities,” according to a congressional investigation released on Thursday. The agency’s actions “raise serious concerns about F.D.A.’s lapses in protocol,” the report concluded.

      The 18-month investigation, initiated by two congressional committees after the F.D.A. approved the drug, also strongly criticized Biogen, Aduhelm’s manufacturer. Internal documentsshowed the company set “an unjustifiably high price” of $56,000 a year for Aduhelm because it wanted a history-making “blockbuster” to “establish Aduhelm as one of the top pharmaceutical launches of all time,” even though it knew the high price would burden Medicare and patients, the report found.

      STAT News seconds the Times report:

      The downfall of Aduhelm, the first new treatment for Alzheimer’s disease in two decades, is largely the story of a drug company choosing to maximize its potential profits at the expense of patients and taxpayers, according to a congressional investigation that cites thousands of pages of internal Biogen documents.

      STAT News also presents eight key takeaway‘s from the Congressional report on Aduhelm’s approval and reports

      Pfizer said Thursday that its experimental gene therapy for hemophilia B significantly reduced the number of bleeds patients experienced over a year. 

      Data from the 45-patient trial could set the stage for a second gene therapy to be approved for patients with the rare and serious bleeding disorder in as many years. In November, UniQure won approval for Hemgenix, the first hemophilia B gene therapy. 

      “The results from this long-awaited study are great news for hemophilia B patients that soon may have access to a second durable treatment option,” Luk Vandenberghe, a gene therapy expert at Harvard, said in a text message, after reviewing the results. 

      Looking toward next year, STAT News discusses “three things to watch in chronic disease in 2023: obesity drugs, long Covid and health care costs.”

      Consider the already-astronomical cost of chronic disease care in the United States: trillions of dollars devoted to diabetes, heart disease, kidney disease, cancer and other conditions, and still so many people unable to access necessary care and treatments. Consider the strain of Covid on the health care system, the decimation of public health staffing, and the scarcity of health care workers — and how all these costs make their way to patients. What bold moves can be made in 2023 to help reduce the cost of care? We’ll see.

      Also, from the healthcare cost front, Beckers Hospital Review looks into “Questions about hospitals’ culture, leadership, survival and opportunity come with a trillion-dollar price tag given the importance of hospitals and health systems in the $4.3 trillion U.S. healthcare industry.” 

      From the public health front, the Wall Street Journal reports

      A measles outbreak among mostly unvaccinated children in Ohio that local health officials feared could take months to control has slowed in the past week, giving hope that what was expected to be a lengthy battle could be cut short.

      The total number of cases since the outbreak began in November reached 82 on Thursday, but new cases have fallen off significantly in the last seven days or so, said Mysheika Roberts, Health Commissioner for the city of Columbus.

      “It could be much worse,” Dr. Roberts said Thursday. “I’m hoping due to our outreach in the community, and the community’s willingness to roll up their sleeves and get vaccinated, that we might be starting to see the end of this. But obviously, it’ll take several weeks and days before we’ll know if this is actually over.”

      From the Rx coverage front, Medscape tells us

      Merck & Co Inc’s COVID antiviral molnupiravir speeds up recovery but does not reduce the hospitalisation or death rate in higher-risk vaccinated adults, detailed data from a large study showed on Thursday. * * *

      When Merck originally tested molnupiravir, it was found 30% effective in reducing hospitalisations, but that was in unvaccinated patients.

      In the latest study, led by University of Oxford researchers, nearly all of the more than 25,000 patients in the study had received at least three vaccine doses.

      These results demonstrate that vaccine protection is so strong that there is no obvious benefit from the drug in terms of further reducing hospitalisation and deaths, said study co-author Jonathan Van-Tam from the University of Nottingham.

      The drug was, however, effective in reducing viral load and can help hasten patient recovery by roughly four days, researchers estimated based on study data. 

