FEHBlog

Monday Roundup

David ErmerCDC, COVID-19, Federal employment benefits, OPM, Telehealth, U.S. Healthcare
Photo by Sven Read on Unsplash

From the Federal Employee Benefits Open Season front, Govexec takes “a closer look at 2023 FEHB premiums.”

On a related note, Health Payer Intelligence informs us

Member experience is key to member retention and, in order to boost member experience, payers must consider whether they are offering easy access to care and straightforward care navigation, according to an Accenture report.

The organization surveyed nearly 21,000 Americans who are consumers of both payers and providers.

Reg Jones, writing in the Federal Times, answers a “lightning round” of cost of living adjustment questions posed by federal and postal employees and annuitants.

In other OPM news, Federal News Network reports

With a fast-approaching deadline to apply for a Public Service Loan Forgiveness limited-time waiver, the Office of Personnel Management said agencies should help federal employees with their applications.

If they have the documentation available, agencies can certify a current employee’s entire work history, including that individual’s time working previously at other agencies.

“The federal employee should present a separate PSLF form for each federal agency and period of employment for which they are seeking certification and the agency official should certify each form as appropriate,” OPM wrote in an Oct. 24 memo.

Employment certification forms are just one of the requirements to apply for the temporary PSLF waiver, which expires on Oct. 31.

From the Omicron and siblings front, the New York Times reports

Younger people have also been less likely to receive boosters than the original vaccinations, and only about one-third of people of all ages have received any booster, The New York Times vaccine tracker indicates. But seniors, who constitute 16 percent of the population, are more vulnerable to the virus’s effects, accounting for three-quarters of the nation’s 1.1 million deaths.

“From the beginning, older people have felt the virus was more of a threat to their safety and health and have been among the earliest adopters of the vaccine and the first round of boosters,” said Mollyann Brodie, the executive director of public opinion at Kaiser Family Foundation, which has been tracking vaccination rates and attitudes.

Now Kaiser’s most recent vaccine monitor survey, published last month, has found that only 8 percent of seniors said they had received the updated bivalent booster, and 37 percent said they intended to “as soon as possible.” As a group, older adults were better informed than younger respondents, but almost 40 percent said they had heard little or nothing about the updated bivalent vaccine, and many were unsure whether the C.D.C. had recommended it for them.

(Currently the C.D.C. recommends that individuals over age 5 receive the bivalent vaccine, which is effective against the original strain of Covid-19 and the Omicron variant, if two months have passed since their most recent vaccination or booster.)

The article adds

Kaiser surveys have found that doctors and other health care professionals are trusted sources of information, and the older population is in frequent contact with them.

“If more providers recognized that four in 10 older adults don’t realize there’s a new booster and they should get it, that’s a lot of opportunity to make an impact,” Dr. Brodie said.

While on patient-provider communications, the Washington Post points out a free National Institute of Aging online resource that helps older adults prepare for doctor’s visits.

From the telehealth front, mHealth Intelligence reports

Telehealth usage has dropped significantly since its peak during the pandemic, with visit volumes falling 37 percent from 73.7 million in the second quarter of 2020 to 46.4 million in the first quarter of 2022, according to a new report by market research firm Trilliant Health.

Further, telehealth’s popularity among patients appears to be waning. Less than half (48.7 percent) of patients who used telehealth in 2021 did so once, and only 6 percent used the care modality five to six times last year.

This data “suggests that expanded availability of virtual care options has not had a widespread impact on consumer preferences,” said Sanjula Jain, Ph.D., senior vice president of market strategy and chief research officer at Trilliant Health, in an email. * * *

Though the overall shifts in telehealth use indicate a move back to in-person care, certain sub-groups continue to flock to telehealth.

Telehealth continues to be widely used to access behavioral healthcare services, the report shows. In Q1 2019, 32.4 percent of all telehealth visits were related to behavioral healthcare. That figure spiked to 59.9 percent by Q1 2022.

For providers, “behavioral health presents the greatest opportunity, and deploying virtual behavioral health services can be a good way to reach broader populations, engage existing customers while bringing in new ones, and provide new revenue opportunities via engagement in other care services,” Jain said.

In addition, telehealth-enabled prescribing is on the rise, according to the report. Around 35 percent of antidepressants and anti-anxiety drugs were prescribed via telehealth in 2020 and 2021, compared to 1 percent in 2019.

In studies news, STAT News discusses the importance of fine-tuning artificial intelligence tools before releasing them for patient use and the cardiovascular differences between women and men.

Weekend update

David ErmerACA, CDC, CMS, Congress, COVID-19, Federal employment benefits, Medicare, Mental health care, OPM, Rx coverage, SDOH, U.S. Healthcare

Congress remains on the campaign trail this week.

This is Red Ribbon Week, “an ideal way for people and communities to unite and take a visible stand against drugs.”

Speaking of illegal drugs, the Wall Street Journal tells the stories of three “high achieving” New York City dwellers who died on one day in March 2021 due to fentanyl-laced cocaine delivered by a single dealer.

New York City authorities have been warning of the risks of unknowingly taking fentanyl in cocaine and of its increased presence in cocaine seized by police. Health officials put up posters and sent drink coasters to clubs warning cocaine users to start with a small dose and to have naloxone, an opioid reversal drug, on hand to counter an overdose. They are handing out fentanyl testing strips that can be used to test cocaine and other drugs for fentanyl’s presence.

Multiple people died within hours from tainted cocaine in Long Island, N.Y., and in Newport Beach, Calif., last year. Nine were killed in Washington, D.C., in January. Law-enforcement officials said dealers often use coffee grinders or other basic equipment to cut drugs and prepare them for sale, which can result in deadly batches.

From the FEHB front, Tammy Flanagan, writing in Govexec, advises federal and postal employees and annuitants on how to prepare for the upcoming Federal Employee Benefits Open Season. The FEHBlog’s advice is to stack your plan’s summary of benefits and coverage which is available on all FEHB plan websites against other plans in which you are interested. The summary of benefits and coverage, which is an Affordable Care Act requirement, is four double-sided pages including consumer-tested practical information.

From the Omicron and siblings’ front

  • STAT News reports “FDA’s vaccines chief [Peter Marks, MD] sees the possibility of more Covid boosters — sooner than he’d like.”

Pfizer is considering hiking the price of its COVID-19 vaccine by roughly four times what it currently charges as it prepares for sales in the U.S. to shift from government contracts to the private market.

The pharmaceutical company is targeting between $110 and $130 per adult vaccine dose after that transition, said Angela Lukin, Pfizer’s head of global primary care and U.S. president, on an analyst and investor call Thursday.

“We feel confident that this range will be seen as highly cost effective and definitely one that will help to enable and ensure appropriate access and reimbursement to the vaccine,” Lukin said on the call. Discussions with insurers are still in early stages, she added.

No doubt this charming development seeks to pressure Congress to add more federal Covid dollars in the lame-duck session following the November 8 Congressional election.

In other vaccine news, MedPage Today reports

  • The CDC’s vaccine advisors updated their recommendations to clarify when to administer the 20-valent conjugate pneumococcal vaccine (PCV20; Prevnar 20) in adults who previously received the 13-valent conjugate vaccine (PCV13; Prevnar 13).
  • Three doses of hepatitis B vaccine with a cytosine phosphoguanine adjuvant (HepB-CpG; Heplisav-B) notched a perfect mark when it came to seroprotection for people with HIV who had never before been vaccinated against the hepatitis B virus (HBV), early results of a phase III trial showed.

