News, Analysis, Trends, Management Innovations for
Clinical Laboratories and Pathology Groups

Hosted by Robert Michel

News, Analysis, Trends, Management Innovations for
Clinical Laboratories and Pathology Groups

Hosted by Robert Michel
Sign In

American Associated Pharmacies Struck by Ransomware Attack

Clinical laboratories and anatomic pathology groups should consider these cyberattacks on major healthcare entities as reminders that they should tighten their cybersecurity protections

Hackers continue to gain access to public health records—including clinical laboratory testing data—putting thousands of patients’ protected health information (PHI) at risk of being exposed. The latest important healthcare entity to become the victim of a ransomware attack is American Associated Pharmacies (AAP). According to The Register, AAP announced a ransomware operation called Embargo had stolen over 1.4 terabytes (TB) of data, encrypted those files, and demanded $1.3 million to decrypt the data.

Embargo claims that Scottsboro, Ala.-based AAP paid $1.3 million to have its systems restored. They are now demanding an additional $1.3 million to keep the stolen data private, the HIPAA Journal reported, adding, “The attack follows ransomware attacks on Memorial Hospital and Manor, an 80-bed community hospital and 107 long-term care facility in Georgia, and Weiser Memorial Hospital, a critical access hospital in Idaho.”

AAP has not publicly confirmed the ransomware attack, nor has it made an official statement regarding the breach. But it did post an “Important Notice” on its website reporting, “limited ordering capabilities for API Warehouse have been restored at APIRx.com.”

API Warehouse is a subsidiary of AAP that helps subscribers save on brand name and generic prescriptions via wholesale purchasing plans. It oversees more than 2,000 independent pharmacies across the US and has over 2,500 stock keeping units (SKUs) in its inventory.

The message further states “All user passwords associated with both APIRx.com and RxAAP.com have been reset, so existing credentials will no longer be valid to access the sites. Please click ‘forgot password’ on the log in screen and follow the prompts accordingly to reset your password.”

“Embargo seems to have international and multi-sector victims and is not focusing on a specific victim profile. They seem opportunistic,” Mike Hamilton (above), founder and chief information security officer (CISO) of cybersecurity firm Critical Insight, told HealthcareInfoSecurity. “However, as they do have multiple victims in healthcare, and their tooling to disable detection is sophisticated, they should not be discounted. If indeed they operate through affiliates, we can expect others to use their infrastructure and tools, and Embargo may emerge as a top threat to healthcare.” Since 80% of all medical records are made up of clinical laboratory testing data, laboratory patients are particularly vulnerable. (Photo copyright: Critical Insight.)

Embargo on the Hunt for PHI

Due to the large amount of data Embargo stole from the AAP servers, it’s likely the hackers were able to procure medical records and account details from all customers of the pharmacies involved in the attack. 

Researchers at ESET, an internet security company, first noticed the ransomware organization known as Embargo in June of this year. In a news release, ESET stated that Embargo used an endpoint detection and response (EDR) killer toolkit to steal AAP’s data. 

“Based on its modus operandi, Embargo seems to be a well-resourced group. It sets up its own infrastructure to communicate with victims. Moreover, the group pressures victims into paying by using double extortion: the operators exfiltrate victims’ sensitive data and threaten to publish it on a leak site, in addition to encrypting it,” ESET wrote in a news release.

Embargo recently attacked other organizations within the healthcare industry as well. In November, it claimed responsibility for breaching the security of Memorial Hospital and Manor in Bainbridge, Ga. The cyberattack affected Memorial’s email and electronic medical record (EHR) systems, which caused the facility to pivot to a paper-based system, The Cyber Express reported. 

Embargo’s attack on Weiser Memorial Hospital in Weiser, Idaho, involved the theft of approximately 200 gigabytes (GB) of sensitive data and caused a four-week-long outage of its computer systems.  

Other Cyberattacks on Healthcare Organizations

Dark Daily has covered many cyberattacks on hospital health systems in multiple ebriefs over the past few years.

In “Cyberattack Renders Healthcare Providers across Ascension’s Hospital Network Unable to Access Medical Records Endangering Patients,” we summarized how Ascension’s inability to access medical records during the attack caused major disruptions to patient healthcare. It took more than a month for Ascension’s electronic health record system to be fully restored.