      In interesting social news,

      About 2.6 million couples are saying “I do” this year [2022] — roughly 600,000 more than in prepandemic years, according to The Knot, a company that offers wedding-planning tools, a vendor marketplace and a gift-registry platform. 

      The wedding boom is the byproduct of two years of the pandemic, when many ceremonies were postponed or pared down, says Lauren Kay, executive editor of The Knot. And ceremonies this year have a whole new vibe. Now, “people feel empowered to personalize, push the envelope—rules are out the window,” Mrs. Kay says. * * *

      This year, “weddings are back, and people are excited to celebrate,” Mrs. Kay says. In 2023, weddings in the U.S. will likely return to prepandemic levels at 2.1 million, according to internal research from The Knot.

      • The Washington Post looks into “Why do people like being tipsy? Here’s how alcohol affects the brain. The buzz produced by alcohol comes from a cocktail of pharmacology and social ingredients, research shows.” The article also discusses how to enjoy alcoholic beverages responsibly.

      Finally, the Department of Health and Human Services announced

      a Notice of Proposed Rulemaking (NPRM), entitled Safeguarding the Rights of Conscience as Protected by Federal Statutes, which proposes to restore the longstanding process for the handling of conscience complaints and provide additional safeguards to protect against conscience and religious discrimination. * * *

      Public comments on the NPRM are due 60 days after publication of the NPRM in the Federal Register.

      The NPRM may be viewed here: https://www.hhs.gov/sites/default/files/conscience-rule-nprm.pdf – PDF

      Omnibus bill passes

      David ErmerACA, Congress, COVID-19, No Surprises Act, Uncategorized

      Per Roll Call, the House of Representatives followed the Senate by passing the Consolidated Apppropriations Act 2023 and the one week further extension of the continuing resolution to December 30, 2023. The 117th Congress has completed its work.

      The Centers for Disease Control will not be published its weekly interpretation of Covid statistics until next year as today and next Friday precede three day weekends.

      The CDC did update its Covid data tracker and Fluview which happens on Thursdays. The new daily Covid cases and deaths for the week ending December 22 averaged approximately 69,600 cases and 420 deaths. “Seasonal influenza activity remains high but is declining in most areas.” As noted in yesterday post, RSV cases appear to have peaked.

      In No Surprises Act news, the Labor Department’s Employee Benefit Administration announced this afternoon

      • Effective January 1, 2023, the administrative cost for holding an arbitration under an independent dispute resolution process will increase from $50 per party to $350 per party. That should tamp down the number of NSA arbitrations.
      • ACA FAQs 56 concerning the NSA prescription drug reporting that health plans, including FEHB plans, are scheduled to submit next Tuesday, December 27, for the 2020 and 2021 plan years. Significantly,

      For the 2020 and 2021 data submissions that are due by December 27, 2022, the Departments will not take enforcement action with respect to any plan or issuer that uses a good faith, reasonable interpretation of the regulations and the Prescription Drug Data Collection (RxDC) Reporting Instructions in making its submission. The Departments are also providing a submission grace period through January 31, 2023, and will not consider a plan or issuer to be out of compliance with these requirements provided that a good faith submission of 2020 and 2021 data is made on or before that date.

      • Initial Report on the Independent Dispute Resolution Process: April 15 – September 30, 2022.

      The FEHBlog will release Cybersecurity Saturday on December 24 and the Holiday weekend update on December 26. Merry Christmas and of course Jingle Bells.

      Thursday Miscellany

      David ErmerACA, Congress, COVID-19, COVID-19 testing, FDA, NIH, Telehealth, U.S. Healthcare, Uncategorized
      Photo by Josh Mills on Unsplash

      From Capitol Hill, the Wall Street Journal reports

      The Senate passed an $858 billion defense-policy bill [National Defense Authorization Act] on Thursday that authorizes U.S. military leaders to purchase new weapons and would increase pay for service members, checking a major item off Congress’s year-end to-do list.