In prescription drug development news, Fierce Healthcare points out “three drugs are set for FDA determinations soon.” The article explains why Optum says payers should take notice.

From the monkeypox front, Medpage Today adds

Cases of monkeypox are continuing to decline in the U.S., but the disease is still disproportionately affecting people of color, a White House official said.

“In the U.S., about 27,635 cases were reported as of yesterday,” Demetre Daskalakis, MD, White House National Monkeypox Response deputy coordinator, said at an online briefing Thursday. “We continue to have a decrease over time — we’re about 85% down from where we were at the peak of the outbreak. So that’s a lot of hopeful news, that we continue to see monkeypox going under better and better control.”

From the mental healthcare front, the Department of Health and Human Services “through the Substance Abuse and Mental Health Services Administration (SAMHSA), announced more than $100 million this week in funding from the Bipartisan Safer Communities Act (BSCA) to states and territories for mental health emergency preparedness, crisis response, and the expansion of 988 Suicide & Crisis Lifeline services. BSCA, signed into law by President Biden earlier this year, provided unprecedented funding to address the nation’s mental health crisis and make our communities safer.”

From the maternal care front, Health Payer Intelligence informs us Blue Cross and Blue Shield of Michigan has “decided to go beyond traditional maternal healthcare benefits, such as prenatal and postpartum care coverage. They teamed up with a virtual care provider for women and family health, Maven, to offer a suite of solutions that integrated family care and maternal healthcare.”

From the SDOH front, Beckers Payer Issues relates

In a letter to HHS Secretary Xavier Becerra and Management and Budget Office Director Shalanda Young, AHIP explained its vision for how demographic data can be improved and standardized across the healthcare system. 

Five things to know about the association’s recommendations for improving demographic data:  

1. Current challenges with demographic data include the lack of specificity for questions on race. AHIP highlights that current census and HHS standards do not include an option for people to identify as Arab, Middle Eastern or North African. Additionally, AHIP recommends options should be tailored to the local area, depending on the populations that live there. 

2. Current demographic questions do not have an “I choose not to respond” option. AHIP advises that a lack of information about how demographic information is used can lead to a lack of trust from patients. 

3. Current regulations that require multiple providers and payers to collect demographic information lead to inconsistent results and greater burden on patients, AHIP says.

4. To reduce burdens on providers and patients, AHIP wants demographic data to be electronic and able to be shared with other places in the healthcare system with patient consent. 

5. AHIP wants a wide range of government agencies to adopt its recommendations for demographic data collection, which include questions on race, ethnicity, language preference, sexual orientation, gender, diability status, veteran status and spirtual beliefs. 

Read the full letter here.

Interesting approach.

From the miscellany department —

  • STAT New discusses weaknesses in traditional Medicare catastrophic coverage. FEHBlog suggests that Congress stop permitting Medicare supplemental plans to impose pre-existing condition limitations unless circumscribed by state law.
  • The Society for Human Resources Management tells us

Employee 401(k) contributions for 2023 will top off at $22,500—a $2,000 increase from the $20,500 cap for 2022—the IRS announced on Oct. 21. Plan participants age 50 or older next year can contribute an additional $7,500, up $1,000 from 2022. * * *

he limit on total employer-plus-employee contributions to defined contribution plans will increase to $66,000 in 2023, up by $5,000 from $61,000 in 2022. “This limit usually increases by $1,000 at a time but now it’s jumping five steps in one year,” Sit said.

The IRS announced the 2023 adjustments for 401(k) and similar defined contribution plans, and for defined benefit pension plan, in Notice 2022-55.

  • The American Hospital Association reports “The AHA and American Medical Association Oct. 19 filed a friend-of-the-court brief in support of a Texas Medical Association lawsuit claiming the revised independent dispute resolution process for determining payment for out-of-network services under the No Surprises Act skews the arbitration results in commercial insurers’ favor in ways that violate the compromise Congress reached in the Act.”
  • Business Insurance tells us “The U.S. Department of Justice has asked for more details on CVS Health Corp.’s proposed $8 billion deal to buy Signify Health, in a possible indication that the transaction will face a longer deal review rather than a quick approval, Reuters reports. The deal, announced last month, was expected to face a tough antitrust review even though the two companies do not compete directly in any market, according to experts.”
  • Following up on last Thursday’s post, RSV is a type of common cold according to the CDC.

Cybersecurity Saturday

David ErmerCybersecurity

From the cyber policy front —

Cybersecurity Dive reports

National Cyber Director Chris Inglis said the Biden administration’s long-anticipated national cybersecurity strategy could be ready as early as late November but may take a couple of additional months for final completion. 

Inglis, speaking at the mWISE conference in Washington D.C. Wednesday, said the strategy would focus heavily on international cybersecurity issues as well as workforce development concerns, a major issue for the information security industry.

Officials have made considerable outreach to the private sector in terms of developing the strategy, with two-thirds of about 300 engagements being made with private industry officials.

and

Water, hospitals and K-12 schools will be the primary area of focus for the Cybersecurity and Infrastructure Security Agency over the next year, CISA Director Jen Easterly said Thursday at Mandiant’s mWISE Conference. 

Healthcare and water are among 16 critical infrastructure sectors CISA and other federal agencies have identified as “so vital to the U.S. that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof.” While schools are not considered critical infrastructure, they represent a soft target that is frequently hit by debilitating ransomware attacks.

CISA, in a bid to prioritize risk management and cyber resilience guidance across critical services, is placing higher emphasis, at least initially, on what Easterly describes as “target-rich, resource-poor entities.”

Health IT Security adds

For healthcare, further federal security guidance could help the sector manage risk amid an increasingly complex and active cyber threat landscape. In 2021, the healthcare sector fell victim to ransomware more than any other critical infrastructure sector, the Federal Bureau of Investigation found.

“We unfortunately continue to see ransomware attacks against hospitals, which could be helped if hospitals had a baseline to establish, maintain, and measure their cyber security hygiene and level of preparedness,” Stacy O’Mara, senior director of government affairs at Mandiant, told HealthITSecurity.* * * *

A streamlined approach could help to ease the burden on individual entities.

“While all of these existing regulations are helpful to the healthcare sector – and should evolve to account for evolving threats to patients’ medical records, medical devices, and hospitals’ networks and systems – the federal government needs to continue its efforts to harmonize and streamline regulatory requirements,” O’Mara suggested.

Amen to that suggestion.

From the cyber breach front, Fierce Healthcare tells us

Advocate Aurora Health gave notice to patients that their health data may have been exposed through tracking technology. 

Up to 3 million patients may have been impacted in the breach against the health system, which is one of the Chicago area’s largest healthcare providers.

Advocate Aurora explained in a statement on its website that through the use of internet tracking technologies certain interactions on the provider’s website were leaked. The technologies from companies like Google and Facebook’s parent company Meta put pieces of code, called pixels, on certain websites and applications.

“These pixels or similar technologies were designed to gather information that we review in aggregate so that we can better understand patient needs and preferences to provide needed care to our patient population,” the health system said in the online statement. “We learned that pixels or similar technologies installed on our patient portals available through MyChart and LiveWell websites and applications, as well as on some of our scheduling widgets, transmitted certain patient information to the third-party vendors that provided us with the pixel technology.”