In “Change Healthcare Cyberattack Disrupts Pharmacy Order Processing for Healthcare Providers Nationwide,” Dark Daily outlined how a February cyberattack on Change Healthcare caused its parent organization UnitedHealth Group to file a Material Cybersecurity Incidents Report (form 8-K) with the US Securities and Exchange Commission (SEC) in which it stated it had “identified a suspected nation-state associated cybersecurity threat actor [that] had gained access to some of the Change Healthcare information technology systems.”

A few days later the real identity of the threat actor was revealed to be a ransomware group known as BlackCat (aka, ALPHV), according to Reuters.

And in, “Continued Cyberattacks on Hospitals, Clinical Laboratories, and Other Providers Cause Closures as Hackers Grow in Sophistication,” we reported how hospitals of all sizes continue to be prime targets for sophisticated cyberattacks, where hackers remotely disable a healthcare network’s computer systems—including its clinical laboratory information system (LIS)—and extort ransomware payments.

Safeguarding patient data is critical, and more healthcare organizations are discovering the hard way that they are vulnerable to hackers. This situation serves as another reminder to clinical laboratory and pathology group managers that they need to be proactive and serious about protecting their information systems, and in upgrading their digital security at regular intervals.

Hackers are working hard to obtain access to protected health information, which puts patients at continuous risk of having their private records stolen.

—JP Schlingman

Related Information:

Ransomware Fiends Boast They’ve Stolen 1.4TB from US Pharmacy Network

Another Major US Healthcare Organization Has Been Hacked, with Potentially Major Consequences

Gang Shaking Down Pharmacy Group for Second Ransom Payment

US Pharmacy Network Loses 1.4 Terabytes of Data to Boasting Hackers

New Ransomware Group Embargo Uses Toolkit That Disables Security Solutions, ESET Research Discovers

Embargo Ransomware Group Claims Attack on American Associated Pharmacies

American Associated Pharmacies Resets All User Passwords after Ransomware Gang Claims Responsibility for Cyberattack

Ransomware Attack Disrupts Memorial Hospital’s EHR System, Temporarily Slows Operations

Weiser Memorial Hospital Investigating Cyberattack

Hospital Deals with IT Outage for 4 Weeks

Healthcare Cyberattacks at Two Hospitals Prompt Tough Decisions as Their Clinical Laboratories Are Forced to Switch to Paper Documentation

Three Federal Agencies Warn Healthcare Providers of Pending Ransomware Attacks; Clinical Laboratories Advised to Assess Their Cyberdefenses

Cyberattack Renders Healthcare Providers across Ascension’s Hospital Network Unable to Access Medical Records Endangering Patients

Inability to access clinical laboratory test results forced hospitals to suspend critical procedures and surgeries causing major disruptions to healthcare

Cyberattacks continue to shut down the ability of hospitals to process orders for clinical laboratory tests, medical imaging, and prescriptions. One such cyberattack recently took place against Ascension, the largest nonprofit Catholic health system in the United States. It took more than a month for the health network’s electronic health record (EHR) system to be fully restored, according to a cybersecurity event press release.

Immediately following the event, Ascension announced it had hired a third party company to resolve the fallout from the cyberattack.

“On Wednesday, May 8, we detected unusual activity on select technology network systems, which we now believe is due to a cybersecurity event. … Access to some systems have been interrupted … We have engaged Mandiant, a third party expert, to assist in the investigation and remediation process, and we have notified the appropriate authorities,” a press release states.

Based in Reston, Va., Mandiant is an American cybersecurity firm and a subsidiary of Google.  

Cyberattacks are happening more frequently and medical professionals need to be aware that patient care can be severely disrupted by such attacks. The Ascension attack locked its employees out of the healthcare provider’s computer databases, rendering medical personnel unable to track and coordinate patient care. The health network’s EHR, phones, and databases used to order certain clinical laboratory tests, imaging services, procedures, and medications were all affected. 

Hospital employees, including two doctors and a registered nurse, spoke anonymously to the Detroit Free Press regarding the issues at their facilities resulting from the cyberattack.

“It’s so, so dangerous,” said the nurse, describing the immediate aftermath of the cyberattack. “We are waiting four hours for head CT [computed tomography scan] results on somebody having a stroke or a brain bleed. We are just waiting. I don’t know why they haven’t at least paused the ambulances and accepting transfers because we physically … don’t have the capacity to care for them right now.”