      The House passed the legislation last week with 350 votes in favor and 80 votes against. It now goes to President Biden’s desk for his signature.

      The Journal also provides information on the NDAA’s key provisions.

      The Washington Post adds,

      The Senate late Thursday approved a measure to fund the government through Dec. 23, securing a one-week deadline extension that gives Democrats and Republicans one final opportunity to work out a longer-term spending deal.

      The 71-19 vote — coming a day after the House adopted it — sends the stopgap to President Biden and staves off a federal government shutdown that otherwise would have occurred after midnight this Friday.

      From the Omicron and siblings front, the American Hospital Association informs us,

      The Department of Health and Human Services today recommended governors take certain actions to prepare for a potential further increase in COVID-19 cases and hospitalizations this winter, and has pre-positioned N-95 masks, gloves, gowns and ventilators at strategic locations should states need them, the Biden Administration announced.

      The Administration also announced that all U.S. households can now order four more free at-home COVID-19 tests, which will begin shipping the week of Dec. 19.

      From the public health front, AP reports

      The number of U.S. deaths dropped this year, but there are still more than there were before the coronavirus hit.

      Preliminary data — through the first 11 months of the year — indicates 2022 will see fewer deaths than the previous two COVID-19 pandemic years. Current reports suggest deaths may be down about 3% from 2020 and about 7% vs. 2021.

      The National Institutes of Health announced

      The percentage of adolescents reporting substance use in 2022 largely held steady after significantly declining in 2021, according to the latest results(link is external) from the Monitoring the Future survey(link is external) of substance use behaviors and related attitudes among eighth, 10th, and 12th graders in the United States. Reported use for almost all substances decreased dramatically from 2020 to 2021 after the onset of the COVID-19 pandemic and related changes like school closures and social distancing. In 2022, reported use of any illicit drug within the past year remained at or significantly below pre-pandemic levels for all grades, with 11% of eighth graders, 21.5% of 10th graders, and 32.6% of 12th graders reporting any illicit drug use in the past year.

      The Monitoring the Future survey is conducted each year by researchers at the University of Michigan, Ann Arbor, and funded by the National Institute on Drug Abuse (NIDA), part of the National Institutes of Health.

      From the Rx coverage front –

      BioPharma Dive takes a “deep dive” reporting on a recently approved drug called to treat ALS or Lou Gehrig’s disease. “Amylyx Pharmaceuticals’ Relyvrio is in high demand in clinics across the U.S. Though some patients are already getting it, insurance and out-of-pocket costs remain a source of anxiety. * * * In the clinical trial that led to its approval, Relyvrio appeared to slow the functional decline associated with ALS. The trial also found patients treated with the drug lived a median of five months longer than those given a placebo. While Relyvrio’s benefits have been called modest, the drug has become a vital source of hope for many ALS patients.”

      BioPharma Dive also lets us know that

      • Yet another competitor for the top-selling inflammatory disease drug Humira will be waiting in the wings after Fresenius Kabi won U.S. approval of its copycat version called Idacio.
      • The Food and Drug Administration cleared the medicine for all the eligible indications of Humira, Fresenius Kabi said Wednesday. Due to a previous patent settlement with AbbVie, the company won’t launch Idacio in the U.S. until July.
      • Idacio, developed by Fresenius Kabi SwissBioSim, is currently available in 37 countries after initially launching in 2019. Fresenius Kabi said it has made selling biosimilars worldwide a priority.

      Health Affairs Forefront offers Parts 1 and 2 of its insights on drug pricing reform enacted this past summer’s federal budget reconciliation act.

      From the regulatory front

      • The FEHBlog noticed that the HHS press release concerning the 2024 Medicare Part D proposed rule (posted yesterday) lacked links to the proposed rule and the fact sheets. So here are the missing links:

      The proposed rule can be accessed at the Federal Register at https://www.federalregister.gov/public-inspection/2022-26956/medicare-program-contract-year-2024-policy-and-technical-changes-to-the-medicare-advantage-program. Comments on the proposed rule are due by February 13, 2023.

