Teams selected to enter the NIH's Neuro Startup Challenge are required to "look like successful startups" and are "rigorously evaluated" on criteria that VCs, foundations, and others would use to provide funding, says the model's designer.
How do you unlock innovation?
I've written previously about various healthcare technology challenges—some inspired by the XPRIZE, some outgrowths of the various hackathons and camps spawned over the past decade in Silicon Valley and elsewhere.
Now there is some evidence that the challenge model can unlock science discovered by the National Institutes of Health.
Traditionally, government research somehow inevitably finds its way to the most deep-pocketed corporations. Big pharma and device makers come to mind in the healthcare context, which, being large public entities beleaguered by shareholders looking for quick returns, proceed timidly. Further burdened by organizational sclerosis, decision can take years to be made, and some potential innovations are killed off before they even have a chance to germinate.
As described in the Lifetime film Living Proof, even herceptin, one of the most revolutionary breast cancer treatments ever developed, was stymied at one point when corporate backer Genentech stopped funding for drug development. Only a determined physician, aligning with philanthropists, was able to keep the drug on track to FDA approval.
Perhaps with this in mind, the National Cancer Institute last year conducted the Breast Cancer Startup Challenge, an international, university student-based competition. Eleven startups launched to commercialize NCI inventions and received technology licenses from NCI in 2014.
NCI's partners in that challenge were the Avon Foundation and the Center for Advancing Innovation (CAI), a Bethesda, Maryland-based 501(c)(3) specializing in technology transfer and commercialization.
"There's a disconnect between certain disease areas and some of these inventions," says Rosemarie Truman, Founder and CEO of CAI. "The best commercialization path for them would be through a startup, not to license to a large pharma. The problem is there's no way for [government agencies] to do a spinout, to launch a startup around an invention."
"So," she says, "I came up with this idea to crowdsource teams from around the world for the strongest, most commercially viable inventions in the breast cancer space, and it just so happened I was working with the Avon Foundation at the same time."
For its next challenge, CAI partnered with five different institutes across NIH. Last year, more than 70 teams composed of 568 students and entrepreneurs entered the Neuro Startup Challenge, an open innovation competition designed to bring promising brain-related inventions to market and launched in August 2014.
The challenge has teams competing to commercialize 16 NIH-conceived and -developed inventions involving therapeutics, diagnostics, prognostics, and medical devices for a range of brain diseases.
Bankrolling the new challenge is a name familiar to HealthLeaders readers – Richard Merkin, MD, founder, president and CEO of Marina del Rey, CA-based Heritage Provider Network. Merkin's spokesperson declined to state the exact amount of Heritage's investment, but from the enthusiastic response to this challenge, it would appear that this is a bigger deal than the usual cash prizes, and it is, as I will describe.
Teams selected to enter the Neuro Startup Challenge are from universities, research institutes, and hospitals from the United States and abroad. More than 20% of the teams are from outside the U.S. In addition to deliverables due at the end of each of the three phases of the challenge, the teams will participate in 40 rigorous entrepreneurship and start-up training sessions.
In addition to post-docs, PhDs, law, and business students, team leaders have added venture capitalists, clinical research outsourcing organizations, law firms and entrepreneurs on their teams to increase their probability of success. Each team required a seasoned entrepreneur as well as two graduate students.
"We are thrilled about the high quality teams from 96 universities that have entered the challenge," Merkin said in a statement.
3 Phases The first phase requires the teams to develop elevator speeches, 350-word executive summaries outlining potential commercial products and a company vision. Products were be posted online from January 12–16, 2015, and were to be voted upon by the public. The results were due to be posted Monday.
Winners of the elevator speech phase will move on to compete in the second phase of the competition in which teams develop a 10-page business plan and 20-minute live pitch presented to a panel of judges. Winners of the business plan phase receive $2,500 per team provided by the Heritage Provider Network, and move on to phase three of the competition: the startup phase.
The startup phase requires the remaining teams to launch their start-ups by incorporating their business, applying for licenses, and raising seed funding.
"This is an excellent model for commercializing NIH technologies, while also providing real-world, hands-on experience in creating start-up businesses to all of the Challenge participants and creating the next generation of entrepreneurs," says Joseph M. Conrad III, MD, NCI technology transfer specialist and NIH coordinator for the Neuro Startup Challenge.
The Center for Advancing Innovation (CAI) evaluated the teams that wanted to enter the challenge on more than 40 criteria. "We wanted the teams that were accepted into the challenge to look like successful startups. Therefore, we rigorously evaluated the teams based on criteria that VCs, foundations and others would use to provide funding," Truman says.
A Replicable Model The model used to develop both challenges could be institutionalized across other government agencies. "We're planning a challenge for [2015] within the NIH, and possibly even one with CDC, and we're also planning one with NASA," she said.
One thing I really like about this challenge is the way the government agencies take care to place licenses for the inventions in the care of the startups. By dint of their hard work, they are later, after further development, able to turn around and negotiate with interested bidders—big pharma and the like—without concern that those big firms could swoop in and outbid such teams in a government auction at that point where the inventions become viable.
It's a real tonic to the lowest-bidder, inside-the-Beltway government mentality that gave us healthcare.gov1.0. And it's a cleverly thought-out way to turn our tax dollars into healthcare innovation we should all be able to enjoy in a few short years.
Teams building analytics technology for healthcare organizations find themselves jointly holding intellectual property and equity in new arrangements not seen before in healthcare.
Follow the money, they say. It's not always easy. "Terms of the transaction were not disclosed" is the common coin of many a deal. But despite this, some deals are harbingers of bigger things.
To make my point, I will appropriate a word: extrapreneur. It's a word that you won't find in most dictionaries. In 1992, the American Heritage Dictionary defined intrapreneur as "a person within a large corporation who takes direct responsibility for turning an idea into a profitable finished product through assertive risk-taking and innovation."
So what's an extrapreneur? One suggestion from England: Someone who shares information among organizations that they wouldn't share among themselves.