The health system said it has disabled and/or removed the pixels from its platforms and launched an internal investigation to better understand what patient information was transmitted to third-party vendors. * * *

Advocate Aurora had advised patients to use browser tracker-blocking features or incognito mode when logging into medical portals. It also suggests that those Facebook or Google accounts examine their privacy settings.

Wow.

Cybersecurity Dive discusses a former Uber chief security officer conviction stemming from the handling of a ransomware incident.

Sullivan was convicted of obstructing a Federal Trade Commission probe, which had been investigating a prior breach at Uber. He was also convicted of a rarely charged crime called misprision, which involves knowing concealment of a crime.

Following the verdict, U.S. Attorney Stephanie Hinds said federal authorities expect companies to promptly alert customers and appropriate authorities when such data is stolen by hackers. 

“Sullivan affirmatively worked to hide the data breach from the Federal Trade Commission and took steps to prevent the hackers from being caught,” Hinds said in the announcement of the verdict by the Department of Justice. “We will not tolerate concealment of important information from the public by corporate executives more interested in protecting their reputation and that of their employers, than in protecting users.”

Sullivan faces up to five years in prison for obstruction and up to three years in prison for misprision of a felony. 

From the cyber vulnerabilities front —

Cybersecurity Dive informs us

The Apache Commons Text team is urging users to upgrade to version v1.10.0, which disables faulty interpolators at the center of a critical vulnerability that some security researchers have now dubbed “Text4Shell.” 

Those using an earlier version of commons text are considered safe from the vulnerability. Apache says users are only affected when using a stringsubstitutor API without properly sanitizing untrusted input, according to a blog post released Tuesday. 

The upgrade to v1.10.0 will serve as a quick workaround, however the best option is to properly validate and sanitize any untrusted input.

CSO Online reports

Distributing malware inside password-protected archives has long been one of the main techniques used by attackers to bypass email security filters. More recently, researchers have spotted a variation that uses nested self-extracting archives that no longer require victims to input the password.

“This is significant because one of the most difficult obstacles threat actors face when conducting this type of spam campaign is to convince the target to open the archive using the provided password,” researchers from Trustwave SpiderLabs said in a new report.

The Cybersecurity Intelligence and Security Agency “released a security update to address vulnerabilities affecting Cisco Identity Services Engine (ISE). A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing high and low severity vulnerabilities, see the Cisco Security Advisories page.”

From the ransomware front, the American Hospital Association reports

The FBI, Cybersecurity and Infrastructure Security Agency and Department of Health and Human Services today [October 21] alerted U.S. organizations to a cybercrime group targeting the health care sector with ransomware and data extortion operations. The group has attacked multiple organizations since June, deploying ransomware to encrypt servers responsible for health care services, exfiltrating personal identifiable information and patient health information, and threatening to release the information if a ransom is not paid. The advisory includes indicators of compromise and recommended actions to protect against these attacks.

“This particularly urgent alert is directly relevant to ongoing ransomware threats currently targeting hospitals and health systems,” said John Riggi, AHA’s national advisor for cybersecurity and risk. “The report also contains actionable indicators of compromise, malware signatures that should be loaded into network defense and intrusion detection systems. If there is any indication of this ransomware being present on hospital or health system networks, it is recommended that immediate steps be taken to contain, isolate and remediate. It is also strongly recommended that local FBI and CISA field offices be contacted immediately.”

Here’s the latest Bleeping Computer Week in Ransomware.

From the cyber defenses’ front —

Health IT Security informs us

Enabling multi-factor authentication (MFA) is “the single most important thing Americans can do to stay safe online,” Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly wrote in a CISA blog post.

But Easterly encouraged businesses and technology vendors in particular to go one step further and ensure that FIDO authentication is part of their MFA implementation plans.

“We’ve known for years that any form of MFA is better than no MFA. That’s still true, but we’ve also known that at some point ‘traditional MFA’ would become ‘legacy MFA’ and need to be reassessed or even replaced,” Easterly wrote.

“Luckily a group of companies formed the FIDO Alliance to create a phishing-resistant form of MFA.”

According to its website, the FIDO Alliance is an open industry association united by the goal of reducing “the world’s over-reliance on passwords.”

The FIDO Alliance has globally available technical specifications and industry certification programs that make authentication simpler and more secure.

Security Magazine provides an overview of cyber defenses drawn from an IBM report.

Friday Stats update

David ErmerCOVID-19, Uncategorized

Heavens to Betsy! The Centers for Disease Control this week stopped posting daily updates of new Covid cases and death which were the basis for the FEHBlog’s Friday Covid charting. The FEHBlog’s work travel has not allowed him time to consider a new approach to his Covid charting.

Alternatively, there’s the CDC’s weekly interpretation of its Covid statistics. The interpretation notes

CDC is using multiple surveillance systems to monitor variants in the United States. Data from each system plays an important role in helping us understand the emergence of new variants, whether they’re entering the United States and spreading, and which variants are most prevalent within communities. On October 20, 2022, COVID Data Tracker added a new Variant Summary page, which summarizes three systems that are being used to monitor variants. For more information on these systems, see A Closer Look.

Have a great weekend.

Thursday Miscellany

David ErmerAHRQ, CDC, COVID-19, Mental health care, NIH, OPM, Rx coverage, U.S. Healthcare
Photo by Josh Mills on Unsplash

From the OPM front, an OPM press release informs us

The U.S. Office of Personnel Management (OPM) released government-wide results of the 2022 OPM FEVS today. The OPM FEVS is an employee survey that tracks how federal employees view their current work environment, including management, policies, and new initiatives. OPM FEVS is an unmatched government data asset that assists agencies to hire and support the skilled workforce needed to serve the American people.

According to Gallup, employee engagement for the total U.S. workforce has declined for the past two years by a total of four percentage points, the first time it has dropped in over a decade. The OPM FEVS government-wide employee engagement index dropped one percentage point from 2020 to 2021, and then stabilized above pre-pandemic levels at 71 percent in 2022. In 2019, this metric stood at 68 percent.

Additional highlights from the 2022 OPM FEVS government-wide results include:

* The Performance Confidence Index, which measures employees’ view that their work unit can achieve goals and produce at a high level, remains high at 84 percent.

* The 2022 OPM FEVS includes a new Diversity, Equity, Inclusion and Accessibility (DEIA) Index, which shows 69 percent of respondents report positive perceptions of agency practices related to DEIA.

* The 2022 OPM FEVS newly evaluates Innovation and to what extent leadership encourages and supports new ideas and innovative approaches. The survey scores show success and opportunities for innovation encouragement, with 64 percent of employees consistently looking for new ways to improve work and 56 percent noting that management encourages innovation.

In other encouraging news, Federal News Network reports

Suicides across the active duty U.S. military decreased over the past 18 months, driven by sharp drops in the Air Force and Marine Corps last year and a similar decline among Army soldiers during the first six months of this year, according to a new Pentagon report and preliminary data for 2022.

The numbers show a dramatic reversal of what has been a fairly steady increase in recent years.

The shift follows increased attention by senior military leaders and an array of new programs aimed at addressing what has been a persistent problem in all the services, although it’s unclear what impact any of the programs had or if pandemic-related restrictions played any role in the decline.