      View the fact sheet on the proposed rule here.

      • Health Affair’s Forefront’s second article on Monday’s proposed 2024 ACA benefit and payments parameter rule is here. This article concerns risk adjustment.

      From the telehealth front, Health Payer Intelligence relates that

      • Most patients who had a telehealth visit didn’t need an in-person follow-up appointment in the next three months, according to new research from Epic. The trend was reflected in almost every specialty included in the study.
      • For specialties that required follow-ups, the additional visits were likely due to patients needing additional, not duplicative, care, Epic researchers said. That’s because high follow-up rates were only present in specialties that require regular hands-on care, such as obstetrics and surgery.
      • The study is the latest addressing whether telehealth results in duplicative care, instead of replacing an in-person encounter. The question is being debated by lawmakers as they consider how much telehealth flexibility should be allowed once the COVID-19 public health emergency expires.

      In innovation news, Fierce Healthcare discusses

      ElliQ, [which is] a voice-operated care companion for the elderly, is getting an update with 2.0 hardware and software including a companion app for family members and caregivers.

      The robot, called the first proactive AI care companion and a Time Best Invention of 2022, was developed to address the loneliness epidemic in older adults and has shown the ability to decrease loneliness by 80%, according to the company. * * *

      Interventions like the ones ElliQ performs are shown to improve the quality of life for seniors living alone by 80% through increasing fitness and facilitating social connections, according to a recent McKinsey report.

      The first ElliQ impact studies have shown that 80% of users report a reduction in loneliness, 82% experienced better mental health and 90% feel overall better since using the robot.

      Weekend update

      David ErmerAHRQ, Congress, Federal employment benefits, Medicare, Mental health care, OPM, Rx coverage, Uncategorized
      Thanks to ACK15 for sharing their work on Unsplash.

      The House of Representatives and the Senate are in session this week for Committee business and floor voting.

      The continuing resolution funding the federal government expires at 11:59 pm on Friday December 16.

      The Federal Employee Benefits Open Season ends at 11:59 pm, in the location of the enrollee’s electronic enrollment system, on Monday, December 12, 2022.

      The Medicare Open Enrollment period ends this Wednesday, December 7.

      From the Rx coverage front, the Wall Street Journal reports on

      • A shortage in the weight loss drug Wegovy, “missing out on hundreds of millions of dollars in sales and squandering a head start before a rival could begin selling a competing product. * * * [Wegovy manufacturer’ Novo lists Wegovy at $1,349 a month. Some commercial insurers cover the drug.” OPM has encouraged FEHB carriers to offer coverage of this drug.
      • A CVS Health effort to improve pharmacy efficiency with “a system [currently being tested] that allows pharmacists to process prescriptions in part remotely, a move it said could improve store working conditions and the experience for customers as the company grapples with a shortage of pharmacists.”

      From the mental healthcare front, Health Payer Intelligence tells us

      Mental healthcare services utilization and network size have grown significantly since 2019 among Blue Cross Blue Shield of Massachusetts (“Blue Cross”) members, according to data from Blue Cross.

      Mental healthcare services utilization grew by 100 percent in the timeframe that Blue Cross examined. At the same time, Blue Cross’s mental healthcare network grew by 46 percent.

      “As the need for mental health services continues to grow, access to convenient and affordable care is critical,” said Andrew Dreyfus, president and chief executive officer of Blue Cross. “By expanding and diversifying our mental health network, we’re ensuring that our members are able to find and receive the high-quality care they need, when they need it.”

      The mental healthcare provider network swelled to a total of 18,000 clinicians. With the growth in utilization, Blue Cross plans to expand its network further. The payer will do this by working with national mental healthcare provider groups as well as expanding its virtual care mental health groups in 2023. * * *

      Blue Cross also shared that the health plan’s reimbursement for telehealth and virtual care services is at parity with in-person services. Receiving reimbursement at parity is not only a controversial issue for telehealth providers but also for mental and behavioral healthcare providers, who do not always receive reimbursement at parity with physical care providers.

