FEHBlog

Weekend Update

David ErmerCongress, COVID-19, Mental health care, No Surprises Act
Photo by JOSHUA COLEMAN on Unsplash

Congress will be in session this week for Committee and floor business.

The No Surprises Act’s RxDC reporting deadline is this Tuesday, January 31, for the 2020 and 2021 reporting years. RxBenefits informs us, “Optum, Caremark, and Express Scripts have finalized their submission files and confirmed that all submissions would be completed before January 31, 2023, if not already filed.”

From the public health front —

  • NPR Shots explains why your kids are germ vectors, albeit adorable ones.
  • Fortune Wells reports that “Researchers at the Institute of Psychiatry, Psychology & Neuroscience at King’s College London have developed a blood-based test that can detect Alzheimer’s disease up to 3.5 years before a clinical diagnosis.” This test would help people decide whether they need the new Biogen/Eisai drug assuming Medicare approves it.
  • Fortune Well also points out how employers can reduce workplace stress.
  • Kaiser Family Foundation provides us with recent upbeat data on long Covid.

Cybersecurity Saturday

David ErmerCybersecurity

From the cybersecurity policy front, Cybersecurity Dive tells us

The public-private cybersecurity supergroup, the Joint Cyber Defense Collaborative, is turning its attention to a 2023 agenda that will address risks to vulnerable industries and sensitive elements of civil society.

JCDC will assess risk in energy and water infrastructure sectors alongside the use of open-source software in industrial control systems, the group revealed Thursday. 

It also wants to increase cybersecurity and reduce risk for small- and medium-sized critical infrastructure providers. JCDC will collaborate with managed service providers, managed security service providers and remote monitoring and management as part of the effort.

FedScoop reports

The National Institutes of Standards and Technology intends to release version 2.0 of its Cybersecurity Framework in the coming years, and this week, the agency teased some of the “potential significant updates” that may land in that new framework.

On Thursday [January 24, 2023], NIST published a concept paper outlining significant changes to the Cybersecurity Framework and opening them to public feedback over the next several weeks. 

The framework is a voluntary guide to help organizations in all sectors to better understand, manage, reduce, and communicate cybersecurity risks. It is used widely, along with NIST’s Risk Management Framework, by federal agencies to plan their own cybersecurity approaches.

Of the proposed changes in the concept paper, the most notable are broadening the scope of the framework beyond critical infrastructure use cases to better include other organizations like small businesses and higher education institutions; including more guidance for implementation; and emphasizing the importance of cybersecurity governance and cybersecurity supply chain risk management, among others.

and

The National Institutes of Standards and Technology has issued the first version of its Artificial Intelligence Risk Management Framework that federal agency leaders and lawmakers hope will govern use of the technology.

The Department of Commerce agency Thursday released the initial document, which it emphasized will continue to evolve as the department receives further input from industry and the scientific research community.

Publication of the document comes as the use of AI technology receives increased public attention with the launch of new mainstream tools including Chat-GPT.

In the framework documentNIST sets out four key functions that it says are key to building responsible AI systems: govern, map, measure and manage.

Nextgov informs us

The Office of Personnel Management plans to launch a federal cyber workforce dashboard to provide agencies with a better tool to address workforce needs, according to a demo of the proposed dashboard held during a National Institute of Standards and Technology webinar on Tuesday [January 24, 2023].

An OPM spokesperson told Nextgov the cyber workforce data dashboard is a new tool that will have two versions: a public version looking at governmentwide data and an agency-specific version—where each agency will have a more granular view—to help support their workforce needs. The spokesperson added that OPM has been showing the dashboard to cyber workforce community stakeholders, such as the Office of the National Cyber Director and the Office of Management and Budget.

This past week has been Data Privacy Week. Spiceworks explains how to convert Data Privacy Week to Data Privacy Year. Security provides thoughts and advice from data security leaders. For example

Corey Nachreiner, Chief Security Officer at WatchGuard Technologies:

“Data Privacy Day provides a yearly reminder that data privacy and data security are inextricably linked. Even as laws around the world increasingly recognize the rights of individuals to control how information about them is collected, used and stored, they are also putting greater responsibility on companies for being good stewards of that data and holding them accountable when they aren’t. But protecting data from malicious actors is everyone’s responsibility.”

