Friday Stats and More

David ErmerCOVID-19, HIPAA Privacy and Security Rules, Rx coverage, U.S. Healthcare, Uncategorized

Based on the CDC’s Cases in the U.S. website, here is the FEHBlog’s chart of new weekly COVID-19 cases and deaths over the 20th through 38th weeks of this year (beginning May 14 and ending September 23; using Thursday as the first day of the week in order to facilitate this weekly update):

and here is the CDC’s latest overall weekly hospitalization rate chart for COVID-19:

For context take a look at this USA Today article on the three leading causes of death in the United States over the past 85 years (ending in 2018). COVID-19 will be taking over at least the spot for the third leading cause of death, which is currently held by accidental injuries.

In other news —

  • Forbes offers an update on Rite-Aid pharmacies and its prescription benefit manager. “Rite Aid said it will fully transition the PBM to Elixir in December and is “committed to becoming a dominant mid-market PBM, Rite Aid chief executive office Heyward Donigan said Thursday on the company’s second quarter earnings call.”
  • Benefits Pro (registration required) discusses the critical importance of educating employees about the advantages of health savings accounts. “Employers and financial advisors should discuss HSAs in the context of emergency savings and retirement planning, not just health care elections during annual enrollment.” The FEHBlog misses his ability to contribute to an HSA, an ability that he lost when he became Medicare eligible last year.
  • The Federal Times notes that Congress appears to be successfully convincing the Trump Administration to allow affected federal employees to opt out of the currently mandatory payroll tax deferral program. The article erroneously states that “The private sector does have the choice of whether to opt into the program, but feds and military members were automatically included.” Just like in the federal sector, it is the employer who makes the primary decision to participate in the payroll deferral program. It’s also the employer’s choice to allow employees to opt out of payroll deferral.
  • HHS’s Office for Civil Rights, which enforces the HIPAA Privacy and Security Rules took a big scalp today. “Premera Blue Cross (PBC) has agreed to pay $6.85 million to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and to implement a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules related to a breach affecting over 10.4 million people. This resolution represents the second-largest payment to resolve a HIPAA investigation in OCR history. PBC operates in Washington and Alaska, and is the largest health plan in the Pacific Northwest, serving more than two million people.” The breach dates from the bad old days of 2014-15 when Anthem and OPM announced massive data breaches due to cyberattacker gaining deep access to company information systems.
  • ZDnet reports on recent cyberattack on an unidentified federal agency system. It’s worth reading because

[While] The name of the hacked federal agency, the date of the intrusion, or any details about the intruder, such as an industry codename or state affiliation, were not disclosed, CISA officially publish[ed] an in-depth incident response (IR) report detailing the intruder’s every step. The report, which ZDNet analyzed today, reveals how the intruder gained access to the federal agency’s internal networks through different channels, such as leveraging compromised credentials for Microsoft Office 365 (O365) accounts, domain administrator accounts, and credentials for the agency’s Pulse Secure VPN server.