“In some cases, what are supposed to be unique medical record numbers assigned to patients when they register in the emergency department at Ascension St. John [Detroit, Mich.] have been given to more than one patient at a time,” Detroit Free Press reported. “Because of that, the nurse told the Free Press she couldn’t be confident that a patient’s blood test results actually were his own.”

“We’ve started to think about these as public health issues and disasters on the scale of earthquakes or hurricanes,” Jeff Tully, MD (above), Associate Clinical Professor, Anesthesiology, and co-director of the Center for Healthcare Cybersecurity at the University of California-San Diego, told NPR. “These types of cybersecurity incidents should be thought of as a matter of when and not if,” he added. Inability to verify clinical laboratory test results or access patients’ electronic medical records endangers patients and undermines the confidence of critical healthcare workers. (Photo copyright: UC San Diego.)

Losing Track of Patients and Their Records

According to the HIPAA Journal’s H1, 2024 Healthcare Data Breach Report, “In H1 [first half of the fiscal year], 2024, 387 data breaches of 500 or more [healthcare] records were reported to OCR, which represents an 8.4% increase from H1, 2023, and a 9.3% increase from H1, 2022.”

After the Ascension cyberattack, the healthcare organization’s computer systems were inoperable, and its pharmacy services were temporarily closed. Medical orders for clinical laboratory testing, imaging tests, and prescriptions had to be handwritten on paper and faxed to appropriate departments, which led to long wait times for patients. 

There were cases where singular medical record numbers were assigned to multiple patients. Staff resorted to Google documents, paper charting, and text messaging to communicate with one another. But they still lost track of some patients. 

“For a lot of our nurses, they’ve never paper charted at all,” said Connie Smith, a charge capture coordinator and head of the Wisconsin Federation of Nurses and Health Professionals, in a ThinkStack blog post. “We were using forms that we pulled out of drawers that hadn’t seen the light of day in a long, long time.”

“They are texting me to find out where the patient went,” a St. John Hospital Emergency Room physician anonymously told the Free Press immediately following the Ascension cyberattack. “They don’t even know where the patient is going or if they’ve been admitted. People are getting lost. 

“The pharmacy is getting requests for patient medications, and they have no idea where the patient is in the hospital,” the doctor continued. “Some of the attending physicians are putting in orders for medications, somewhat dangerous medications, and we have no idea if the medications are actually being administered. It’s a scary thing when your medical license is tied to this. If medication mistakes become lawsuits, they will follow us throughout our entire careers and that is not fair to us. It’s not fair to patients.”

According to online updates provided by Ascension, the cyberattack began when an employee downloaded a malicious file thinking it was a legitimate document. That allowed hackers to access seven of Ascension’s 25,000 servers. The resulting cyberattack stifled operations across the organization’s facilities and among its healthcare providers for weeks.

A June 12 update read, “we are pleased to announce that electronic health record (EHR) access has been restored across our ministries. This means that clinical workflow in our hospitals and clinics will function similarly to the way it did prior to the ransomware attack.” The updates did not mention how the attack was resolved or if a ransom was paid to restore the hospitals’ systems.

Preparing for System Disruptions

According to its website, St. Louis-based Ascension has 134,000 associates, 35,000 affiliated providers, and 140 hospitals serving communities in 18 states and the District of Columbia.

“Despite the challenges posed by the recent ransomware incident, patient safety continues to be our utmost priority. Our dedicated doctors, nurses, and care teams are demonstrating incredible thoughtfulness and resilience as we utilize manual and paper based systems during the ongoing disruption to normal systems,” Ascension noted in a Michigan Cybersecurity Event Update.

Clinical laboratory managers and anatomic pathology practice administrators may want to learn from Ascension’s experience and make advanced preparations that will secure patient information and enable their lab to continue functioning during a cyberattack. The Ascension cyberattack illustrates how easily computer systems containing critical information can be hacked and affect patient care. 