On a related note —

  • The actuarial consulting firm WTW released the employer survey findings

Two out of three U.S. employers (67%) plan to make employee mental health and emotional wellbeing programs and solutions one of their top three health priorities over the next three years. Additionally, the number of employers that intend to offer designated mental health days could triple from 9% currently to 30% in the next two years.

  • The U.S. Surgeon General offers best practices for designing employer-sponsored mental health programs.

From the Omicron and siblings, front MedPage Today tells us

The CDC’s Advisory Committee on Immunization Practices (ACIP) voted unanimously Thursday to add COVID-19 vaccination to its panel of routine immunizations for both kids and adults. The 15-0 vote does not mandate vaccination for children or adults or prevent unvaccinated children from attending school; it’s simply an annual update to the child and adult immunization schedules, panelists pointed out.

The ACIP decision does mandate that health plans cover Covid vaccines without member cost sharing after the public health emergency expires, likely next year.

In other public health news, the Wall Street Journal reports

Physicians are reporting unseasonably high numbers of respiratory illnesses in children, straining many children’s hospitals before the typically busier winter months.

Juan Salazar, physician in chief at Connecticut Children’s Medical Center in Hartford, Conn., said a sharp increase in cases of respiratory syncytial virus, or RSV, has filled up hospital beds at his facility, creating capacity issues. 

RSV is an easily transmissible virus that infects the respiratory tract. The virus spreads through droplets from coughing and sneezing and on surfaces. Positive tests for RSV have been on the rise across the U.S., according to the Centers for Disease Control and Prevention. The rise in cases has come ahead of the typical winter peak for such illnesses, hospital officials said. 

For most people, RSV amounts to a cold, and nearly all children come in contact with the virus by the age of two, health authorities said. But it can be severe for some infants and older adults, especially for those that have pre-existing health conditions. 

Much like influenza, RSV cases were flattened during the first year of the Covid-19 pandemic. The respiratory virus that typically circulates in the fall and winter then rebounded in the summer of 2021.  

Is RSV the official name for the common cold? Calling Dr. Google. Perhaps people should choose to wear N-95 masks in the winter.

From the Rx coverage front

The Institute for Clinical and Economic Review (ICER) today released a Final Evidence Report assessing the comparative clinical effectiveness and value of subcutaneous semaglutide (Wegovy, Novo Nordisk), liraglutide (Saxenda, Novo Nordisk), phentermine/topiramate (Qsymia, Vivus Pharmaceuticals), and bupropion/naltrexone (Contrave, Currax Pharma) for the treatment of obesity.

“The vast majority of people with obesity cannot achieve sustained weight loss through diet and exercise alone,” said David Rind, MD, ICER’s Chief Medical Officer. “As such, obesity, and its resulting physical health, mental health, and social burdens is not a choice or failing, but a medical condition. The development of safe and effective medications for the treatment of obesity has long been a goal of medical research that now appears to be coming to fruition. With a condition affecting more than 40% of adults in the US, the focus should be on assuring that these medications are priced in alignment with their benefits so that they are accessible and affordable across US society.”

Downloads: Final Evidence Report | Report-at-a-Glance | Policy Recommendations

This report is worth a gander because OPM is requiring coverage of next-gen obesity drugs for 2023.

It turns out that October is health literacy month.

  • The Labor Department’s Assistant Secretary for Employee Benefits offers employees five tips for making health benefits work.
  • The HHS Agency for Healthcare Quality and Research gives healthcare providers a complete literacy manual, 2nd edition.

Of course, October is also breast cancer awareness month, and Yale New Haven hospital issued with newsletter with advice on that critical topic.

Breast cancer is the second most common cancer among American women, except for skin cancer – but millions of women are surviving the disease, thanks in part to regular screening, early detection and improvements in treatment.

“Compared to 15 or 20 years ago, the proportion of early-stage breast cancers we are seeing in our clinics is significantly higher. We can directly attribute this to the improvements in screening technologies, in mammography, tomosynthesis, breast MRI, breast ultrasound and computer-assisted detection methods over the years,” said Meena Moran, MD, chief of Breast Radiation Oncology for the Smilow Cancer Network. “Another major factor attributing to earlier detection over the last two decades is the overall increased awareness of breast cancer and the importance of screening in the general population.”

From the miscellany department —

  • The International Foundation of Employee Benefit Plans discusses “Optimizing Outcomes and Containing the Costs of Surgery.”
  • Reg Jones writing in the Federal Times, provides the math on calculating Social Security benefits, especially early retirement benefits.

Midweek update

David ErmerCDC, CMS, COVID-19, Mental health care, NCQA, NIH, No Surprises Act, Rx coverage, SDOH, U.S. Healthcare
Photo by Tomasz Filipek on Unsplash

From the Omicron and siblings front —

Novovax announced that

the Novavax COVID-19 Vaccine, Adjuvanted (NVX-CoV2373) has received emergency use authorization (EUA) from the U.S. Food and Drug Administration (FDA) to provide a first booster dose at least six months after completion of primary vaccination with an authorized or approved COVID-19 vaccine to individuals 18 years of age and older for whom an FDA-authorized mRNA bivalent COVID-19 booster vaccine is not accessible or clinically appropriate, and to individuals 18 years of age and older who elect to receive the Novavax COVID-19 Vaccine, Adjuvanted because they would otherwise not receive a booster dose of a COVID-19 vaccine.

“The U.S. now has access to the Novavax COVID-19 Vaccine, Adjuvanted, the first protein-based option, as a booster,” said Stanley C. Erck, President and Chief Executive Officer, Novavax. “According to CDC data, almost 50 percent of adults who received their primary series have yet to receive their first booster dose. Offering another vaccine choice may help increase COVID-19 booster vaccination rates for these adults.”

Reuters adds

Moderna Inc said on Wednesday its COVID-19 vaccine booster targeting the BA.1 subvariant of Omicron generated a strong immune response against that variant, with antibody levels staying high for at least three months.

Omicron-tailored shots by Pfizer Inc  and Moderna are already authorized by regulators in several countries. The United States has given the go-ahead for booster vaccines that target the currently circulating BA.4 and BA.5 subvariants of Omicron.

The New York Times provides an update on the new Omicron variants, including this critical point

Fortunately, Paxlovid works against these new variants. The mutations that make them spread so quickly are changes to the surface of the virus where it locks onto cells and where antibodies attach to it. Paxlovid attacks the virus in a different way. It detects the virus after it’s inside the cell and is replicating, and these new subvariants seem to be just as vulnerable to Paxlovid as the earlier variants.

Health Payer Intelligence reports

Federal funding was crucial in enhancing access to coronavirus resources during the initial phases of the pandemic, but questions remain about what will occur when the public health emergency ends and how it will impact consumer healthcare spending, according to a Kaiser Family Foundation brief.

The end of the public health emergency is still undetermined. However, experts have projected that it will end in 2023. The scheduled termination has been pushed back multiple times. Its final termination will signal the end of various flexibilities and protections that have been tied to the declaration.

Additional Covid funding is likely to occur in the Congressional lame-duck session following the November 8 election, in the FEHBlog’s opinion.

From the U.S. healthcare business front —

Fierce Healthcare tells us

Patient volumes continue to remain below pre-pandemic levels for hospitals and health systems this year as COVID-19 likely accelerated a shift to outpatient settings, a new report finds. 