That's a good place to start when trying to understand what is occurring at Cleveland Clinic, Geisinger Health System, and, most recently, Allina Health, where teams building analytics technology for healthcare organizations find themselves jointly holding intellectual property and equity in new arrangements not seen before in healthcare.
Extrapreneurial energy turns intrapreneurial analytics initiatives into companies in which healthcare enterprises retain some equity, remain customers, and benefit other healthcare enterprises who wish to purchase analytics technology and services.
The term extrapreneurial also reminds me of extranets, the early e-commerce concept that extended intranets (internal TCP/IP-based corporate networks) to business partners as supply chains started being built when the World Wide Web was young.
In 2009, Cleveland Clinic's extrapreneurial initiative spawned Explorys, an analytics platform which now counts numerous large healthcare systems among its clients. Yet, for quite some time, Explorys remained located on the Cleveland Clinic campus. And Cleveland Clinic remains an investor.
Geisinger created xG Health "to bring Geisinger's expertise in healthcare delivery transformation to organizations nationwide," according to xG's Web site. xG describes itself as the primary provider of Geisinger's health performance improvement intellectual property.
Launched in 2013 with $40 million of financing from venture capital partner Oak Investment Partners, and located in Columbia, Maryland, xG is not far from Geisinger's Pennsylvania base of operations.
Allina and Health Catalyst Then, on January 6, Allina Health joined the extrapreneurial ranks. A few terms of the agreement are intriguing the entire analytics industry. Allina took an undisclosed stake in analytics firm Health Catalyst.
Health Catalyst had just come off an impressive year, having raised $41 million in funding in January 2014, and convening a conference of its own rapidly-growing healthcare system analysts last fall in Salt Lake City, where the company is located.
But back to those interesting terms between Allina and Health Catalyst. It's a definitive ten-year agreement valued at more than $100 million, to combine technologies, some of which Allina developed since becoming the first customer of Health Catalyst technology in 2008.
Once a year, a governing committee of the Allina / Health Catalyst partnership will identify a prioritized list of improvement projects, each designed to provide measurable care improvement and financial value to Allina. As the partnership achieves each goal, both partners will share in the benefits of that success.
The deal also means that Allina is outsourcing its data warehousing, analytics, performance improvement technology, content, and personnel to Health Catalyst to accelerate advances. Beginning this month, in phases, Allina employees working in these areas—some 60 in all—will become onsite Health Catalyst team members.
When you have a partnership of this magnitude, extrapreneurial forces also allow each partner to remain agile rather than locked into an arrangement that has the possibility of souring due to the changing vicissitudes of technology and healthcare.
The $100 million represents the cost of what the staff and tools were costing Allina, says Penny Wheeler, MD, president and CEO of Allina Health, a $3.7 billion not-for-profit organization whose more than 90 clinics, 12 hospitals, and related healthcare services provide care for nearly 1 million people across Minnesota and western Wisconsin.
Use the Best Tool "We weren't falling back on hope as a strategy," Wheeler says. "We have a lot of confidence in our partner in Health Catalyst. Eighty percent of that [$100 million] is standard, but 20% of it is at risk, based on how we perform on key indicators, like how well the tools perform, for example, on reducing readmissions or unnecessary admissions for people who can spend nights in their own bed.
Wheeler says use of Health Catalyst technology has permitted Allina clinicians to significantly reduce readmissions, elective inductions of labor, time required to diagnose breast concerns, and sepsis rates.
"Our agreement with Health Catalyst says that if we find a better tool out there, we can use it," she says. "So, for example, if [Epic analytics software] Cogito excels at the capabilities that we work with, then we use that," she says.
"So it's more about what can you use the best to improve care than any exclusivity. That just speaks to the confidence level we both have in our ability to partner and make things better, despite what else is out in the market.
"I'm pretty confident that we're going to have a ten-year agreement and beyond," Wheeler says.
"The margins in healthcare right now are so razor-thin, and that's pretty apparent at Allina, given some of their recent financials. But they want to be able to create a little bit of a for-profit business around this core competency they've built in terms of managing their clinical performance with IT, which is what's going on here," notes Judy Hanover, research director of provider IT transformation at IDC Health Insights.
In the era of extrapreneurs, it's all part of doing business.
The deal calls for the partners to build care networks that will use new models for primary care, care management, hospitalists, long-term care, and high-risk clinics to improve and coordinate care.
Trinity Health System, an 86-hospital system active across 21 states, is joining forces with the 34,000-physician Heritage Provider Network to provide population health management in select markets throughout the country.
The joint venture, will be called Trinity Health Partners.
"Trinity Health's strategic plan calls for us to become a people-centered health system that extends beyond just providing acute and post-acute care," Richard J. Gilfillan, MD, president and CEO of Trinity Health said Monday. Based in Livonia, MI, Trinity is one of the nation's largest Catholic health systems.
The deal calls for the partners to build care networks that will use new models for primary care, care management, hospitalist, long-term care, and high-risk clinics to improve and coordinate care. Financial details were not disclosed.
"This joint venture allows us to rapidly expand our capabilities to contract with payer-partners for full-risk, capitated arrangements that will result in better health, better care, and lower costs in the communities we serve," Gilfillan said.
"We have 4,000 primary care physicians and 30,000 specialty physicians in 100 hospitals, and for years, have always wanted a hospital partner, so it would be an integrated system with both hospitals and physicians," said Richard Merkin, MD, president and CEO of Marina del Rey, CA-based Heritage Provider Network.
Adding Population Health "Hospitals have not embraced that concept, but fortunately for us, we have developed a relationship with Trinity, who will embrace the 21st century, working collaboratively so that we will be able to work as an integrated system with all of their hospitals."
Trinity already has 27 ACOs operating in 21 different markets, in both commercial ACOs and Medicare shared savings arrangements. "We have built clinically integrated networks to support those ACOs, and we put in place some population health management infrastructure," Gilfillan said.
"This is about taking that to the next level and saying we're going to build networks supported by the capabilities and infrastructure that Heritage has to actually go beyond that, to say now we'll enter into capitated full-risk arrangements with payer partners.