—JP Schlingman

Related Information:

Ascension Nurse: Ransomware Attack Makes Caring for Hospital Patients ‘So, So Dangerous’

H1, 2024 Healthcare Data Breach Report

The State-by-State Impact of Ascension’s Cyberattack

Cybersecurity Event Update

The Ascension Incident: How One Email Took Down an Entire Hospital System

Cyberattack Led to Harrowing Lapses at Ascension Hospitals, Clinicians Say

PwC Survey Finds 50% of Companies Plan Layoffs and 83% Intend to Move Forward with Streamlined Workforces

Amid cost pressures, healthcare providers also plan to cut staff though some jobs are plentiful; adequate staffing at medical laboratories continues to be a challenge

Thanks to the COVID-19 pandemic and subsequent “Great Resignation,” masses of people have left the workforce and companies large and small in all industries are struggling to retain employees. Clinical laboratories have been particularly hard hit with no relief in sight.

Now comes the results of a PricewaterhouseCoopers (PwC) survey which shows 50% of US companies in various industries—including major healthcare providers—plan to lay off employees. And 83% of organizations intend to move forward with a “streamlined workforce,” according to the latest PwC Pulse: Managing Business Risks in 2022 report.

How this will affect the workload on remaining hospital and medical laboratory staff is clear. And healthcare consumers may not take well to healthcare provides running leaner and with fewer staff than they currently do.

Nevertheless, the PwC survey results “illustrate the contradictory nature of today’s labor market, where skilled workers can still largely name their terms amid talent shortages even as companies look to let people go elsewhere,” Bloomberg wrote on the  CPA Practice Advisor website.

Bhushan Sethi

“Organizations are still walking a tightrope when it comes to talent as we begin to see the longer-term impacts of the ‘Great Resignation.’ Finding the proper balance between investing in specialized talent, managing headcount costs, and driving productivity and morale will remain a top focus,” said Bhushan Sethi (above), People and Organization Joint Global Leader at PwC and an adjunct professor at NYU Stern School of Business in a PwC news release. Clinical laboratories are finding it particularly challenging to fill staff positions across all areas of lab operations. (Photo copyright: PwC.)

Healthcare Has Biggest Challenges, says PwC

Clinical laboratory leaders and pathologist groups are well aware of the unique financial pressures on healthcare systems and medical labs, as well as shortages of pathologists, medical technologists, clinical laboratory scientists, information technology (IT) professionals, and other healthcare workers.

“Healthcare is seeing bigger talent challenges than other industries and is more focused on rehiring employees who have recently left,” the PwC report acknowledged. This is the second Pulse survey PwC conducted in 2022. The 722 respondents included leaders working in human capital and finance.  

Finding Right Talent, Focusing on Growth, Automation

Finding the right employees is so important to companies that PwC ranks “talent acquisition” as the second highest risk (38%) behind cyber-attacks (40%).

“Finding the right talent continues to be a challenge for business leaders,” PwC said. “After a frenzy of hiring and a tight labor market over the past few years, executives see the distinction between having people and having people with the right skills.”

Unlike the high-touch and personal nature of healthcare, industries such as consumer technology, media, and telecommunications can turn to automation to alleviate staffing struggles. And that is what nearly two-thirds, or 63%, of companies in those sectors, aim to do, PwC said.

Other survey talent findings:

  • 50% of companies plan layoffs.
  • 46% are dropping or eliminating sign-on bonuses.
  • 44% are rescinding job offers.

Conversely, the surveyed executives also told PwC they are “cautiously optimistic” and plan on growing and investing even as the economy gives mixed signals:

  • 83% of companies are focused on growth.
  • 70% plan an acquisition.
  • 53% aim to invest in digital transformation, 52% in IT, 49% in cybersecurity and privacy, and 48% in customer experience.

“After more than two years dealing with uncertainty related to the pandemic, business leaders recognize the urgent need to focus on growth in order to compete, and they’re zeroing in on what they can control,” PwC said.

New Remote Work Programs, Reduction in Real Estate Investing, Big Tech

Although companies report having more than enough physical office space, many (42%) have launched remote work programs:

  • 70% have expanded or plan to increase “permanent” remote work options as jobs permit.
  • 22% are reducing real estate investment (financial services and healthcare industries lead the way with 30% and 29%, respectively, saying real estate buys are cooling off).

“While companies continue to invest in many areas of the business, they’re scaling back the most in real estate and capex ex [capital expenditure]. After two years of remote work, many companies simply need less space, and they’re allocating capital accordingly,” the PwC report noted.

In a somewhat parallel release to PwC’s findings, news sources are reporting reductions in real estate and staff at high-profile Big Tech companies.

Meta Platforms, Inc. in Menlo Park, Calif. (formerly Facebook Inc.), is closing one of its New York offices and cutting back on plans to expand two other locations in the city, the Observer reported.