From the cyber vulnerabilities front —

Cybersecurity Dive reports

Malicious actors are using remote management and monitoring software to launch phishing attacks against federal employees, authorities warned Wednesday

The Cybersecurity and Infrastructure Security Agency, National Security Agency and Multi-State Information Sharing and Analysis Center said since June 2022 cybercriminals have sent help desk themed phishing emails to civilian executive branch agency staff using their personal and government email addresses. 

The lure aims to get the targeted workers to link to malicious domains in order to steal money from the targeted victims. However, authorities warn the same tactics could be used by APT actors in order to gain persistence within a network. 

Health IT Security also offers an article on this topic.

Fortune Magazine alerts us,

As tech transformations—for example a business unit built around A.I. or a new app geared toward personalized customer experience—have picked up steam in recent years, so have cyber risks and data privacy concerns.

But when organizations look internally for risk mitigation and compliance with data privacy laws, there’s a lack of qualified people to do so, according to a new report by ISACA, a professional IT governance association. Both technical privacy and legal/compliance teams are understaffed, enterprise privacy budgets are underfunded, and there are skills gaps. The findings are based on a global survey of 1,890 data privacy professionals who hold positions in IT, audit, compliance, and risk management, for example.

Health IT Security reports that “UCHealth and UCLA Health Report Healthcare Data Breaches
The healthcare data breach at UCHealth stemmed from a third-party vendor, and the UCLA Health breach was tied to the organization’s use of analytics tools.”

The Cybersecurity and Infrastructure Security Agency added known exploited vulnerabilities to its catalog — here and here.

Health IT Security adds

Ransomware remained a primary healthcare cyberattack tactic in Q4 2022, BlackBerry noted in its new Global Threat Intelligence Report. BlackBerry’s Threat Research and Intelligence team leveraged data collected by its own security solutions between September 1 and November 30, 2022, along with information from public and private intelligence sources.  

Throughout the 90-day period, researchers observed threat actors using a variety of tactics, from downloaders to ransomware, infostealers, and remote access Trojans (RATs). For the healthcare sector in particular, ransomware “still poses the biggest threat,” the report indicated.

From the ransomware front, The Wall Street Journal reports

U.S. authorities seized the servers of the notorious Hive ransomware group after entering its networks and capturing keys to decrypt its software, the Justice Department said Thursday, calling its effort a “21st-century cyber stakeout.”

The group linked to Hive ransomware is widely seen by authorities and cybersecurity experts as one of the most prolific and dangerous cybercriminal actors in recent years. It has been linked to attacks on more than 1,500 victims including hospitals and schools—and has extorted more than $100 million in ransom payments, the Justice Department said.

Bravo. Bleeping Computer’s The Week in Ransomware focuses on this important development.

Yesterday [January 26, 2023], an international law enforcement operation seized the Tor websites for the Hive ransomware operation and disclosed that they had secretly hacked the organization’s servers in July 2022.

For the past six months, the police have monitored their communications, intercepted decryption keys, and helped victims with free decryptors.

While no arrests were made, this was a massive blow to a prominent player in this cybercrime space while preventing $100 million in ransom payments.

Here’s the Justice Department’s press release.

Furthermore, an ISACA expert writes about common misconceptions about ransomware.

From the cyber defense front, the Wall Street Journal provides advice on assessing the likelihood of a ‘Catastrophic” cyber attack, and Security Week explains how to end to password dependency.

Friday Factoids

David ErmerCongress, COVID-19, COVID-19 vaccine, Electronic health records, FDA, Rx coverage, U.S. Healthcare, Wellness
Photo by Sincerely Media on Unsplash

From Capitol Hill, Fierce Healthcare tells us

Two top senators have reintroduced legislation that would introduce several reforms to pharmacy benefit managers, including prohibiting clawbacks of pharmacy payments. 

Sens. Maria Cantwell, D-Washington, and Chuck Grassley, R-Iowa, reintroduced on late Thursday the Pharmacy Benefit Manager Transparency Act and the Prescription Pricing for the People Act. The move shows the lawmakers are not backing down from going after PBMs in the latest Congress. 