"Systems talk about how they have hospitalists, primary care physician offices, specialists, and home healthcare agencies. What we don't have is a systematic, engineered infrastructure, an approach in established clinical protocols and clinical ways of interacting with patients and each other to coordinate care across all those different sites. So what most immediately Heritage is bringing is experience—35 years of developing those capabilities."
In addition, Heritage brings Trinity needed experience in measuring and driving improvements in metrics that demonstrate outcomes, Gilfillan said. He was the first director of the Center for Medicare and Medicaid Innovation.
Although Heritage currently operates primarily in four states, the new joint venture could result in it acquiring physicians on a nationwide basis. "We've been recruiting and training and have an educational program that we've been developing over the past six months particularly and specifically for this program," Merkin said.
"We're looking forward to the opportunity to bring these capabilities to our marketplaces and to work with physicians, community care providers, nurse-led clinics, other hospital systems, and then payers, to really, we think, meet the full promise of the opportunity that's before us," Gilfillan said.
Not a Merger He flatly denied the joint venture was in any way a step toward an outright merger of the two organizations.
"I can give you a simple answer to that," Gilfillan said. "That's no. This is what it says it is, a joint venture partnership, to pursue the opportunity to deliver great care in a much broader way than either of us has been able to do in the past."
Trinity has annual operating revenues of about $13.6 billion and assets of about $19.3 billion. Trinity Health employs about 89,000 people, including 3,300 physicians.
In addition to 12 owned IPAs, the Heritage family of companies, includes 52 staff model medical group sites and hospice, home health, and surgery center companies. HPN and its affiliates operate in California, New York, and Arizona and provide health care to over 1 million individuals.
Healthcare leaders are developing policies to address the continued growth of "bring your own device" and "bring your own technology" use.
This article first appeared in the December 2014 issue of HealthLeaders magazine.
Even as data breaches proliferate, healthcare workers are carrying ever more digital devices and tapping into consumer-oriented cloud services, causing no end of challenges for healthcare leadership.
The lure of the latest smartphone or tablet, or wearable devices such as Google Glass, is irresistible to healthcare staff. A major strategy of healthcare leaders is to get out in front of the parade and offer technology and impose policies that accommodate the new devices and technology services, but with appropriate oversight.
Key to implementing this is the ability to manage such a device in the workplace but not interfere with the private personal aspect of the device itself, because it is owned by the individual, says Charles Podesta, CIO at Orange, California–based UC Irvine Health, a 4,800-employee organization with 450 primary and specialty care physicians, and whose medical center has 411 licensed beds.
"They have their own personal apps and their own setup as to what the user interface is and that sort of thing," Podesta says. "You don't want to mess with that, but you also want to make sure that the device is secure when it's on your network and utilizing the various applications that you have within your system."
The FDA's job may need clarification as technology changes. Fitness devices are becoming more intelligent and will soon produce data that approaches medical advice.
Scanadu's Scout Device
Two years ago, at the end of my on-site roundup of the building digital health excitement at the International CES show, I wrote about Scanadu, a company developing a noninvasive vital sign reader called the Scout. At the time, Scanadu's founders showed their prototype at a table at one of the off-floor CES press events. It was to my knowledge one of the only announced products at the show waiting for FDA clearance before going on sale.
Today, two years later, Scanadu still doesn't have FDA clearance, and you can't buy the Scout on the company's website. It's a shame, really. The product is more elegantly designed than many consumer electronics products, appears to be simple to use, and provides a lot of valuable biometric information to someone possessing one.
But here is where we get into what's wrong with CES, or what's wrong with the FDA, or perhaps both.
The digital health section of CES is substantially larger than it was two years ago, but few if any devices on display are FDA-approved, and thus have everything to do with fitness and virtually nothing to do with health monitoring. This is by design, a grand bargain FDA reached with industry many years ago, which I studied at length in 2013 when I earned a certificate in clinical trial design and management at the University of California San Diego Extension.
Devices that purport to treat disease must get the FDA's blessing. Devices that simply provide information but do not claim to treat disease may proceed without FDA approval, but must warn users they are not designed to treat disease.
Scanadu's journey to approval as a disease-treating device is an instructional story.
"We were one of the pioneers in this, but the amount of work we had to do to actually qualify for FDA is enormous with consumer electronics," says Walter De Brouwer, co-founder and CEO of Scanadu. Belgian-born De Brouwer has been something of a media darling in Silicon Valley due to some previous entrepreneurial activity.
"It's not a problem with FDA," De Brouwer told me in a phone interview last month. "It was a problem with our device actually. We do vitals and we fuse data, but if one of the vital signs which is measured by a sensor doesn't work, we have to start all the data and analysis again, so we have to see thousands of patients again.
"A big part of my company are mathematicians. FDA is very mathematically oriented. They tell you, 'This is the standard deviation. These are two tests. Here we want 285 people. Here we want 80 people. The repeatability must be three. The standard deviation must be six. Our mean absolute error must be that.' And that means that you have to have teams that do hardware, who do manufacturing, who do firmware, software, mathematics, and if one of them makes one mistake, because it's fusion, it pervades through all the others, and you have to start all over again."
This month, Scanadu will ship 8,600 Scouts, but without FDA approval. According to a company spokesperson, this batch consists of "investigational devices" being provided to participants in the company's Indiegogo crowdfunding campaign (which exceeded its goal of $100,000 by more than $1.5 million). Feedback from the Indiegogo participants is a valuable part of Scanadu's usability study for the company's road to FDA clearance, the spokesperson says.
De Brouwer now hopes to receive FDA approval in the third quarter of 2015.
Despite all this, last year a study described in JAMA reported that 42 of 50 selected medical devices lacked publicly available scientific evidence to verify the devices' safety and efficacy. In response to these findings, the FDA said it "reviews a significant amount of data—far more than what is publicly available" and that the agency "has served the American public well by balancing the need for robust evidence to assure safety, while expeditiously bringing new technologies" to the market.