Consulting firm Kaufman Hall released its “2022 Healthcare Performance Improvement” report (PDF), which outlines the barriers hospitals and health systems face in a rough year financially. Another key obstacle continues to be workforce shortages, as more and more facilities shift resources to retain staff. 

“Healthcare leaders must navigate short-term challenges that continue to pressure revenue and expenses, while also adapting organizational strategy to match larger transformations in the way care is delivered,” said Kaufman Hall Managing Director Lance Robinson in a statement on the report. 

and offers a discussion of an expert-touted hybrid approach to compensating primary care providers. In the FEHBlog’s view, adequately paying PCPs is critically important to resolving SDOH and mental health issues adversely impacting our country.

In the regard

  • A National Institutes of Health study uncovered racial disparities in advanced cardiac care.
  • STAT News reports on another SDOH study

When Sarka Lisonkova and her colleagues set out to study disparities in the birth outcomes of people who’ve used methods like IVF, they figured that any inequities that existed would be narrower in this group. After all, it can be expensive to get pregnant with medical assistance, and wealth is tied to better outcomes.

Instead, the researchers reported Wednesday, the racial and ethnic disparities for some metrics were even wider for babies of parents who had used IVF or other fertility treatments than among children who were conceived “spontaneously.”

One key finding: while neonatal mortality rates were twice as high among spontaneously conceived children of Black women versus white women, they were four times as high among infants of Black women conceived through technologies like IVF, according to the researchers’ study, which was published in the journal Pediatrics.

  • The National Committee for Quality Assurance gives us an update on their efforts to stratify HEDIS measures results by racial and ethnic categories.

In other U.S. healthcare business news, Healthcare Dive reports

As the U.S. heads toward a possible recession, Elevance Health CEO Gail Boudreaux said the insurer is preparing for a possible economic decline.

“Certainly we’re mindful of an economic downturn. We’re planning for it in our businesses,” Boudreaux said on a Wednesday call with investors to discuss third-quarter earnings.

Job losses spurred by a recession could cut into commercial enrollment for insurers who generate revenue from selling health coverage to employers of all sizes. About half of the U.S. population relies on employer-based insurance for coverage.

Elevance’s profit climbed to $1.6 billion for the third quarter, a 7% increase compared with the prior-year period on a bigger membership base of 47.3 million members.

Becker’s Payer Issues tells us

Despite little growth in the cost of medical services over the last year, inflation has finally caught up with healthcare.

As of September, medical services costs have risen 6.5 percent year over year, according to a Bureau of Labor Statistics report released Oct. 13. 

Analysts like Fitch have said the rise in costs will lead to payers raising insurance premiums across the board because of the growing cost pressures on providers, including workforce disruptions.

Studies have already confirmed employers are preparing for higher healthcare expenditures next year because of inflation. Aon analysts said Aug. 18 that U.S. employers’ healthcare costs are expected to rise by an average of 6.5 percent, or $13,800 per employee, in 2023.

“The only 100 percent sure way to keep within budget as the medical industry (especially hospitals) demand more and more is to raise premiums, increase deductibles, higher copays and coinsurance,” James Gelfand, president of the ERISA Industry Committee, told The Washington Post Oct. 14. “Employers hate to do this, but the medical-industrial complex demands an ever-increasing share of workers’ wages.”

The rise in insurance costs could begin to appear when employees sign up for employer-sponsored coverage during their next enrollment period, a trend that could continue through at least 2024, according to the Post.

STAT News reports

A large commercial insurer’s decision to cover a controversial class of software-based treatments for psychiatric and other conditions could prove to be a landmark moment in the development of these so-called prescription digital therapeutics, which until now had been unable to secure coverage from insurers skeptical that the new technologies are as effective as their makers claim.

Pittsburgh-based Highmark quietly put in place a policy in August describing when these treatments may be “medically necessary,” which paves the way for the health insurer to be the first to cover the category for a population of millions of members.

The policy indicates Highmark’s intention to pay for claims only for prescription digital therapeutics cleared by the Food and Drug Administration when prescribed by a clinician within the appropriate specialty and used as indicated on product labels. Highmark is currently negotiating with product developers about how much it will pay for individual treatments and over details such as what constitutes an “episode of care,” said Matt Fickie, a senior director at Highmark, which has 6 million members in Pennsylvania, Delaware, West Virginia, and New York. “That’s the part that is sticky and that requires additional work,” he told STAT.

From the Rx coverage front —

STAT News informs us

After an extraordinary three-day hearing, an expert panel of advisers to the U.S. Food and Drug Administration voted on Wednesday to uphold an effort by the regulator to withdraw a controversial drug for preventing premature births.

The 14-to-1 vote came after the agency and Covis Pharma, the manufacturer of the drug, offered highly contrasting views of reams of clinical evidence — which they parsed in excruciating detail — in order to settle the fate of the treatment, known as Makena.

The FDA successfully persuaded the panel that the medication should be withdrawn because the results of a clinical trial, which was required when the agency approved Makena [on an accelerated basis] in 2011, failed to show the expected benefit. For its part, Clovis maintained that a follow-up trial showed its drug did benefit a select subset of patients — including Black women — but struggled to convince the panel that the drug should remain available while a lengthy follow-up study is run to confirm its argument.

The sentiment among most panelists was reflected in remarks by Susan Ellenberg, a professor emeritus of biostatistics, medical ethics, and health policy at the Perelman School of Medicine at the University of Pennsylvania, who said “unmet need is not a basis for keeping a drug available when you don’t know if it works.”

The FDA Commissioner, Robert Califf, MD, is the final decision maker.

The NCQA has created

A new website adds two key resources in the fight against antibiotic resistance:

* A How-To Toolkit: Webinars and written summaries outline best practices, emerging trends and lessons from the field about savvy stewardship of antibiotics.

* An “Honor Roll”: Learn which health plans’ management of antibiotics leads the industry.

From the No Surprises Act front, CMS today issued updated guidance on how to initiate an NSA arbitration. The new guidance reflects the revised final independent dispute resolution rule published this past summer.

Tuesday Tidbits

David ErmerCDC, COVID-19, Federal employment benefits, Medicare, OPM, Rx coverage, SDOH, U.S. Healthcare
Photo by Patrick Fore on Unsplash

Let’s lead off with the OPM Inspector General’s new annual report on top management challenges facing the agency. This is the first such report of the current Inspector General Krista Boyd. The report’s FEHB Program concerns focus on prescription drug spending, eligibility issues, and the Postal Service Health Benefits Program.

As the FEHBlog has noted, FEHB prescription drug spending is not a unique FEHB issue. While the Inspector General’s report calls attention to these statistics:

As in prior years, drug costs continue to increase in the FEHBP. Currently, total FEHBP drug
costs (excluding drugs administered in an inpatient hospital setting) represent approximately 32
percent of total health care costs. Approximately 23 percent of total FEHBP health care costs are
attributable to the pharmacy benefit alone (drugs dispensed through outpatient pharmacies). As
of 2021, FEHBP pharmacy benefits represented more than $13 billion annually.

To place these statistics in context, the FEHB again calls attention to the fact that the FEHB Program has a large cadre of annuitants with primary Medicare Parts A and B coverage. This group understandably does not enroll for Medicare Part D prescription drug coverage. As a result, Medicare picks up the bulk of cost of FEHB hospital and doctor expenses for this group, while FEHB covers virtually of the pharmacy spending for this group. The FEHBlog is unaware of any other large employer in this situation because employers who have retiree health coverage generally rely on Medicare Advantage plans.