Congress is a piker compared to OPM, which has been successfully “going after PBM’s” for over a decade.

From the public health front

  • All of the Omicron metrics are trending down. “As of January 25, 2023, there are 118 (3.7%) counties, districts, or territories with a high COVID-19 Community Level, 855 (26.6%) with a medium Community Level, and 2,242 (69.6%) with a low Community Level.”
  • Overall, about 268.9 million people or 81% of the total U.S. population, have had a single dose of Covid vaccine, “About 229.6 million people, or 69.2% of the total U.S. population, have completed a primary series.* More than 41.6 million people, or 19.9% of the eligible U.S. population ages five years and older, have received an updated (bivalent) booster dose.”
  • The CDC’s Weekly FluView again headlines, “Seasonal influenza activity continues to decline across the country.”
  • Turning to our longest-standing public health emergency, the U.S. Drug Enforcement Administration informs us

Illicitly-used xylazine is most often reported in combinations with two or more substances present, such as fentanyl, cocaine, or heroin, and can increase the potential for these drugs to cause fatal overdoses.

While scientists have not conducted much research on its effects, anecdotal reports suggest that users experience symptoms similar to those encountered via opioids, namely depression of the central nervous system. More specifically, effects associated with xylazine use include dry mouth, drowsiness, hypertension, respiratory depression, and even coma. Users can develop a physical dependence to xylazine, reporting withdrawal symptoms more serious than from heroin or methadone, such as sharp chest pains and seizures.

Note: Since xylazine is not an opioid, naloxone does not reverse its effects.

  • The Food and Drug Administration proposed changing from “time-based deferrals to assessing blood donor eligibility using gender-inclusive, individual risk-based questions to reduce the risk of transfusion-transmitted HIV. This proposal is in line with policies in place in countries like the United Kingdom and Canada.”
  • Bloomberg relates, “Americans aren’t exercising enough.  Less than a third of US adults meet suggested benchmarks for aerobic and muscle-building activities set out by health officials, according to a new study released on Thursday.”

From the Rx coverage front, STAT News reports, “After months of anticipation, the first biosimilar version of Humira will become available next week — a pivotal moment in the long-running debate about whether cheaper copies of pricey biologics can lower soaring U.S. health care costs.” Time will tell.

From the electronic health records front —

  • MedCity News identifies five ways to inject intelligence into the prior authorization process.
  • Fierce Healthcare points out that

“A new report from the Georgetown University Center for Children and Families seeks to make several reforms to the Transparency in Coverage rule to ensure the data are more usable and accessible by researchers. The goal is to ensure that the data can be used to help regulators and lawmakers target policies that can boost coverage affordability. 

“’The good news is that many of the access and usability problems stem from the technical specifications provided by the Centers for Medicare & Medicaid Services [CMS],’ the report said. ‘Most can be fixed through administrative action and better enforcement, with minimum cost burdens for the plans and issuers.’”

From the U.S. healthcare business front —

  • MedCity News informs us that health insurers continue to receive a C grade from Leapfrog.
  • Fierce Healthcare tells us, “The Minnesota attorney general’s office has formally asked Sanford Health and Fairview Health Services to postpone the March 31 closing date of their proposed merger as it seeks more information on the repercussions of the deal, Chief Deputy Attorney General John Keller said during a public meeting held Wednesday evening. The Midwest nonprofit health systems had announced their 58-hospital merger plans in November, saying at the time that joining together would expand care quality and access across their rural and urban markets. The resulting organization would employ nearly 80,000 people.”
  • Healthcare Dive reports, “In a lawsuit filed Thursday, Cigna alleged that Amy Bricker’s appointment to chief product officer of CVS’s consumer segment places the payer’s trade secrets at risk and violates her noncompete agreement.” 
  • The Wall Street Journal reports that CVS and Walmart pharmacies will follow Walgreen’s lead by reducing their retail pharmacy hours. “CVS, in a recent notice to field leaders, said most of its reduced hours will be during times when there is low patient demand or when a store has only one pharmacist on site, which the company said is a “top pain point,” for its pharmacists.” Walmart will be closing its pharmacy at 7 pm rather than 9 pm.