Business Insider reported, “More than 32,000 tech workers have been laid off in the US till July, including at Big Tech companies like Microsoft and Meta (formerly Facebook), and the worst has not been over yet for the tech sector that has seen massive stock sell-off.”

According to Forbes, “San Francisco-based electronic signature company DocuSign will lay off 9% of its more than 7,400 employees (roughly 670 employees), the company announced in a Securities and Exchange filing Wednesday, saying the cuts are ‘necessary to ensure we are capitalizing on our long-term opportunity and setting up the company for future success.’”

And Bloomberg recently reported that Intel is planning to layoff thousands of people “around the same time as its third-quarter earnings report on Oct. 27.”

Healthcare Providers Plan Layoffs, Seek IT Pros

Meanwhile, major healthcare provider networks also are planning staff cuts amid service closures, rising costs, and other issues, according to Becker’s Hospital Review:

“Our health system, like others around the nation, is facing significant financial pressures from historic inflation, rising pharmaceutical and labor costs, COVID-19, expiration of CARES Act funding, and reimbursement not proportional with expenses,” BHSH said in a statement shared with Becker’s.

Amidst these layoffs, however, IT jobs in healthcare seem to be growing. According to Becker’s Health IT, some healthcare providers have posted information technology openings:

So, though it appears IT positions continue to expand, clinical laboratory leaders and pathology practice managers may want to prepare now for dealing with customers’ response to leaner healthcare systems overall.

Donna Marie Pocius

Related Information:

PwC Pulse: Managing Business Risks in 2022

Layoffs are Being Planned at Half of US Companies, PwC Survey Shows

Business Executives Remain Bullish about Their Ability to Manage Turbulent Conditions, according to New PwC Survey

Meta Is Closing a Manhattan Office as It Consolidates Its New York City Presence

50% of Companies Planning Job Cuts Amid Economic Downturn: Report

Ascension to Close Hospital, Lay Off 133 Workers

Microsoft Reportedly Cuts Nearly 1,000 Employees—Here Are the Biggest US Layoffs This Year

Intel Is Planning Thousands of Job Cuts in Face of PC Slump

Hospitals Cut Jobs to Resuscitate Finances

IT Job Openings at Mayo, Northwell, CommonSpirit, and Providence

Two Georgia Hospitals First to Be Fined by CMS for Failure to Comply with Hospital Price Transparency Law

Nearly two years after passage of price transparency law, only a small number of the nation’s hospitals are fully compliant, according to two separate reports

Price transparency is a major trend in the US healthcare system. Yet, hospitals, physicians, clinical laboratories, and other providers have been reticent to design their websites so it is easy for patients to find prices in advance of clinical care. Now comes news that federal officials are ready to issue fines to hospitals that fail to comply with regulations mandating price transparency for patients. 

Many of the largest healthcare networks claim that complying with federal hospital price transparency regulation is costly, time consuming, and provides no return on investment. Nevertheless, the federal Centers for Medicare and Medicaid Services is quite serious about enforcing price transparency laws, and to that end the agency has, for the first time, levied fines against two hospitals in Georgia that have not complied with the regulations.

As many pathologists and medical laboratory managers know, on January 1, 2021, a federal rule on price transparency for medical facilities went into effect. The rule requires hospitals—as well as clinical laboratories and other healthcare providers—to post a comprehensive list of their services and the pricing for those services on their websites, and to provide access to a patient-friendly tool to help consumers shop for 300 common services.

The CMS recently issued its first penalties to two hospitals located in Georgia for violating the law by not updating their websites or replying to the agency’s warning letters. The letters CMS sent to the two hospitals alleged there were several violations of the transparency rules, including the failure to post a listing of their charges on their websites and requested corrective action plans by the hospitals.

In November 2021, Northside Hospital Atlanta informed regulators that consumers should call or email the facility to obtain price estimates for services. Later in January 2022, during a “technical assistance call,” a hospital representative told CMS “the previous violations had not been corrected and, in fact, the hospital system had intentionally removed all previously posted pricing files,” according to a Notice of Imposition of a Civil Monetary Penalty letter CMS sent to Robert Quattrocchi, President and Chief Executive Officer, Northside Hospital Atlanta.