The saving grace found in Congress’s design of the FEHB Program is that all enrollees are in one risk pool per plan option which allows carriers to compete and also use group insurance principles to spread costs among all enrollees. Medicare prime annuitant and younger enrollees subsidize the more costly people in the middle.

The FEHBlog agrees with the Inspector General that the FEHB has eligility issues principally because OPM in contrast to every other employer in the U.S. reports enrollment and premiums separately. Typically health plans receive enrollment rosters known as HIPAA 820 standard electronic transactions that list each enrolled individual and the premium paid for that individual. This allows the health plan to systematically compare the roster and premiums against their records. A plan for example would know that OPM is paying it for self only coverage when according to the plan’s records the member has self plus one coverage.

OPM has been building a master enrollment index which is one of the steps that OPM has been taking in the right direction. In the FEHBlog’s opinion, implementing the HIPAA 820 standard transaction would take eligibility off of the Inspector General list of management challenges.

As for the Postal Service Health Benefits Program, the FEHBlog has confident that OPM, with support from the Postal Service and carriers, to launch the PSHBP on time January 1, 2025.

Here’s a Govexec article on the report which takes a broader perspective.

From Omicron and siblings front —

  • STAT News reports on the federal government’s and drug manufactures efforts to close the developing treatment gap for immunocompromised folks who contract certain strains for Omicron, e.g., BA 4.2.y and BQ.1

[Monoclonal antibody] Evusheld is still effective against many variants, but it is not possible for physicians to know which strains a patient using it as prophylaxis could be exposed to, an AstraZeneca spokesperson told STAT.

“Variants are rarely dominant for more than a few months — they tend to either evolve further into different subvariants or are replaced by newer variants,” the spokesperson said, adding the company is running early studies on other antibody options. * * *

Complicating the matter, the next potential monoclonal antibody — an Eli Lilly treatment dubbed bebtelovimab — could be ready within two months, but it has already been shown ineffective against the other fast-rising variant, BQ.1. The federal government has purchased 60,000 bebtelovimab doses for uninsured and under-insured patients, according to two people familiar with the HHS monoclonal antibody planning.

In the HHS meeting, officials discussed the prospect that BA.4.6’s rise could render Evusheld ineffective within two months. They laid out the timelines for as many as six potential alternates in the pipeline, according to two people familiar with the discussion.

a new national biodefense strategy, aiming to adapt lessons drawn from the rocky response to the Covid-19 pandemic as it prepares the country for future public health emergencies.

The strategy, which has been long anticipated, includes such goals as strengthening public health workforces both in the United States and globally, and establishing international mechanisms to bolster laboratory safety.

The government’s plan outlines policy targets for more than 20 federal agencies to help the country and world try to prevent epidemics, detect them faster, respond when they occur, minimize their impact, and recover, senior administration officials said on a call with reporters Monday as they previewed the strategy. Oversight for the strategy will be at the White House, under the national security advisor.

  • On a related note, Insurance News Net discusses the pandemic’s adverse impact on the life insurance industry, and Healthcare Dive tells us “The HHS’ current management of the strategic national stockpile and its subsequent relaying of information to Congress is fractured and needs updates to ensure the country is prepared for future public health emergencies, according to a report from the Government Accountability Office.”

From the SDOH front, MedPage Today delves into a CDC Vital Signs reports released yesterday

Influenza-associated hospitalization rates were nearly 80% higher among Black adults compared with white adults from 2009-2010 to 2021-2022, according to a CDC Vital Signs report released Tuesday.

These rates were also 30% higher among American Indian/Alaska Native (AI/AN) adults and 20% higher among Hispanic adults compared with white adults, reported Carla L. Black, PhD, of the CDC’s National Center for Immunization and Respiratory Diseases, and colleagues.

Furthermore, vaccination coverage for influenza has been “consistently lower among Black, Hispanic, and American Indian and Alaska Native adults since 2010,” she noted on a call with reporters.

During the 2021-2022 flu season, vaccination coverage was lower among Hispanic (37.9%), AI/AN (40.9%), Black (42.0%), and other/multiple race (42.6%) adults compared with coverage among white (53.9%) and Asian (54.2%) adults, Black and team said.

From the IRS front, the Service issued its annual notice of inflation adjustments to tax items for the 2023 tax year. The Wall Street Journal adds “The Internal Revenue Service adjusted key tax code parameters for 2023 to reflect higher inflation, raising the standard deduction and the income thresholds where tax rates take effect.” The notice also includes many inflation adjustments to tax-exempt or deductible employees benefits. You will find a handy table of contents at the front of the notice.

From the miscellany department

  • The Justice Department on the Food and Drug Administration’s behalf has asked various federal courts to shut down the e-cigarette operations of six manufacturers.
  • The Justice Department also announced Sutter Health’s agreement “to pay $13 million to settle allegations that it billed government health programs for lab tests performed by others,” said U.S. Attorney Stephanie M. Hinds. ‘Government health care programs [including the FEHB in this case] must be protected, and this office will investigate and pursue health care providers that fail to provide the services paid for by public health care programs.’”

Apple will reportedly enter the health insurance business in 2024 in partnership with a major payer, Forbes reported Oct. 18.

CCS Insight’s chief analyst predicts the tech giant will power the new offering through health data collected by Apple Watches, such as blood pressure, blood oxygen levels, ECG readings and body temperature. The analyst said having access to this data from the beginning gives the company an advantage toward entering the market and cutting costs.

Apple is already a flagship partner in John Hancock’s Vitality program and UnitedHealthcare’s commercial plans.

  • Reg Jones writing in the Federal Times explains how to enroll for Medicare Part without incurring a late enrollment penalty. It’s not hard if you know the rules.

Monday Roundup

David ErmerACA, CDC, COVID vaccine mandate, COVID-19, Federal employment benefits, Government Contracting, No Surprises Act, Rx coverage, U.S. Healthcare
Photo by Sven Read on Unsplash

From the FEHB Open Season front, OPM issued today its annual open season benefits administration letter identifying FEHB and FEDVIP contract changes for 2023 A/K/A, the Significant Changes letter and appendix. OPM also released its Federal Benefits Fast Facts for the upcoming Open Season.

The Federal Times offers an Open Season overview.

From the No Surprises Act front, Newfront, an insurance brokerage, issued an important reminder on the revised NSA consumer notice that health plans must post by January 1, 2023. Here are the current and future notices.

From the Covid vaccine mandate front, the Miller & Chevalier law firm tells us

On October 14, 2022, the Safer Federal Workforce Task Force released a roadmap for federal contractors of anticipated guidance on how federal agencies would be handling the implementation and enforcement of the federal contractor vaccine mandate and workplace safety requirements of Executive Order 14042, “Ensuring Adequate Safety Protocols for Federal Contractors.”  The Task Force — created by President Biden to provide guidance to federal agencies on handling operational issues related to the COVID-19 pandemic — anticipates a “potential narrowing of the existing nationwide injunction on October 18, 2022.” As a result, the Task Force anticipates the release of three documents: (1) notice from the Office of Management and Budget (OMB) to federal agencies regarding compliance with injunctions and the inclusion of vaccine mandate clauses in future solicitations and contracts; (2) updates to Task Force guidance on safety protocols for covered contractor and subcontractor workplace locations, including a timeline for implementation; and (3) additional guidance from OMB on “timing and considerations for provision of written notice from agencies to contractors regarding enforcement of contract clauses” implementing vaccine and workplace safety mandates. Notably, until OMB issues the guidance above, agencies are directed not to take any steps to require compliance with the Task Force guidance or enforce any contract clauses implementing the requirements of Executive Order 14042.