Busy Thursday

David ErmerCDC, Congress, COVID-19, Electronic health records, FDA, Federal employment benefits, HSA, OPM, Patient safety, Rx coverage
Photo by Manasvita S on Unsplash

From Capitol Hill Roll Call reports

House Republicans are mulling an attempt to buy time for further negotiations on federal spending and deficits by passing one or more short-term suspensions of the statutory debt ceiling this summer, including potentially lining up the deadline with the end of the fiscal year Sept. 30.

No decisions on a cutoff date have been made, and it’s not yet clear when the Treasury Department will run out of cash to meet all U.S. financial obligations. But most analysts agree Congress will need to act at some point between early June and September, and lawmakers likely won’t want to leave the matter unaddressed before the August recess.

and

The Senate is taking its time getting to work for 2023.

Back in Washington after a two-and-a-half week recess, the chamber adjourned Thursday afternoon without adopting an organizing resolution, meaning committees will remain in their holdover state until at least next week.

Senate Majority Leader Charles E. Schumer announced the Democratic committee assignments for the new Congress, with Michigan Democratic Sen. Gary Peters, the Democratic Senatorial Campaign Committee chair, earning a coveted seat on the Appropriations Committee.

From the Omicron and sibligns front, The American Hospital Association tells us

A Food and Drug Administration Vaccines and Related Biological Products Advisory Committee [VRBAC] unanimously voted today to recommend harmonizing the composition of all primary series and booster doses administered in the U.S. For example, the composition of all vaccines administered going forward might be bivalent.

STAT News offers a complete report on today’s meeting. For example, STAT News explains

The FDA is also asking the members of VRBPAC their thoughts on its proposal that Americans get an annual Covid shot, in the way they get a flu shot, one that is reconstituted regularly to try to target the strains in circulation at the time. In documents the FDA made public before the meeting, it proposed choosing new vaccine strains in June for a vaccine campaign that would begin in September.

Covid is clearly here to stay, so this may sound sensible. But there are concerns some of this is still based on a leap of faith rather than a data-led process. For example, the idea that everyone might need an annual Covid booster will not earn a unanimous “yea” vote out of this expert panel.

The VRBAC recommendation is subject to FDA and CDC approval.

STAT News adds

The FDA on Thursday withdrew the authorization of Evusheld, the latest antibody therapy to be rendered ineffective by the mutations the virus has picked up. Notably, Evusheld — unlike other antibody therapies — was not for infected patients, but rather was given as a pre-exposure treatment to people at high risk for severe Covid-19, such as those with compromised immune systems.

In other FDA news

  • The FDA announced, “Given the growing cannabidiol (CBD) products market, the FDA convened a high-level internal working group to explore potential regulatory pathways for CBD products. Today we are announcing that after careful review, the FDA has concluded that a new regulatory pathway for CBD is needed that balances individuals’ desire for access to CBD products with the regulatory oversight needed to manage risks. The agency is prepared to work with Congress on this matter. Today, we are also denying three citizen petitions that had asked the agency to conduct rulemaking to allow the marketing of CBD products as dietary supplements.”
  • Fierce BioTech informs us “More than two years after submitting it for FDA review, Tidepool has scored the agency’s clearance for a smartphone app that allows people with Type 1 diabetes to build their own closed-loop “artificial pancreas” system.”

From the obesity treatment front —

HealthDay discusses findings made by “Utah researchers who followed patients for up to 40 years after they had one of four types of weight-loss (bariatric) surgery.” 

Weight-loss surgery can literally be a lifesaver, cutting death rates significantly during the course of a decades-long study

Death from all causes was 16% lower, while it was 29% lower for heart disease, 43% lower for cancer and 72% lower for diabetes

But there were some troubling findings: These patients were 83% more likely to die of liver disease and 2.4 times more likely to die by suicide, mostly seen in younger patients

STAT News provides a two minute long video explaining how the new obesity drugs work.

STAT News also describes an unusual alliance that has banded together to lobby Congress to repeal a provision in the Medicare Modernization Act of 2023 that prohibits Part D from covering obesity drugs. “Recent scientific advances, media coverage, and advocacy have helped raise the profile of the issue on Capitol Hill, said Jeanne Blankenship, the vice president for policy initiatives and advocacy at the Academy of Nutrition and Dietetics. ‘It’s becoming front and center. I think we can’t turn our backs on it any longer,’ Blankenship said.”