Meanwhile, back on the CES show floor, it's anything goes as long as you carry that catch-all disclaimer. Fitness trackers and trainers abound, usually dispensing nothing but raw data (heart rate, distance, cadence) and often now incorporating a social media aspect that urges weekend warriors to go faster and further. Sharing results is typically "gamified," which means friendly competition abounds among fitness gadget wearers. These devices often carry disclaimers advising the user to consult with a doctor before starting any exercise program, disclaimers that may be ignored.
While FDA has its own work scrutinized, it has to be aware that the more intelligent the average fitness device gets, the more likely it will be that those devices will be aggregating data, as Scanadu is doing, and produce something that approaches medical advice—the exact kind of innovation CES attendees are all talking about.
In 2013, a variety of House Republicans did their table-pounding best to take shots at the FDA on the impact the agency's heavy-handedness was having on innovation in the U.S., where only the stalwart folks like Scanadu or AliveCor have the fortitude to make health-oriented consumer devices safe, effective, and easy to use.
Now, as if to illustrate some Congressman's point about stifling U.S. innovation, a Taiwanese company today will exhibit on the CES show floor with what it calls the "world's first stamina sensor and app."
Runners or cyclists wear the sensor with a chest strap, and the sensor's two-lead EKG starts to generate data. The system alerts wearers through different vibrations when wearers are at 60% of their stamina, 30%, or reaching a limit where they should relax to recover, potentially avoiding injury.
Two ironies about this device. First, its name is GoMore—a name more appropriate for devices that do far less and simply egg on athletes—and the company developing it has the name bOMDIC, which in my book looks a lot like the word biomedical, certainly suggestive of the kind of device that the FDA would have to approve.
And yet, while the U.S.-created Scanadu Scout waits its turn, GoMore goes to market. The GoMore manual doesn't really explain this, but there is first a calibration phase, when the wearer is supposed to exercise all-out, to allow the GoMore algorithm to know the wearer's capability. With this data, GoMore learns the capability of the wearer, and knows where to set the thresholds for its later stamina alarms and further learning about the wearer's performance. But it's really the wearer who controls the gadget's upper boundaries of knowledge.
While the product is not classified as a medical device, bOMDIC also throws in the standard disclaimer that the product is "not to be used to diagnose, treat, or prevent any disease or medical condition."
"Our algorithm is a self-learning algorithm, which means you have to disclose your limitation, so the next time it will feed back more precise results," says HsinFu Kuo, CEO of bOMDIC.
GoMore's algorithm infers the wearer's remaining energy and buildup of lactic acid, Kuo says. "If you ask the people in the FDA, they do not give you a very clear definition of stamina, so we try to sell the product as consumer electronics."
Nevertheless, products like GoMore are starting to make the same kind of advice your doctors might make if they were running alongside you. I predict that if the product is wildly successful, the FDA will have to revisit its policy, because so many people might be coming to depend on GoMores and the like for what amounts to a kind of medical advice.
Or, as De Brouwer puts it, "The FDA might not be their worst enemy. Their worst enemy may be the ambulance-chasing lawyers. America is a litigious society."
Author David Brin expounds on artificial intelligence, bioterrorism, 3D printing, gut flora research, and living in the age of transparency.
David Brin
This week, let's look far ahead. I can think of no better way to reflect on passing the middle of the decade than turning the rest of this column over to futurist David Brin for some choice observations and predictions.
The futurist and science fiction author is a recipient of the Freedom of Speech Award of the American Library Association for his 1998 nonfiction book, The Transparent Society. Brin was a featured speaker at HealthLeaders Media's inaugural Health IT and Quality Exchange this year, where he expounded on various topics.
On technology backlash: "In my latest novel, Existence… I portray a future 30 years from now in which there's truly substantial movement all across the Earth to… say 'stop charging forward.' That's one solution to the minefields. Stop charging forward. Be nostalgic for ancient wisdom. Almost every human civilization not only had a pyramidal social structure, but believed in a golden age in the past when people were better. When they flew to the sky. When they had the knowledge of gods. When they were close to God."
"And they fell from that state of grace because of some human flaw. And then can never rise up again. Now you all know I'm referring to some fable in your own backgrounds. Ours is the first civilization that is daring to move this golden age from the past into a future, a vague future that we probably are not wise enough to build. But one thing we can do is we can build the builders of the builders."
On building artificial intelligence systems: "The attitude that I believe will get us a soft landing when we build AI…is to treat [it the same] as our kids, because that's how we know how to create intelligences that are smart enough and still don't go destroy all humans. Because 99% of our kids wind up not going forth and destroying all humans."
On what makes a science fiction story great: "The greatest books of science fiction, or stories of science fiction, were self-preventing prophecies that so stirred people, so frightened people, that they would devote portions of their lives to making sure it never happened, and you can all think of what the great granddaddy of all such stories would be, and that's George Orwell's 1984."
On the microbiome and bioterrorism: "Get a book that moves too slowly for modern tastes. It's by Aldous Huxley, who wrote one of those self-preventing prophecies that's going to be very much discussed, because Brave New World is more likely how we'll get a tyranny [rather] than [Orwell's] 1984."
"Because so many people will be so empowered with so many technological means of destruction, that the powers that be, if the pyramid gets reinstated, will not be able to afford to make us mad. It won't be Orwell's iron boot in our face. Because millions of teenagers will have MolecuMax on their desktops."
"When those giant labs of computers got compressed down to a desktop, you...have 99% wonderful things and 1% horrible hackers, what do you think is going to happen when the average teenager can synthesize any known or unknown organic compound?"
"I know one immediate response, and that is none of us will ever eat at McDonald's again. Not until we have a tricorder and scan what they hand over… Aldous Huxley pointed out that it might be pleasure, not an iron boot, by which we're controlled."
On human longevity: "It turns out that we're the Methuselahs of Mammals. Did you know that mice and elephants get the same number of heartbeats? A mouse has very rapid metabolism, and she races through hers. The elephant has a very slow metabolism, especially the females. And she takes her time. But they all get about a billion heartbeats. We get three and a half billion heartbeats on average. There's a wall that almost no one gets past. And public health doesn't help with that. Modern medicine doesn't really help with that."