Under the rules of the Hospital Price Transparency law, each hospital operating in the US is required to provide clear, accessible pricing information online about the items and services they provide in two ways:

  • As a comprehensive machine-readable file listing all items and services.
  • In a display of shoppable services in a consumer-friendly format.

CMS fined Northside Hospital Atlanta $883,180 and Northside Cherokee Hospital $214,320 for noncompliance with the law. The penalties are calculated based on the size of the hospital and the length of time of the noncompliance—up to $300 per day. In addition, the facilities could endure further monetary penalties if they continue to fail to comply. The organizations will have 30 days to appeal the charges or have 60 days to remit payment for the fines.

Both hospitals are owned by Northside, a Georgia health system with five acute care hospitals, more than 250 outpatient facilities, over 4,100 providers, and 25,500 employees, according to the provider’s website.

Meena Seshamani, MD, PhD
“CMS expects hospitals to comply with the Hospital Price Transparency regulations that require providing clear, accessible pricing information online about the items and services they provide,” said Meena Seshamani, MD, PhD, Director of CMS, in a statement provided to Fierce Healthcare. “This enforcement action affirms the Biden-Harris Administration’s commitment to making healthcare pricing information accessible to people across the country and we are committed to ensuring that consumers have the information they need to make fully informed decisions regarding their healthcare.” Clinical laboratories also are required to comply with federal price transparency regulations. (Photo copyright: Modern Healthcare.)

Compliance with Price Transparency Laws Low

Analysis of the healthcare industry shows that many facilities are not in compliance with the transparency rules. In April, a report released by health IT firm KLAS Research, found that hospitals believe the transparency rule is too costly to implement and confusing to consumers, which helps explain the low compliance issues. KLAS surveyed 66 hospital revenue cycle leaders for their report.

“There are concerns about cost, data accuracy, and patient options of pricing tools; some respondents worry about patients’ ability to understand the displayed pricing data, and today, most patients are unaware online pricing information exists,” the report states. In addition, the report notes that “many organizations are not investing beyond the bare minimum requirements, and they don’t plan to do more until there is further clarity around the regulations and the expectations going forward.”

The KLAS report also noted that organizations are struggling to find the resources to comply with the price transparency rule and consider it a financial burden to continually add new employees and technology to become and remain in compliance. Many organizations see no merit in investing in a regulation that provides no return on that investment.

Another compliance report released in February by Patient Rights Advocate maintained that only 14.3% of the 1,000 hospitals they reviewed were in full compliance with the Hospital Price Transparency regulation. About 37.9% of the hospitals posted a sufficient detailing of service rates, but over half of those hospitals were noncompliant in other criteria of the rule, such as rates by insurer and insurance plans.

“We are now entering the second year since the Hospital Price Transparency rule became law, and compliance remains at very low levels,” according to the report. “The largest hospital systems are effectively ignoring the law, with no consequences.”

The Patient Rights Advocate analysis also found that a mere 0.5% of hospitals owned by the three largest hospital systems in the country—HCA Healthcare, CommonSpirit Health, and Ascension—were in full compliance of the law.

Notably, only two of the 361 hospitals owned by these three hospital systems were fully compliant. In addition, none of the 188 hospitals owned by HCA Healthcare, the largest for-profit hospital system in the country, were in compliance.

Hospitals Fail to Provide Consumers with Critical Information

The Patient Rights Advocate report found that the most significant reason for noncompliance was failure to post all payer-specific and plan-specific negotiated rates on their websites. They estimated that 85.7% of the 1,000 hospitals reviewed did not post a complete machine-readable file of standard charges, as required by the law.

“The lack of compliance by hospitals is about more than simply the failure to follow the legal requirements,” the report states. “It is also about the failure of hospitals to provide critically needed information to consumers so they can make better health decisions. Empowered with comparative price and quality information in advance of care, consumers, including employers and unions, can improve health outcomes while lowering costs by taking advantage of the benefits of competitive market efficiencies.”

With the CMS starting to issue fines for noncompliance, it is probable that more healthcare organizations will focus on adhering to the Hospital Price Transparency law. Since the transparency rules also apply to clinical laboratories, lab managers should be aware of the regulations and any further enforcement actions taken by the CMS.   

