Former Vice President received an exclusive tour of a completely fake medical testing laboratory within Theranos, which he found “most impressive”
One thing clinical laboratory leaders and pathologists may still be curious about concerning the whole Theranos affair is how the company founder Elizabeth Holmes could fool so many high-ranking individuals—including then Vice President Joe Biden—into endorsing a completely fraudulent medical laboratory test process.
But it was the lengths to which Holmes and Balwani went to “trick” Joe Biden into endorsing Theranos—and subsequently receive the positive press that followed—that MSN found most intriguing.
According to MSN, in July of 2015 Holmes and Balwani procured Biden’s endorsement by giving the VP a tour of a “completely fake, staged lab.”
“What’s most impressive to me is you’re not only making these lab tests more accessible, you’re charging historically low prices, which is a small fraction of what is charged now, while maintaining the highest standards, and empowering people whether they live in the barrio or a mansion, putting them in a position to help take control of their own health,” stated then VP Joe Biden (above with Elizabeth Holmes) in a Theranos press release. Sadly, many clinical laboratory leaders who were skeptical and outspoken about Theranos’ claims were ignored by the press. (Photo copyright: ABC News.)
Wall Street Journal Reporter Exposes Theranos Fraud
According to a 2018 article by John Carreyrou which was part of his expose´ of Theranos published in The Wall Street Journal, “Ms. Holmes and Mr. Balwani wanted to impress Vice President Biden with a vision of a cutting-edge, automated laboratory. Instead of showing him the actual lab with its commercial analyzers, they created a fake one, according to former employees who worked in Newark. They made the microbiology team vacate a room it occupied, had it repainted, and lined its walls with rows of [Theranos] miniLabs stacked up on metal shelves.”
And the ruse worked. A 2015 Theranos press release outlined the visit at the time and stated that Biden found the facility inspiring and was impressed by the work being done by the company.
“I just had a short tour and I’m glad because you can see first-hand what innovation is all about just walking through this facility. This is the laboratory of the future,” Biden said in the press release.
In 2015, then Vice President Joe Biden toured the Theranos facility with Elizabeth Holmes, observed their supposedly innovative finger stick test system, and met with several Theranos employees. Later reports exposing the fraud stated that Holmes and Balwani were desperate to obtain Biden’s approval as it would provide positive press for Theranos, a good reputation within the industry, and lure potential investors. Theranos later tweeted a photo (above) of the visit showing Biden and Holmes walking amongst numbered blood-testing machines with a huge Theranos logo banner in the background. (Photo copyright: Connor Radnovich/The Chronicle.)
Biden’s visit occurred just a few months before Carreyrou’s Wall Street Journal report questioned the efficacy of Theranos’ blood testing technology and alleged the lab testing company tried to cover up its failures and mislead investors and patients.
Prior to that hard-hitting exposé, Holmes was heralded by the media as a star in the field of medicine. She was even prominently featured on magazine covers of influential business periodicals such as Fortune, Forbes, and Inc.
Others Who Were Bamboozled by Holmes and Balwani
Biden was not the only high-profile individual who was fooled by Holmes, Balwani and their billion-dollar con job. Other high-profile people included:
Theranos ceased operations in September of 2018 amidst the exposing of the fraud and inability to locate a buyer for the company. The shutdown rendered all investments in the company worthless.
Holmes to Receive New Hearing in Federal Court
In January of this year, Holmes was found guilty of three counts of wire fraud and one count of conspiracy to commit wire fraud for lying to investors about Theranos products. She faces up to 20 years in prison and a fine of $250,000 plus restitution for each count.
And so, clinical laboratory leaders and pathologists now have a better idea as to how Joe Biden was hoodwinked and endorsed a completely fake blood testing laboratory at Theranos. Can he be blamed for his ignorance of clinical laboratory test technology? Probably not. But it makes for interesting reading.
Clinical labs should proactively investigate how a vendor will respond to a data security incident and how quickly, says expert
Clinical laboratory managers in New York and surrounding areas should be aware that almost one million protected health information (PHI) records from as many as 28 healthcare providers appear to have been stolen from a medical records company that services these providers.