On breakthroughs in 3D printing and gut flora research: "I think within two years, three years, you're going to see things in your local health food store that are actual pills that will actually change your microbiome for the better…we're developing techniques for regeneration. Right now they're able to rip out a cancerous esophagus, put in a cartilaginous module, and stem cells, and when they first started doing this, they thought they would have to imbue into the matrix different growth factors for different types of cells, because we're going to have to grow cartilage here, grow muscle tissue here."
"You would have thought that it would have to take a fantastic level of science and engineering that would often fail, and have this very tailored mix of growth factors embedded in this replacement esophagus. No! They just plug it in! And it becomes a functioning esophagus. Now it's not going to be that easy for kidneys or livers. But what an age to live in."
On the age of transparency: "Blinding elites is not effective. You can't name for me any time in human history when freedom was augmented by that approach, because the elites won't let themselves be blinded. It feels like an existential threat to descendants of monkeys and apes, to be blinded."
"The core point of The Transparent Society is that if you want to maintain freedom, you have to be aggressive about maintaining our ability to look at, and sousveillance is the answer to surveillance… if they use this information against you, you should be able to know who's using it against you… I am Mister Transparency, but I'm not Mister Nakedness."
"There is a cause and a place for technical secrecy. I tell the CIA, there's a time and a place for privacy, without which you can't be human. There's a time and a place to be able to gather your forces. But these will only be defended if they are narrowed."
"More than 50% of eligible professionals will face penalties under the Meaningful Use program in 2015, a number that is even worse than we anticipated," says the AMA's president-elect.
More than 257,000 eligible providers this week will start getting letters from the Centers for Medicare & Medicaid Services stating they will be paid 1% less by Medicare and Medicaid in 2015, as a result of failing to demonstrate Meaningful Use of electronic health records in 2013.
The payment adjustments, CMS-speak for penalties, were prescribed by the American Recovery and Reinvestment Act of 2009, which also established the EHR incentive payment program which has since paid out more than $25 billion to eligible providers and hospitals.
To be levied starting January 5, the adjustments have only been in effect since October 2014, and so far have only applied to about 200 eligible hospitals. The new adjustments are the first to hit eligible professionals.
In addition, about 28,000 eligible providers will receive adjustments of 2%, because they had enrolled in both the incentive program and in CMS's ePrescribing incentive program.
CMS provided the statistics during a press briefing Wednesday. Eligible providers will also be able to apply to have their status reconsidered by CMS. It said an online application form to do so would be available Thursday.
Eligible professionals also had been able to apply for hardship exemptions from the payment adjustments by July 1, 2014. At that time, CMS received nearly 44,000 applications. The vast majority were approved, and just over 1000 were denied. Some were dismissed because the hardship exemption application had already met Meaningful Use criteria and were "confused," a CMS official said.
The hardship exemption application period was extended into a second round, during which CMS received more than 13,000 applications, fewer than 1,000 of which were denied.
AMA 'Appalled'
In a statement Wednesday, the American Medical Association said it was "appalled" by the impending payment adjustments.
"More than 50% of eligible professionals will face penalties under the Meaningful Use program in 2015, a number that is even worse than we anticipated," said Steven J. Stack, MD, AMA president-elect:
"The Meaningful Use program was intended to increase physician use of technology to help improve care and efficiency. Unfortunately, the strict set of one-size-fits-all requirements is failing physicians and their patients. They are hindering participation in the program, forcing physicians to purchase expensive electronic health records with poor usability that disrupts workflow, creates significant frustrations and interferes with patient care, and imposes an administrative burden."
Stack noted that the AMA supported the original HITECH legislation and had provided extensive and constructive feedback to the Administration to help fix the Meaningful Use program, "but few changes have been made.
"In light of the dismal number of eligible professionals meeting Meaningful Use, we hope that the Administration will now move forward with the solutions we put forth in our Blueprint to make the program more successful and better enable physicians to provide quality care for their patients.
Stack also said the penalties physicians are facing under the Meaningful Use program "are part of a regulatory tsunami facing physicians, apart from the flawed Sustainable Growth Rate formula, that could include cuts from the Physician Quality Reporting System (PQRS), the Value-based Modifier Program (VBM) and the sequester, further destabilizing physician practices and creating a disincentive to see Medicare patients."
Additional Penalties
According to the Administration, only half of eligible physicians participated in PQRS in 2013, meaning that many will incur penalties from both the Meaningful Use and PQRS programs, Stack said.
"The overlapping and often conflicting patchwork of laws and regulations must be fixed and aligned to ensure physicians are able to move to innovative payment and delivery models that could improve the quality of care."
A CMS official also noted that under ARRA, those eligible providers who never opted into the Meaningful Use incentive payment program nevertheless begin facing their own payment adjustments if they are not attesting as of January 1, 2015.
When asked what reasons such providers were giving for not participating, the official said "There are certainly some people who are close to retirement who believe that they want to stay on paper records and don't want to switch, but now that we know who they are, we can do more analysis and delve into that, and I think that will be coming out in the next couple months."
CMS will be taking applications for reconsideration of the payment adjustments through the end of February 2015, the official said.
A roundup of healthcare IT security predictions and priorities for next year—and which one matters the most.
This year the online security breaches facing healthcare rose to new levels of fear, loathing, and shame. Healthcare wasn't always the "target" in 2014 (pun intended) but for customers of Target, Home Depot, and others, it was a year of great dread. And then, just before the year ended, a massive breach of security at Sony Pictures saw public dissemination of, among other things, conversations between Sony employees and Sony HR personnel—discussing health insurance matters and highly confidential details of the medical conditions of employees' children.
While the industry debates whether Sony and all other employers are covered entities under HIPAA, the damage to those kids is done, whose permanent medical conditions will be public information for the rest of their lives.
With that somber backdrop, I was somehow amused when, within the space of a day, three security experts called to offer their predictions for the 2015 security landscape for healthcare. I decided to triangulate the three—see where they agreed and where they differed.