This Task Force guidance stems from an August 26, 2022, U.S. Court of Appeals for the 11th Circuit opinion replacing the lower court’s nationwide injunction with an injunction applying to the plaintiffs. However, several other U.S. Courts of Appeals are hearing cases involving this mandate so we may be waiting a while for the OMB guidance.

Also, from the Omicron and siblings front, Beckers Hospital Review discusses the new Omicron variants BQ.1 and BQ1.1.

CDC estimates indicate a new omicron variant, BQ.1, and its descendent BQ.1.1 account for 11.4 percent of cases nationwide. The pair have been dubbed “escape variants” for their ability to escape immunity and are currently most prevalent in New York and New Jersey, where they account for nearly 20 percent of new infections. * * *

Experts are optimistic that the bivalent omicron boosters will offer protection against BQ.1 and BQ.1.1 since they’re descendants of BA.5. (Updated boosters are designed to target the original SARS-CoV-2 strain, BA.4 and BA.5.)

“The bad news is that there’s a new variant that’s emerging and that has qualities or characteristics that could evade some of the interventions we have. But, the somewhat encouraging news is that it’s a BA.5 sublineage, so there are almost certainly going to be some cross protection that you can boost up,” Dr. Fauci said. 

From the monkeypox front, the American Hospital Association reports

The Centers for Disease Control and Prevention today reported the first U.S. monkeypox case in a health care worker since the outbreak began in May. The report describes how an emergency department nurse in Florida was exposed to the virus through a needlestick, and recommends approaches to preventing infections in health care workers. CDC also released a report describing five patients who acquired ocular monkeypox, a rare but sight-threatening condition, including four who were hospitalized. The report recommends health care providers advise monkeypox patients to practice hand hygiene and avoid touching their eyes, and consider urgent ophthalmologic evaluation and monkeypox-directed treatment for patients with ocular signs and symptoms.

From the influenza front —

Beckers Hospital Review relates

The U.S. is seeing flu activity rise earlier than usual, with Southern states reporting the highest levels of activity, according to the CDC’s latest FluView report for the week ending Oct. 8. 

Overall, activity remains low, “but increasing in most of the country,” the CDC said. HHS region 4 (Kentucky, Tennessee, Mississippi, Alabama, Georgia, South Carolina, North Carolina, Florida) and region 6 (New Mexico, Texas, Oklahoma, Arkansas, Louisiana) are reporting the highest levels of flu activity. 

Furthermore, STAT News “talked on Friday with Lynnette Brammer, a flu epidemiologist and team lead for domestic surveillance in the CDC’s influenza division, to get a sense of what the agency is seeing.”

Thinking about this flu season and what you’re seeing so far, what’s your best guess for what’s ahead?

Our syndromic surveillance methods are much trickier to try and interpret now, with Covid in the picture. It just muddies the water, basically.

We’ll have to see if the flu and Covid circulate at the same time. Right now, it looks like Covid is still trending down in a lot of the country, but flu’s going up in a lot of the country.

If individuals start to feel crappy this winter, how will they know if it’s a cold? Flu? Covid?

I think testing is going to be really important given that, for flu and Covid, there are treatments that — particularly for high-risk people — can make a huge difference in how well they are able to get through their illness. So it’s going to be really important to test so physicians can know the appropriate treatment for their patients.

In related news, the Government Accountability Office released a report on routine vaccination rates in our country.

U.S. school children generally have higher rates of vaccination to protect them from preventable illness compared with adults.

We found gaps in adult rates for flu, shingles, tetanus, and pneumococcal (prevents pneumonia and more) vaccines. Among other things:

Adults were about 40% more likely to get the tetanus and pneumococcal vaccines than the shingles vaccine

Vaccination rates for Black or African American and Hispanic or Latino adults were about 13% below that of White adults for each vaccine

Health and Human Services is using social media and its website to raise public awareness on the importance of being vaccinated.

From the ACA reporting front, the Internal Revenue Service issued its Forms 1095-B and 1095-C for 2022. The Service also released an employee fringe benefits guide for federal, state, and local government employers.

From the Rx coverage front, BioPharma Dive predicts “five questions facing drugmakers as third-quarter earnings begin. Alzheimer’s study results, drug pricing law, bring new questions for many of the industry’s top companies.”

Weekend update

David ErmerCDC, CMS, COVID-19, FDA, Medicare, Rx coverage

Congress remains on the campaign trail this week.

From the public health front —

  • Fortune Well considers a change in the spread of Omicron. “COVID has splintered into multiple variants dominating different countries at the same time. Experts say these are some scenarios could play out.”
  • The American Medical Association answers patient FAQs about the upcoming winter in which Covid is not expected to eclipse the flu.
  • The FDA encourages Americans, including children, to get the flu vaccine.
  • Fortune Well provides advice on who is a candidate for the monkeypox vaccine now that this vaccine is more widely available.

The Bill and Melinda Gates Foundation says it will commit $1.2 billion to the effort to end polio worldwide.

The money will be used to help implement the Global Polio Eradication Initiative’s strategy through 2026. The initiative is trying to end the polio virus in Pakistan and Afghanistan, the last two endemic countries, the foundation said in a statement Sunday.

The money also will be used to stop outbreaks of new variants of the virus. The announcement was made Sunday at the World Health Summit in Berlin. 

The foundation says in a statement on its website that it has contributed nearly $5 billion to the polio eradication initiative. The initiative is trying to integrate polio campaigns into broader health services, while it scales up use of the novel oral polio vaccine type 2. 

The group also is working to make national health systems stronger so countries are better prepared for future health threats, the statement said. 

From the price transparency front, two consultants from the Berkley Research Group advise in Healthcare Dive

Payers can use hospital transparency data to gain insights regarding the rates hospitals have negotiated with other payers, which potentially can be used during contract negotiations. For example, payers can evaluate the negotiated rates for specific hospitals compared to their competitor health plans to gauge alignment with their proposed rates and discounts. This is illustrated in Figure 2, which shows the average negotiated rates for a CT scan of the abdomen (CPT 74177) for each payer who contracts with Loyola University Medical Center near Chicago, compared to the hospital’s standard billed charge for the procedure. As shown in the graph, the average negotiated rate as a percentage of billed charges (list price) ranges from 3% to 24% (about $200 to $1,800).

The article offers other approaches to using hospital transparency data, e.g., geographic methods.

From the Rx coverage front

Beckers Hospital Review tells us

CVS Health wants to be in charge of the “entire spectrum of someone’s health journey,” the company’s chief executive said at an Oct. 12 event in Boston reported on by the Boston Business Journal.

CEO Karen Lynch pointed to how the company already delivers medication at the pharmacy, finances treatments through insurance company Aetna, provides low-cost urgent care at its MinuteClinics, and now intends to give care at home through its planned $8 billion acquisition of Signify Health, she reportedly said at the Boston College Chief Executives Club meeting.