      Kudos.

      Also worth reading is this Journal article about a 24-year-old military wife who went through drug addiction hell and came out a new person with help from her family, the Missouri prison where she was housed, and a fellow inmate. The article illustrates the importance of Blue Cross of Massachusett’s efforts to expand mental health coverage and various efforts to reduce drug addiction and overdose deaths.

      From the medical research front, the Wall Street Journal offers an essay about breast cancer written by a medical historian and breast cancer patient Dr. Lindsey Fitzharris. What grabbed the FEHBlog’s eye is the article’s conclusion:

      The cofounders of BioNTech recently announced that vaccines targeting cancer may be available before the end of the decade. Researchers at Duke University are already developing a vaccine that targets mutations commonly arising in people with certain types of advanced breast cancer. Using the same mRNA technology deployed against Covid-19, these types of vaccines would not be administered prophylactically but, rather, used as a treatment to trigger a stronger immune response in patients with locally recurrent or metastatic disease. When it comes to conquering breast cancer, future medical historians will have plenty to write about.

      From the innovation front, Senior Living explains how to use Apple AirPods as hearing aids. MedTech Dive adds

      • Apple AirPods Pro earbuds have the potential to be a hearing aid for adults with mild to moderate hearing loss, according to a paper published in iScience. 
      • Researchers found the earbuds meet four of the five standards for personal sound amplification products and perform comparably to hearing aids in terms of speech perception in quiet environments.
      • The study suggests that some consumer earbuds can function as hearing aids to potentially further lower the cost and address the stigma associated with the technology.

      It’s also worth calling attention to the HHS Agency for Healthcare Quality and Research’s Effective Health Care Program’s website.

      The Effective Health Care (EHC) Program improves the quality of health care by providing the best available evidence on the outcomes, benefits and harms, and appropriateness of drugs, devices, and health care services and by helping health care professionals, patients, policymakers, and health care systems make informed health care decisions. The EHC Program achieves this goal by partnering with research centers, academic institutions, health professional societies, consumer organizations, and other stakeholders to conduct research, evidence synthesis, evidence translation, dissemination, and implementation of research findings.

      Happy Thanksgiving 2022

      David ErmerUncategorized

      Federal News Network is offering an Open Season interview with well known FEHB expert Walt Francis on YouTube.

      From the Omicron and siblings front, STAT News reports

      The updated Covid-19 boosters increase people’s protection against symptomatic infection from the coronavirus, according to some of the first estimates of how the shot is performing in the real world and in people, not just in lab experiments. What’s more, that protection was even stronger when people waited a longer period of time since their last dose of the original shot.

      The findings, released Tuesday by the Centers for Disease Control and Prevention, do not, however, address the question of whether the bivalent shot offers greater protection than another shot of the original formulation would have.

      The Wall Street Journal adds

      The U.S. is heading into its third Covid-19 Thanksgiving in better shape than the last two, but holiday gatherings will provide a test of whether the nation can avoid another major winter surge, epidemiologists and virus experts say.

      Thanksgiving once again comes at a precarious time, as new subvariants take over and the return of cold weather brings people back indoors, often in family gatherings where the virus can easily spread. The holiday last year coincided with the arrival of an early version of the Omicron variant that kicked off an explosive rise in cases and the second-deadliest Covid-19 wave. Only the prior winter, when vaccination efforts were just beginning, saw a higher peak in deaths.

      This time around, some virus experts say the lack of a fresh surge triggered by newly ascendant Omicron subvariants is a hopeful sign that built-up immune protection from vaccines and prior infections is helping.

      In the FEHBlog’s view, the key difference between last Thanksgiving when the original Omicron was gathering steam and this one is the availability of Pfizer’s Covid pill, Paxlovid.