Experian Data Breach Resolution Group's predictions:
Rise—and fall—of payment breaches
Safeguard your password: more hackers will target cloud data
Persistent and growing threat of healthcare breaches
Shifting accountability: business leaders under increased scrutiny
Missing the mark: employees' mistakes will be companies' biggest threat
Rise in third-party breaches via the Internet of Things
Coalfire's predictions:
Motivated threat actors
Redefining the defense—understanding risk exposure
Three heads vs. one—balancing responsibility between CIOs, CTOs, and CISOs
Investments will increase
New fronts—mobility, cloud, BYOD policies, Internet of Things
Universal monitoring
Business leadership on policy development
New threat detection and response technologies
Improved security
Back to offense
ESET's predictions:
XP embedded support ends in 2016; hospitals need to get of it in 2015
HHS' Office of Civil Rights has begun Phase 2 audits; hospitals need to do risk assessments immediately
To be honest, the biggest common theme I find running through all three sets of predictions is to generate heightened fear to drive the revenue of these consulting and technology companies. I proceeded to grill them about whether these are really the security priorities that will matter in 2015.
Here are my takeaways on the lists above and the real risks to healthcare security.
1. Predictions in tech are infamously, consistently wrong or inconsistently right. "Expect the unexpected," a tech company's motto, is my motto. Case in point: Experian, in its first annual set of predictions in 2014, predicted that the cost of security breaches would fall. "It actually went up," says Michael Bruemmer, Experian's vice president of consumer protection. Preventive measures and cyberinsurance policies were supposed to lower breach costs in 2014. They didn't. Bruemmer says the largest cost of data breaches is loss of revenue and brand reputation when a prominent corporation gets breached. Company revenues and stock prices of the affected enterprises also took a beating.
2. As patients take control of their data, they will become the source of more breaches.With thousands of healthcare apps in the app stores, patients loading their own healthcare data in such apps means a shift of responsibility from insurers and providers to app developers and patients themselves. "That's a whole area that could be in addition to what I've already described in some of the predictions," Bruemmer says.
3. Bringing business leaders up to speed doesn't mean a security turnaround in 2015. "They're going to be brought in, but they can't keep up fast enough," Bruemmer says. He says a Ponemon Institute study found that 46 percent of all companies aren't doing security and private training. Too many employees still open phishing emails, lose unencrypted laptops, and put unpatched servers in production use. Until top management makes change a priority, expect increasing numbers and severity of breaches on into 2016 and beyond. But at least more boards of directors are requesting briefings by security consultants, notes Rick Dakin, CEO of security audit and compliance firm Coalfire.
4. Security consultants cannot agree on whether the cloud is now a safer place for data than the typical small health system's data center. Experian's Bruemmer says moving all health data into a big cloud provider's data center makes that data a bigger target for the bad guys. Meanwhile, Coalfire, which counts cloud provider Box as a client, sees those cloud companies investing millions in security. They will know exactly who is accessing data at a very granular level, according to Dakin. I also spoke with a small-hospital CIO last week who threw cold water on the "big target" theory. "That's not how it works," says Dick Escue, CIO of Valley View Hospital in Glenwood Springs, CO. The bad guys "are not out there going, 'We're going to target this place.' They're pinging the Internet and just looking for an opening. It's just an IP address.'"
5. Going on the offense means different things to different people. To Coalfire's Dakin, going on the offense means anything beyond deploy-and-forget security controls. To Dakin, patching vulnerabilities is going on the offense. I disagree. To me, that's just due diligence. To me, going on the offense is, at the very least, setting up "honeypots" and places where CISOs can catch bad guys by dangling dummy patient data, without putting any actual sensitive at risk.
6. The XP Embedded problem is a clear and present danger to healthcare. No one really knows how many hospital-based devices are out there still running Windows XP Embedded, the last vestige of the 2001 Microsoft operating system no longer patched in its desktop incarnation. Conventional wisdom is that these devices are not connected to the Internet. But that's not true. Too many of them even run Internet Explorer 6, also unpatched for years at this point, says Lysa Myers, security researcher at ESET, an anti-malware software company. Some of these devices are found in neo-natal units, Myers says. Upgrading is tough since these devices are usually much more expensive than the typical Windows PC.
"I would be very surprised if the market share of XP Embedded went down to zero by the end of January 2016, but my hope is we can get really close," Myers says. "I think there's a lot of people out there who are not aware of end of life coming for XP Embedded. My hope is by telling people about it, they can get motivated."
If healthcare IT makes any security progress in 2015, let it be on Myers' call to action. I predict trouble if we ignore it.
Anne Wojcicki, CEO of 23andMe, received unexpected news in November 2013 when the FDA told her company that it would not be able to market its genetic sequence technology to consumers as personalized health reports. Since then, she has been leading the company's efforts to satisfy the FDA's concerns while making sure that 23andMe's services are accessible and affordable to consumers.
In our annual HealthLeaders 20, we profile individuals who are changing healthcare for the better. Some are longtime industry fixtures; others would clearly be considered outsiders. Some are revered; others would not win many popularity contests. They are making a difference in healthcare. This is the story of Anne Wojcicki.
This profile was published in the December, 2014 issue of HealthLeaders magazine.
"The more we empower individuals to take ownership of their health and their wellness, the better outcomes they will have. People want this information because they want to learn about themselves."
Wojcicki, CEO of 23andMe, unexpectedly received word in November 2013 from the FDA that 23andMe would not be able to market its genetic sequencing technology to consumers as personalized health reports. Since then, the company has focused on satisfying the FDA's concerns—learning in March that its corrective actions met those concerns—and relaunching at a date yet to be determined. Meanwhile, the company is still selling ancestry and raw genetic data.
"When we got the FDA letter, it was definitely a surprise, but it was never sort of out of the blue," Wojcicki says. "We were obviously working with the FDA to figure out a path toward approval, so in some ways, this letter really just reprioritized the company. We've had some incredible hires, and we're really focused on relaunching and having a much, much better product out there that will have an FDA clearance. So in some ways, we've seized the opportunity with it." One of those hires is Kathy Hibbs, who now runs 23andMe's legal and regulatory operations. "It has definitely opened up doors for us because we're now speaking the right language," Wojcicki says.