From the Rx coverage front, Beckers Hospital Review introduces us to the three PBMs that have partnered with the Mark Cuban Pharmacy.

From the HIPAA / electronic health records front —

  • MedPage Today reports, “Unique Patient Identifier Funding Once Again Barred by Congress— Biden administration working on better patient matching instead.” The FEHBlog will never understand Congress’s intransigence here.
  • Healthcare Dive tell us “Interoperability continues to improve among U.S. hospitals, but there’s still a ways to go, according to new government data. More than six in 10 hospitals electronically shared health information and integrated it into their electronic health records in 2021, up 51% since 2017, the Office of the National Coordinator released in a Thursday data brief. The availability and usage of electronic data received from outside sources at the point of care has also increased over the last four years, reaching 62% and 71% respectively in 2021.”

From the NIH research front, NIH calls attention to its research studies on the role of the placebo effect in healthcare treatments and the link between hydration and better aging.

From the miscellany department —

  • Mercer Consulting “projects the 2024 inflation-adjusted amounts for health savings accounts (HSAs), high-deductible health plans (HDHPs) and excepted-benefit health reimbursement arrangements (HRAs) will rise significantly from 2023 levels.”
  • Benefits Consultant Tammy Flanagan, writing in Govexec, discusses the categories of family members who are eligible and ineligible for FEHB coverage.
  • HR Dive identifies five trends that will share HR this year.

 

Happy Days are Here Again!

David ErmerAHRQ, CDC, CMS, COVID-19, COVID-19 testing, COVID-19 vaccine, Federal employment benefits, NIH, OPM, U.S. Healthcare
OPM Headquarters a/k/a the Theodore Roosevelt Building

The FEHBlog was delighted to read today that OPM is encouraging FEHB carriers that OPM is encouraging FEHB carriers to incorporate Medicare Part D EGWPs in their plans for 2024. The FEHBlog has been encouraging this step for years, as readers must know.

The Medicare Part D EGWPs will cushion the FEHBP against the expenses of drugs to treat Alzheimer’s Disease and other illnesses that impact annuitants over age 65. While there are many factors at play in determining premiums, this factor standing alone would lower premiums. Thank you, OPM.

From the Omicron and siblings front, the New York Times virus briefing newsletter wished its readers well today.

Now, after three years, we’re pausing this newsletter. The acute phase of the pandemic has faded in much of the world, and many of us have tried to pick up the pieces and move on. We promise to return to your inbox if the pandemic takes a sharp turn. But, for now, this is goodbye.

The American Hospital Association informs us

In a study released today by the Centers for Disease Control and Prevention [CDC}, a single bivalent COVID-19 vaccine booster provided additional protection against omicron XBB variants in adults who previously received two to four monovalent vaccine doses. XBB-related variants account for over half of currently circulating COVID-19 variants in the United States.

“All persons should stay up to date with recommended COVID-19 vaccines, including receiving a bivalent booster dose when eligible,” the authors conclude.

and

The CDC yesterday launched a website to help consumers locate no-cost COVID-19 testing through its Increasing Community Access to Testing program, which includes pharmacies, commercial laboratories and other sites that bill the tests to government and private insurers and focus on vulnerable communities. The tests may include laboratory-based nucleic acid amplification tests and rapid antigen point-of-care tests, with results typically provided in 24-48 hours.

From the public health front

  • The Hill tells us about a CDC internal reorganization.
  • The HHS Agency for Healthcare Quality and Research provides us with an infographic and report about the three most commonly treated illnesses among older adults — hypertension, hyperlipidemia, and arthritis / other joint disorders
  • Fierce Healthcare relates, “The Biden administration is planning to release three to four new payment models on advance primary care and another enabling states to assume the total cost of care for Medicare, a top official shared.”
  • HHS’s HEAL Program Director, Dr. Rebecca Baker, discusses “Research That Offers Hope to End Addiction Long-Term.”