Practice Resources LLC (PRL), a company that provides billing services for dozens of hospitals and medical providers in Central New York, announced in August they were the target of a ransomware attack that occurred on April 12 of this year. The Syracuse-based organization stated that hackers may have captured personally identifiable information (PII) such as names, home addresses, treatment dates, health plan numbers, and internal account numbers of 934,138 patients.
The data breach affected the patient records of dozens of medical providers and the clinical laboratories that service them, as well as physical therapists, pediatricians, gynecologists, orthopedic surgeons, and more.
“When a lab’s vendor has some type of breach, the lab entity that provided the compromised information could have some liability related to the breach,” explained Jim Giszczak, JD (above), McDonald Hopkins, in an interview with The Dark Report over a similar data breach in 2019. “That’s why every lab should be proactive and do a review to understand each vendor’s policies, procedures, training, and response in the event of a breach. Because your lab needs to know how a vendor will respond to a data security incident, and importantly, how quickly it will respond, it’s critical for lab officials to review the contracts they have with vendors that acquire, or have access to, PHI.” (Photo copyright: McDonald Hopkins.)
Not a Scam
“Unfortunately, it’s not a scam,” stated David Barletta, President and CEO of PRL, in an interview with local Syracuse news WSYR. “This really did happen in April—there was a ransomware attack on our system. We brought in forensic accountants and forensic information teams to come and look at what happened.”
PRL sent out more than 940,000 letters to potential victims of the cyberattack in August, noting that some patients may receive more than one letter.
The complete list of “healthcare entities on whose behalf Practice Resources LLC is providing notice of data incident,” according to PRL, includes:
Although their investigation did not uncover any evidence that personal data was misused, PRL has arranged credit monitoring services free of charge for one year from the date of enrollment. The company is also offering proactive fraud assistance to help people with any questions or in case they become a victim of fraud.
“There were no patient social security numbers that were taken. No medical record information was taken,” Barletta told WSYR. “We really, just out of an abundance of caution, felt that it was necessary that we provide them with credit monitoring for a year—just in case.”
Hundreds of Thousands of Patients Affected by Breach
When PRL discovered the data breach, the company took immediate steps to secure its systems and scrutinize the nature and extent of the incident. They then hired a forensic team to investigate what patient data may have been accessed by the hackers, a process that took several months.
“It does take a long time because each client has hundreds of thousands of patients maybe,” Barletta explained. “We have several large clients that really bore the brunt of this.”
According to Barletta, PRL bills about $450 million annually for its clients, which include some major institutions in Central New York. The New York state Attorney General’s office is investigating the hacking incident and delving into whether PRL’s data security was adequate.
As a result of the breach, FamilyCare Medical Group, which serves more than 80 physicians and thousands of patients, lost all of its laboratory data, according to the group’s CEO, Mitchell Brodey, MD. They had to close their lab for several months while their computer system was rebuilt. During this time, all their lab work was sent to another laboratory for analysis, MSN reported.
The PRL ransomware attack was what is commonly known as a third-party data breach. This type of breach occurs when sensitive data is stolen from a third-party vendor, or when their systems are used to access and steal sensitive information stored on other systems.
In the United States, the Federal Trade Commission (FTC) is responsible for enforcing federal privacy and data protection regulations. If a breach affects 500 or more individuals, the company must issue a press release and notify the FTC and all affected consumers within 60 days of the discovery of the breach.
Clinical Labs Should Proactively Review Member Agreements
In 2019, our sister publication The Dark Report covered a major data breach affecting more than 20 million patients. That breach occurred when hackers gained access to the data systems of a third-party bill collector and impacted four of the nation’s largest clinical laboratories:
At that time, The Dark Report asked James Giszczak, JD, Chair of the Litigation Department and Co-Chair of the Data Privacy and Cybersecurity Practice Group at McDonald Hopkins, to provide insight on what steps clinical laboratory leaders should take to avoid and handle data breaches.
“One important lesson from this data breach is how critical it is for clinical labs and pathology groups to be proactive in making sure they review their vendor agreements,” Giszczak stated. “In that review, labs need to know the specific measures each vendor is taking to protect the information the lab is providing to their vendors.”
Giszczak suggested that clinical laboratory leaders make sure they understand each vendor’s policies, procedures, training, and response in the event of a data breach. He reiterated that labs could have some liability related to the breach.