23andMe's service delivers a customer's genetic code to them, but interpretation of that code is primarily limited to clues about the customer's ancestry. Still, that hasn't stopped customers from sharing their sequences and insights. "We have more than 750,000 customers, and I get a story probably every other day about someone where genetics has really transformed their life."
Wojcicki is intent on remaining consumer-facing. "Healthcare should be accessible to individuals, and it should be affordable," she says. "We are $99 now. We will be in that affordable range. The more we empower individuals to take ownership of their health and their wellness, the better outcomes they will have. People want this information because they want to learn about themselves."
Although 23andMe could have made great strides financially by focusing elsewhere instead of targeting consumers, its business is gradually broadening thanks to government grants. In July, the National Institutes of Health awarded a $1.37 million grant to 23andMe to discover rare variants associated with disease and to improve its survey tools for use by researchers. The ultimate goal, though, remains connecting those researchers with consumers, whose questions and conditions can drive genomic research; streamlining the delivery of results, also to the benefit of consumers; and accelerating the discovery process, Wojcicki says.
"There's a disconnect where people walk into their physician's office or they walk into a hospital, and they don't know yet how to use this information," she says. "Those are the two worlds that at some point have to be married."
23andMe's travails with the FDA, however, have highlighted the question of whether FDA regulation has put a damper not just on genetic research, but on all manner of healthcare innovation. "People are terrified right now of the regulation in healthcare," Wojcicki says. "There's clearly a role for the FDA. I think that the challenge is figuring out what that right structure is going to be. We want to be able to encourage innovation in a safe way that has the right risk/benefit ratios."
Towards that end, Wojcicki is going to Washington more often. She is urging the FDA to open an office in Silicon Valley, and agrees that the FDA needs a funding boost to jump-start a range of industry-friendly initiatives.
Like many others, she also wants fundamental change in the way clinical trials are conducted in the United States. "Once something's on the market, the public needs to be better educated about the fact that just because it's approved and it's on the market doesn't mean it's entirely safe," Wojcicki says. "There's an incredible potential for us to really understand how are therapies being used, and then detecting adverse events or side effects much, much faster, and hopefully then that will enable a process where you could have smaller clinical trials and you could get drugs out faster."
At the same time, there's a need for better vigilance of approved drugs. "We still need to have extensive phase 4 monitoring and vigilance about how is it that people are actually using therapies, and what is the right way that they should be used," Wojcicki says.
Still, in a year in which some massive healthcare information breaches have occurred, some might be surprised to learn that given a choice between revealing her genetic information and her credit card information, Wojcicki would choose the former.
"There's always a vulnerability with all these big data sets," she says. "Part of it again is understanding the balance between risk and reward. One of the things that 23andMe has always believed strongly is that people should always have the ability to opt out. So if you do not want to participate in our research, you don't have to."
Having said that, the majority of 23andMe customers opt to allow the company to continue to use their genetic data to further research. "More than 80% of our customers participate in the research, and that's part of what we're trying to do, is make sure people understand that there is a risk/reward," Wojcicki says. "If you have 10,000 people who all have sarcoma, and there's a high rate of mortality with it, but you can all use your data together to try to develop a cure, there's a risk of a data breach, but there's also a potential that you're going to have something transformative that comes out of all that data. Then I think it's a personal choice of do you want to weigh in, do you want to participate in making your data available, and is that risk/reward appropriate for you? For me, overwhelmingly. I'm more willing to have all my data come out there, because I feel like there's a real benefit of having my data combined with all the other data sets out there, because it's going to impact someone's health."
Wojcicki's philanthropy foundation, founded with her husband Sergey Brin, cofounder of Google, received $187 million in 2013. According to Philanthropy.com, it devotes most of its grant making to a handful of nonprofits, including Ashoka, an organization that brings together social entrepreneurs to work on education, the environment, and women's issues; the Human Rights Foundation; and Tipping Point Community, a charity that seeks to eliminate poverty in northern California.
Like most healthcare leaders, Wojcicki wonders how soon healthcare reimbursement will change to encourage awareness of one's genetics information, even as the cost of accessing that information drops to zero.
"That is a five- to 10-year project," Wojcicki says. "One of the things that we talk about all the time is, if you're high risk for Type 2 diabetes, and I prevent you from developing Type 2 diabetes, no one really makes money. But if you're diabetic, it's very easy for me to look at all the ways that you're monetized. It's a fundamental conflict that we have in the healthcare system, and I don't know how to resolve that either, but I do think that there's some interesting movement in that area, and one thing that I point to is the fact that Walmart is putting physicians in all their stores, because if you think about where you start to get your lifestyle, and if you think about how you want to prevent a disease, it has to do with your lifestyle, and if you're shopping at Walmart, that's sort of your lifestyle store, and you're high risk for heart disease, okay, you look for low-sodium foods, and you go to Walmart. You buy running shoes. You do other kinds of behavior modifications. So how does your retail world merge with your healthcare world? When I think about things like that, it becomes interesting."
"What keeps me up at night right now is the fact that I don't see any movement on the part of physicians or hospital systems in adopting genetic information, and so that vision, as much as it would be feasible for a child to have their full sequence at birth, if it's not adopted by institutions and by physician groups, that's never actually going to happen, and we're not going to reap the benefits of preventive care based on the genetic foundation until that adoption actually happens."
The Argonaut Project that launched last week offers a real chance at much-needed workable EHR standards. But by itself, Argonaut won't lead to interoperability nirvana.
In Greek mythology, the Argonauts, accompanied by heroic Jason, had to snatch a golden fleece from a dragon who never slept. In 2015, the Argonaut Project aims to snatch a true interoperability demonstration between EHR competitors and help healthcare providers who've spent many a sleepless night trying to figure out how they can survive in this new age of sharing EHR data.