JP Schlingman

Related Information:

Hospitals Face Penalties for First Time for Failing to Make Prices Public

CMS Issues First Price Transparency Fines to Two Georgia Hospitals

After Months of Warnings, CMS Hands Out Its First Fines to Hospitals Failing on Price Transparency

KLAS: Hospitals Say Price Transparency Remains Too Confusing and Pricey to Implement

Price Transparency 2022: Hospital Perceptions of CMS Regulation

Semi-Annual Hospital Price Transparency Compliance Report: February 2022

Report: Only 14.3% of Hospitals Compliant with Price Transparency Rules One Year In

Hospital Associations and Healthcare Groups Battle HHS Efforts to Expand Pricing Transparency Rules to Include Negotiated Rates with Payers

Health Insurers and Hospital Groups Argue Price Transparency Rules on Hospitals, Clinical Laboratories, and Other Providers Will Add Costs and ‘Confuse’ Consumers

XPRIZE Founder Diamandis Predicts Tech Giants Amazon, Apple, and Google Will Be Doctors of The Future

Strategists agree that big tech is disrupting healthcare, so how will clinical laboratories and anatomic pathology groups serve virtual healthcare customers?

Visionary XPRIZE founder Peter Diamandis, MD, sees big tech as “the doctor of the future.” In an interview with Fast Company promoting his new book, “The Future Is Faster Than You Think,” Diamandis, who is the Executive Chairman of the XPRIZE Foundation, said that the healthcare industry is “phenomenally broken” and that Apple, Amazon, and Google could do “a thousandfold” better job.

Diamandis, who also founded Singularity University, a global learning and innovation community that uses exponential technologies to tackle worldwide challenges, according to its website, said, “We’re going to see Apple and Amazon and Google and all the data-driven companies that are in our homes right now become our healthcare providers.”

If this prediction becomes reality, it will bring significant changes in the traditional ways that consumers and patients have selected providers and access healthcare services. In turn, this will require all clinical laboratories and pathology groups to develop business strategies in response to these developments.

Amazon Arrives in Healthcare Markets

Several widely-publicized business initiatives by Amazon, Google, and Apple substantiate these predictions. According to an Amazon blog, healthcare insurers, providers, and pharmacy benefit managers are already operating HIPAA-eligible Amazon Alexa for:

  • Appointments at urgent care facilities,
  • Tracking prescriptions,
  • Employee wellness incentive management, and
  • Care updates following hospital discharge.

For example, the My Children’s Enhanced Recovery After Cardiac Surgery (ERAS Cardiac) program at Boston Children’s Hospital uses Amazon Alexa to share updates on patients’ recovery, the blog noted.

Alexa also enables HIPAA-compliant blood glucose updates as part of the Livongo for Diabetes program. “Our members now have the ability to hear their last blood glucose check by simply asking Alexa,” said Jennifer Schneider, MD, President of Livongo, a digital health company, in a news release.

And Cigna’s “Answers By Cigna” Alexa “skill” gives members who install the option responses to 150 commonly asked health insurance questions, explained a Cigna news release

Google Strikes Agreements with Health Systems 

Meanwhile, Google has agreements with Ascension and Mayo Clinic for the use of Google’s cloud computing capability and more, Business Insider reported.

“Google plans to disrupt healthcare and use data and artificial intelligence,” Toby Cosgrove, Executive Advisor to the Google Cloud team and former Cleveland Clinic President, told B2B information platform PYMNTs.com.

PYMNTs speculated that Google, which recently acquired Fitbit, could be aiming at connecting consumers’ Fitbit fitness watch data with their electronic health records (EHRs).

“Ultimately what’s best is human and AI collaboratively,” Peter Diamandis, MD, founder of XPRIZE Foundation and Singularity University told Fast Company. “But I think for reading x-rays, MRIs, CT scans, genome data, and so forth, that once we put human ego aside, machine learning is a much better way to do that.” (Photo copyright: SALT.)

Apple Works with Insurers, Integrating Health Data

In “UnitedHealthcare Offers Apple Watches to Wellness Program Participants Who Meet Fitness Goals; Clinical Laboratories Can Participate and Increase Revenues,” Dark Daily noted that by “leveraging the popularity of mobile health (mHealth) wearable devices, UnitedHealthcare (UHC) has found a new way to incentivize employees participating in the insurer’s Motion walking program.” UHC offered free Apple Watches to employees willing to meet or exceed certain fitness goals.

The Apple Watch health app also enables people to access medical laboratory test results and vaccination records, and “sync up” information with some hospitals, Business Insider explained.