Ms. Lynch said the company also plans to expand into primary care and expects to announce an acquisition later this year, the Business Journal reported Oct. 13. CVS is rumored to be in exclusive talksto buy Cano Health, a primary care firm focused on seniors.

Ms. Lynch told the crowd CVS has advantages over fellow healthcare disruptor Amazon, which recently agreed to acquire primary care chain One Medical for $3.9 billion, according to the story. “[Customers] really want to trust and engage with companies that have earned the right to be in healthcare,” she said. “I think about Amazon as sort of a transactional company today.”

The American Hospital Association informs us

President Biden today directed the Center for Medicare and Medicaid Innovation to consider new payment and delivery models to lower drug costs and promote access to innovative drug therapies for beneficiaries, and report within 90 days on its plan and timeline for testing selected models. AHA will update members as more information on the plan becomes available.

The White House also released a fact sheet on this executive order.

The American Medical Association issued a research report titled “Competition in Commercial PBM Markets and Vertical Integration of Health Insurers with PBMs.” The report is chock-a-block full of various PBM rankings.

Speaking of the CMS innovation center, the American Hospital Association reports

The Centers for Medicare & Medicaid Services will extend through 2025 the Bundled Payments for Care Improvement Advanced model, which was set to expire this year. CMS launched the alternative payment model in 2018 to test whether bundling Medicare payments for certain inpatient and outpatient care reduces spending and improves quality. The agency expects early next year to request applications from Medicare providers, suppliers and accountable care organizations to participate in the two-year extension, which will include changes to the pricing methodology.

Cybersecurity Saturday

David ErmerCybersecurity

From the cyber breach front, Federal News Network informs us

Victims of one of the largest data breaches to ever hit the federal government are one step closer to a payout, more than seven years later.

A federal judge on Friday finalized the Office of Personnel Management’s settlement agreement with current and former federal employees, as well as federal job applicants, impacted by a major data breach in 2015.

District Judge Amy Berman Jackson, in a fairness hearing at the U.S. District Court for the District of Columbia, said the $63 million settlement for breach victims was “fair, reasonable and adequate.” * * *

Court documents show nearly 20,000 individuals have already signed onto the class-action lawsuit, but individuals breach have until Dec. 23 to submit a claim to join the class-action lawsuit.

The law firm Girard Sharp, which represents plaintiffs in the lawsuit, said in June that the settlement will provide a minimum payment of $700 for individuals who suffered a financial loss as a result of the hack, “even for those with minor expenses.”

Reuters adds

[District Judge Amy Berman Jackson] on Friday said she will slash thousands of dollars in proposed “incentive” awards for plaintiffs who settled data-breach claims against the U.S. Office of Personnel Management, as the court prepares to issue a final order approving the $63 million deal.

U.S. District Judge Amy Berman Jackson in Washington, D.C., at a hearing said she will approve a “nominal” amount of $1,000 for 36 named plaintiffs who led the privacy case against the Office of Personnel Management (OPM), the primary human resources agency in the federal government.

From the cyberpolicy front —

This coming week is

Cybersecurity Career Awareness Week, a week-long campaign in the middle of Cybersecurity Awareness Month focused on raising awareness around cybersecurity job opportunities and how building a cyber workforce enhances our nation’s security.  Hosted by National Institute of Standards and Technology (NIST), this week runs from October 17-22 this year.

CyberScoop informs us

The White House National Security Council will announce plans Tuesday for a consumer products cybersecurity labeling program intended to improve digital safeguards on internet-connected devices, a senior White House official told CyberScoop. 

About 50 representatives from consumer product associations, manufacturing companies and technology think tanks will convene at the White House on Oct. 19 for a workshop on the voluntary effort ahead of an expected spring 2023 launch.

The White House briefly described the effort in a document it released Tuesday outlining various cybersecurity initiatives. The administration plans to start with recommending three or four cybersecurity standards that manufacturers can use as the basis for labels that communicate the risks associated with using so-called internet of things devices.

The FEHBlog ran across CISA’s 2023 to 2025 Strategic Plan that was released in September. Here is a Homeland Security Today article on the new plan.

Health IT Analytics reports

The White House [earlier this month] unveiled its Blueprint for an AI Bill of Rights earlier this week, which identifies five guidelines for the design, use, and deployment of automated and artificial intelligence (AI)-based tools to protect Americans from harm as the use of these technologies continues to grow in multiple industries.

The blueprint outlines five core principles: safe and effective systems, algorithmic discrimination protections, data privacy, notice and explanation, and human alternatives, consideration, and fallback. These are intended to serve as practical guidance for the US government, tech companies, researchers, and other stakeholders, but the blueprint is nonbinding and does not constitute regulatory policy.

The guidelines apply to AI and automated tools across industries, including healthcare, and are part of a larger conversation around the ethical use of AI.

From the cyber vulnerabilities front

Cybersecurity Dive tells us

The Cybersecurity and Infrastructure Security Agency on Tuesday added multiple Fortinet products to its Known Exploited Vulnerabilities Catalog, one day after the company warned an authentication bypass vulnerability was being actively exploited. 

The vulnerabilities, listed as CVE-2022-40684, allow for authentication bypass, which enables an attacker to perform operations on the administrative interface. The vulnerability, which has a CVSS score of 9.6, involved FortiOS, FortiProxy and FortiSwitchManager. 

The company initially disclosed the vulnerability on Oct. 3 and urged customers to immediately perform a software upgrade. Late last week, Fortinet sent an internal email to select customers providing a confidential warning along with mitigation advice. 

Security Week reported last Tuesday

Microsoft on Tuesday released software fixes to address more than 90 security defects affecting products in the Windows ecosystem and warned that one of the vulnerabilities was already being exploited as zero-day in the wild.

The exploited vulnerability – documented as CVE-2022-41033 – affects the Windows COM+ event system service and has been exploited in elevation of privilege attacks, suggesting it was used as part of an exploit chain detected in the wild.

The latest zero-day was reported anonymously to Microsoft.

The new warning comes less than a month after Microsoft’s security response team scrambled to issue mitigations for a pair of Exchange Server flaws targeted by a nation state-level threat actor.

Those two Exchange Server vulnerabilities – CVE-2022-41040 and CVE-2022-21082 — remain unpatched.

From the ransomware front, Health IT Security relates “As suspected and validated by local news reports, the CommonSpirit “IT issue” was in fact a ransomware attack. CommonSpirit confirmed the nature of the attack in a recent update posted on its website. Hospitals across the country are still feeling the impacts of the attack that began as early as October 3.”

Cybersecurity Dive adds

CommonSpirit has [informed law enforcement and] launched a forensics investigation to determine the data impacts and said it tapped leading cybersecurity specialists to help.

“The fact that this has turned out to be a ransomware incident is not at all surprising,” Brett Callow, a threat analyst at security firm Emsisoft, said. “What remains to be seen is how quickly CommunitySpirit can recover its systems and resume normal operations and whether or not any data was stolen during the attack. If data was stolen, the attackers will likely use the threat of releasing it online as additional leverage to try to extort payment.”

Here’s the latest Bleeping Computer “The Week in Ransomware.

From the cyber defenses front

  • CISA suggests actions to help prevent against advanced persistent threat cyber activity.