Announced at last week's HL7 Policy Conference in Washington, the Argonaut Project has the backing of heavyweight EHR competitors Epic, Cerner, McKesson, Meditech, and athenahealth, as well as heavy-hitting providers Partners HealthCare in Boston, Intermountain Healthcare in Salt Lake City, Beth Israel Deaconess Medical Center in Boston, and Mayo Clinic in Rochester, MN.
So how bowled over should we be by this announcement?
First, consider that every EHR provider listed above is a member of HL7, a nonprofit standards development organization dedicated to providing a comprehensive framework and related standards for the exchange, integration, sharing, and retrieval of electronic health information. (With one exception: athenahealth let its membership in HL7 lapse in 2013, but a spokesperson tells me its renewal should be finalized by the end of this month.)
In short, these fierce competitors already meet around the HL7 table. So this wasn't exactly a Camp David moment for healthcare IT. More like a lively meeting of the United Nations.
But Argonaut is important. It represents a "code sprint" aimed at delivering something in April or May that could prove or disprove the utility of the new HL7 Fast Healthcare Interoperability Resources (FHIR) technology that aims to make sharing healthcare data more like sharing data on the Internet.
If the effort succeeds, it means peeling away a layer of the wall preventing interoperability between systems. Its goal is nothing less than providing a way for developers to create applications that could, given proper provider authorization and user authentication, allow data to flow much more freely than it does today.
In Search of Better Standards
Of course, to get there, the Argonauts still have to demonstrate FHIR in action, reading from and writing to Epic, Cerner, and other EHRs. The driving force behind that is longtime standards proponent Micky Tripathi, head of the Massachusetts eHealth Collaborative, who has committed his organization to serve as the project manager for this initiative.
Tripathi also co-chaired the JASON Task Force. JASON itself is a series of reports from a secretive group of scientists commissioned by the White House to make recommendations on a variety of subjects, including healthcare IT. This ONC task force wrestled with some recent JASON findings and concluded that a set of Web-friendly, standardized programming instructions (APIs) could make it easy for any developer to add health data interoperability to their applications on any device.
Although some longtime developers disagree, Tripathi asserts that APIs from the EHR developers and other consortia like Healtheway are too complex, require too much study, and of course are too numerous to promote widespread sharing of health data.
Standards groups who based their interoperability strategies on older, heavyweight tech specifications—groups such as the eHealth Exchange and the CommonWell Health Alliance—are finding the going slow and tough, Tripathi notes. Some of them assume "a lot of very specific workflows in terms of the way a physician or a hospital would have to do something, in order to even send that information or receive it," he says.
If the FHIR code sprint is successful, it will start to dissolve a model of interoperability that relies upon vendor acquiescence, larded with a layer of government-run software certification—an approach that has already been losing momentum.
Instead, the new model looks more like the way the Internet stood up: rough consensus and running code as requirements for standards, rather than attempts at standardization-by-committee.
The Road to Interoperability Nirvana
If I've learned anything covering IT for 33 years, it's that each way interoperability comes about is its own peculiar story. There is no one right way. So why do I think Tripathi's effort, which after all is just one of many efforts of late, including one announced recently by the eHealth Initiative, is particularly noteworthy?
For one thing, HL7's old-style program interfaces seem to have stumbled. HL7 version 2 has been the unseen workhorse that quietly moves a lot of healthcare data around between heterogeneous systems today. But version 3 has been a fumble, so HL7 itself is casting about looking for a new way to do things. That gives FHIR, itself a product of HL7, the inside track.
The other good thing FHIR does is retrieve information in chunks smaller than entire documents more efficiently than occurs in other healthcare interoperability schemes. Too many older-style mechanisms bring back an entire document, says Tripathi, which makes no sense when a patient is trying to use a mobile phone to retrieve a list of medications.
Now that I've raved about FHIR and Argonaut, I will note why having running code in April still leaves us a long way from interoperability nirvana.
Many EHR vendors, including Epic, have had ways to get data into and out of their EHRs for years. The issue isn't just programmatic. It is about the legal and business agreements that third parties have to reach with vendors to get the data out. In Epic's case, a transaction fee is paid for Epic's trouble in extracting or inserting the data in question. Epic isn't alone in charging for this service. Just because Epic supports Argonaut, it is not committing to waiving those fees in the future. The hope is that the new FHIR interface is easy enough to use and manage that Epic won't have the overhead it currently does and will be able to waive the fees. (In other ways, Epic is actually more liberal in allowing access to certain non-EHR apps and services than its supposedly "open" competitors are. But that's a topic for another column.)
Note that last week's announcement doesn't even say that Epic or any participant is committing to using the fruit of Argonaut's efforts. All participants are providing resources, including undisclosed sums of money, primarily to HL7 to get the code sprint to April, but after that, Argonaut’s story, and FHIR’s, are as yet unwritten…
Tripathi hopes that his effort is so successful, it won't even matter if FHIR gets baked into meaningful use stage 3. Since we still don't know just how badly stage 2 has stumbled (those attestation results have been pushed back to the end of this month), it is still unclear if the old notions of stage 3, and of certified software, will soon be irrelevant to healthcare IT. Or if FHIR will work so well, no one will care.
The truly radical notion of this public API is that the existing certification of healthcare information technology in order to achieve certain standards compliance just kind of goes away. Implementations either work or they don't. That's the beauty of the way the Internet was built: one interop event at a time, with the standards worked out in parallel or at the end of the process.
Websites for the longest time didn't need to have anyone's permission to exist. (App stores for mobile devices do have such permissions, but they are still relatively loose compared to the old IT way of doing things.) We are talking about a future where the app that connects you to your electronic medical record is one that you choose, not one that is strictly approved for your use. Where the patient portal you choose succeeds on its merits, not on the fact that the EHR vendor built it.
And where yes, some bad things can happen; some bad apps can try to abuse or fudge with health data, but rather than them being regulated out of business, buyers must beware, and the court of public opinion will simply swarm over bad apps and put them out of business through general condemnation and the power of social networks.
A lot of people believe that is a future worth striving for in healthcare IT. We are about to start finding out if we as an industry can take some major steps in that direction.