      In public health news

      • STAT News explains why we don’t have an at-home flu test, and the answer is not a lack of technology.
      • HealthDay discusses a large study concerning the impact of HDL cholesterol on developing heart disease, which makes significant conclusions. For example, “Blood levels of HDL, the famously “good” kind of cholesterol, may not make a big difference to heart health after all — particularly for Black people.”
      • The Director of HHS’s Agency for Healthcare Quality and Research posted his observations on AHRQ’s “2022 National Healthcare Quality and Disparities Report: We Still Have Much Work to Do.”

      From the Rx coverage front, the Food and Drug Administration announced approving

      Hemgenix (etranacogene dezaparvovec), an adeno-associated virus vector-based gene therapy for the treatment of adults with Hemophilia B (congenital Factor IX deficiency) who currently use Factor IX prophylaxis therapy, or have current or historical life-threatening hemorrhage, or have repeated, serious spontaneous bleeding episodes.

      “Gene therapy for hemophilia has been on the horizon for more than two decades. Despite advancements in the treatment of hemophilia, the prevention and treatment of bleeding episodes can adversely impact individuals’ quality of life,” said Peter Marks, M.D., Ph.D., director of the FDA’s Center for Biologics Evaluation and Research. “Today’s approval provides a new treatment option for patients with Hemophilia B and represents important progress in the development of innovative therapies for those experiencing a high burden of disease associated with this form of hemophilia.”

      Most individuals who have Hemophilia B and experience symptoms are men. The prevalence of Hemophilia B in the population is about one in 40,000; Hemophilia B represents about 15% of patients with hemophilia. Many women carriers of the disease have no symptoms. However, an estimated 10-25% of women carriers have mild symptoms; in rare cases, women may have moderate or severe symptoms. 

      Treatment typically involves replacing the missing or deficient clotting factor to improve the body’s ability to stop bleeding and promote healing. Patients with severe Hemophilia B typically require a routine treatment regimen of intravenous (IV) infusions of Factor IX replacement products to maintain sufficient levels of clotting factor to prevent bleeding episodes.

      Hemgenix is a one-time gene therapy product given as a single dose by IV infusion. Hemgenix consists of a viral vector carrying a gene for clotting Factor IX. The gene is expressed in the liver to produce Factor IX protein, to increase blood levels of Factor IX and thereby limit bleeding episodes. 

      Bloomberg adds that “CSL Behring’s hemophilia B gene therapy, a one-off infusion that frees patients from regular treatments, costs $3.5 million a dose, making it the most expensive medicine in the world.”

      In preventive services news, the U.S. Preventive Services Task Force proposed for public comment assigning a B grade to “screening for latent tuberculosis infection in populations at increased risk.” In 2016, the USPSTF recommended screening for LTBI in populations at increased risk (B grade recommendation). The current draft recommendation is consistent with the 2016 USPSTF recommendation. The public comment deadline is December 27, 2022.

      The next FEHBlog post will be Cybersecurity Saturday, November 26. Happy Thanksgiving, all.

      Friday Stats update

      David ErmerCOVID-19, Uncategorized

      Heavens to Betsy! The Centers for Disease Control this week stopped posting daily updates of new Covid cases and death which were the basis for the FEHBlog’s Friday Covid charting. The FEHBlog’s work travel has not allowed him time to consider a new approach to his Covid charting.

      Alternatively, there’s the CDC’s weekly interpretation of its Covid statistics. The interpretation notes

      CDC is using multiple surveillance systems to monitor variants in the United States. Data from each system plays an important role in helping us understand the emergence of new variants, whether they’re entering the United States and spreading, and which variants are most prevalent within communities. On October 20, 2022, COVID Data Tracker added a new Variant Summary page, which summarizes three systems that are being used to monitor variants. For more information on these systems, see A Closer Look.

      Have a great weekend.