Virtual Care, a Payer Priority: Survey

Should healthcare providers feel threatened by the tech giants? Not necessarily. However, employers and payers surveyed by the National Business Group on Health (NBGH), an employer advocacy organization, said they want to see more virtual care solutions, a news release stated.

“One of the challenges employers face in managing their healthcare costs is that healthcare is delivered locally, and change is not scalable. It’s a market-by-market effort,” said Brian Marcotte, President and CEO of the NBGH, in the news release. “Employers are turning to market-specific solutions to drive meaningful changes in the healthcare delivery system.

“Virtual care solutions bring healthcare to the consumer rather than the consumer to healthcare,” Marcotte continue. “They continue to gain momentum as employers seek different ways to deliver cost effective, quality healthcare while improving access and the consumer experience.”

More than 50% of employers said their top initiative for 2020 is implementing more virtual care solutions, according to NBGH’s “2020 Large Employers Health Care Strategy and Plan Design Survey.”

AI Will Affect Clinical Laboratories and Pathology Groups

Diamandis is not the only visionary predicting big tech will continue to disrupt healthcare. During a presentation at last year’s Executive War College Conference on Laboratory and Pathology Management in New Orleans, Ted Schwab, a Los Angeles-area healthcare strategist and entrepreneur, said artificial intelligence (AI) will have a growing role in the healthcare industry.

“In AI, there are three trends to watch,” said health strategist Ted Schwab (above) while speaking at the 2019 Executive War College. “The first major AI trend will affect clinical laboratories and pathologists. It involves how diagnosis will be done on the Internet and via telehealth. The second AI trend is care delivery, such as what we’ve seen with Amazon’s Alexa—you should know that Amazon’s business strategy is to disrupt healthcare. And the third AI trend involves biological engineering,” he concluded. (Photo copyright: Dark Daily.)

Schwab’s perspectives on healthcare’s transformation are featured in an article in The Dark Report, Dark Daily’s sister publication, titled, “Strategist Explains Key Trends in Healthcare’s Transformation.”

“If you use Google in the United States to check symptoms, you’ll get five-million to 11-million hits,” Schwab told The Dark Report. “Clearly, there’s plenty of talk about symptom checkers, and if you go online now, you’ll find 350 different electronic applications that will give you medical advice—meaning you’ll get a diagnosis over the internet. These applications are winding their way somewhere through the regulatory process.

“The FDA just released a report saying it plans to regulate internet doctors, not telehealth doctors and not virtual doctors,” he continued. “Instead, they’re going to regulate machines. This news is significant because, today, within an hour of receiving emergency care, 45% of Americans have googled their condition, so the cat is out of the bag as it pertains to us going online for our medical care.”

Be Proactive, Not Reactive, Health Leaders Say

Healthcare leaders need to work on improving access to primary care, instead of becoming defensive or reactive to tech companies, several healthcare CEOs told Becker’s Hospital Review.

Clinical laboratory leaders are advised to keep an eye on these virtual healthcare trends and be open to assisting doctors engaged in telehealth services and online diagnostic activities.

—Donna Marie Pocius

Related Information:

2020 Executive War College on Lab and Pathology Management – April 28-29

Amazon and Apple Will Be Our Doctors in the Future, Says Tech Guru Peter Diamandis

Introducing New Alexa Healthcare Skills

Livongo for Diabetes Program Releases HIPAA-Compliant Amazon Alexa Skill

“Answers by Cigna” Skill for Amazon Alexa Simplifies, Personalizes Healthcare Information

2020 Predictions for Amazon, Haven, Google, Apple

Health Strategies of Google, Amazon, Apple, and Microsoft

How Big Tech Is Disrupting Big Healthcare

Large Employers Double Down on Efforts to Stem Rising U.S. Health Benefit Costs which are Expected to Top $15,000 per Employee in 2020: Employers cite virtual care and strategies to manage high cost claims as top initiatives for 2020

How to Compete Against Amazon, Apple, Google: Three Healthcare CEOS on How to Compete Against the Industry’s Most Disruptive Forces

UnitedHealthcare Offers Apple Watches to Wellness Program Participants Who Meet Fitness Goals; Clinical Laboratories Can Participate and Increase Revenues

Strategist Explains Key Trends in Healthcare’s Transformation

;