From the U.S. healthcare business front

Healthcare Dive reports

Elevance Health, one of the nation’s largest insurers, added more members in 2022, fueled by growth in its government business thanks to continued relaxed eligibility rules on enrollment.  

Elevance ended the year covering 47.5 million people, a nearly 5% increase from the prior-year period, driven largely by growth in Medicaid members.

In turn, total revenue climbed 13% to nearly $157 billion for the year as the insurer collected higher premium revenue from its Medicaid plans.   

Net income dipped about 1% to $6 billion for the full year as expenses climbed about 14%.  

and

The CMS announced Wednesday that a record-breaking 16.3 million people signed up for Affordable Care Act marketplace plans during the 2023 open enrollment season, a result of extended pandemic-era subsidies enacted by the American Rescue Plan.

Over 1.8 million more people enrolled in marketplace coverage compared to last year — a 13% increase, and the most amount of plan selections of any year since the launch of the ACA marketplace a decade ago, according to the CMS. The record-breaking enrollment numbers include 3.6 million first-time marketplace enrollees.

STAT News tells us

The claims have become almost ubiquitous. Hospital CEO after hospital CEO stands at a podium and promises the merger being announced will improve quality and lower costs.

Once deals close, though, there tends to be little, if any, follow-up to determine whether those things actually happened. A new Journal of the American Medical Association study adds to the growing body of evidence that they don’t. The authors looked across a large swath of the country’s hospitals and physicians found that while quality did improve marginally, the prices paid for services delivered by health system hospitals and doctors was significantly higher than their non-system peers.

“You start to feel really hopeful when you hear about this, ‘Yeah, we can really improve health care,’ and then when you look at it, it’s just not there,” said Nancy Beaulieu, a study author and research associate in Harvard Medical School’s department of health care policy.

Ruh roh.

On related note, Fierce Healthcare informs us

A top insurance lobbying group plans to press Congress this session to adopt legislation that expands the footprint of site-neutral payment reform, setting up a likely clash with hospital groups. 

The Blue Cross Blue Shield Association (BCBSA), which represents 38 Blues plans, released several policy priorities for the current Congress as part of a new report Tuesday. Some of the policies focus on changing Medicare reimbursement rates to pay the same amount to clinics whether they are independent or affiliated with a hospital. Other reforms focus on prescription drugs and spurring more participation in value-based care. 

“We’re very concerned about the increasing acquisition of physician practices by hospitals in the healthcare system,” said Kris Haltmeyer, vice president of policy analysis for BCBSA, during a reporter briefing Tuesday. 

One of the association’s major priorities is to pass a bill that would remove a grandfathering provision in the 2015 Balanced Budget Act. The provision shielded certain hospital outpatient departments from billing limits established in the law, with the exception of emergency departments. 

The association also wants to require off-campus hospital sites to get a different national provider identifier than the main facility campus. They should also use a different claim form for any professional service rendered in an office or clinic owned by a hospital but not on the campus. 

Go get ’em.

Tuesday’s Tidbits

David ErmerCongress, FDA, Federal employment benefits, NIH, Rx coverage
Photo by Patrick Fore on Unsplash

From Capitol Hill, Federal News Network discusses two bipartisan bills affecting federal hiring practices and federal retirement annuities that are under active consideration.

From the Postal Service Health Benefits Program front, it appears to the FEHBlog that OPM has been adding to its PSHBP FAQs without giving the public an online heads-up when an addition occurs, e.g., last updated xx/xx/xxxx.

From the public health front

  • The U.S. Preventive Services Task Force released for public comment a draft inconclusive (“I”) recommendation “that the current evidence is insufficient to assess the balance of benefits and harms of screening for lipid disorders in children and adolescents age 20 years or younger.” This proposed action would confirm the ongoing vitality of a 2016 recommendation. The public comment deadline is February 21.
  • The National Institutes of Health discusses its approach to “shouldering the burden of rare diseases.” NIH notes “While individually each disease is rare, collectively rare diseases are common: More than 10,000 rare diseases affect nearly 400 million people worldwide. In the United States, the prevalence of rare diseases (over 30 million people) rivals or exceeds that of common diseases such as diabetes (37.3 million people), Alzheimer’s disease (6.5 million people), and heart failure (6.2 million people).”
  • STAT News discusses legal developments in the FDA’s practices of approving “orphan drugs” to treat rare diseases. “In an unexpected move, the Food and Drug Administration will continue to apply exclusive marketing rights for so-called orphan drugs under its existing regulations, rather than take a broader approach suggested by a federal court in a highly controversial case involving one such medicine.”
  • Fierce Healthcare reports “The White House, federal agencies and lawmakers today marked the elimination of the DATA-Waiver Program, better known as the X-Waiver requirement, with calls for providers to begin incorporating opioid use disorder treatment buprenorphine in everyday patient care. The X-Waiver requirement only permitted doctors who had received specialized training and federal permissions to prescribe the opioid partial agonist, which is a controlled substance.”

From the Rx coverage front —

  • Segal Consulting offers plan sponsors its analysis of weight loss drugs to treat diabetes and obesity.
  • Fierce Healthcare tells us about Amazon’s new RxPass program and adds that Optum Rx “launched a new tool that aims to make it easier to compare the direct-to-consumer price for generic drugs to the price with insurance.” RxPass is not available to Medicare or Medicaid beneficiaries and “is not currently available to send medications to California, Louisiana, Maryland, Minnesota, New Hampshire, Pennsylvania, Texas, and Washington.”

Monday Roundup

David ErmerCOVID-19, COVID-19 vaccine, FDA, OPM, Rx coverage, SCOTUS, SDOH, Telehealth, U.S. Healthcare
Photo by Sven Read on Unsplash

From the Omicron and siblings front, the Wall Street Journal reports

Most people would get one Covid-19 shot annually—as they do with the flu shot—under Food and Drug Administration proposals for simplifying the nation’s Covid-19 vaccine procedures.

The drug regulator also proposed that people getting vaccinated for the first time receive vaccines that target both Omicron and the original strain of the coronavirus. 

The proposals, outlined in materials the FDA released Monday, would mark the biggest changes to Covid-19 vaccinations since boosters rolled out and are a sign of the nation’s shift to a more endemic-like approach to the coronavirus.

Vaccine experts who advise the FDA are scheduled to meet Thursday to discuss the proposals. The advisers are scheduled to vote on whether to give the bivalent shot as the initial inoculation, as is already allowed in Europe.

Makes sense to the FEHBlog.

From the OPM front, the House Oversight and Reform Committee Chairman James Comer (R-Ky.) has sent OPM Director Kiran Ahuja a letter demanding documents and a staff briefing on the recent GAO report criticizing OPM’s internal controls over family member eligibility in the FEHBP. Here’s a little free advice for my favorite agency. Rather than coming up with your own solutions, adopt solutions that have been proven to work in the private sector — the HIPAA 820 standard enrollment transaction which ties premium payments to enrollees and dependent eligibility verification audits based on statistical sampling.

From the U.S. healthcare business front —

Fierce Healthcare informs us

Elevance Health has inked a deal to acquire Blue Cross and Blue Shield of Louisiana, with the Pelican State insurer joining the Anthem Blue Cross affiliated plans.

The acquisition builds on an existing partnership between the two insurers, according to the announcement. The two jointly own Healthy Blue, a plan that serves Medicaid and dual-eligible beneficiaries. 

The combination will also allow BCBSLA to accelerate its push toward improved access, affordability and quality for its 1.9 million members, thanks to the capabilities of Elevance Health’s Carelon subsidiary, the companies said. More than $4 billion has been invested in Carelon over the past several years, building out its behavioral health, complex and chronic care programs and digital health models.

and

CVS Health has named two key leaders for its pharmacy and consumer products business, including a returning face to the company, according to a report from Bloomberg.

David Joyner, a former executive at the company, will make a return as the leader of its pharmacy services segment, which includes the Caremark pharmacy benefit manager, people familiar with the matter told the outlet. Joyner left CVS three years ago and will succeed Alan Lotvin, M.D., who is set to retire.

In addition, former Express Scripts President Amy Bricker will join the company as the chief product officer for the consumer segment, which centers on developing new products for CVS’ consumer health brands, Bloomberg reported.

Fierce Healthcare points out a twist in the second story.

That Bricker had departed Express Scripts, a subsidiary of Cigna, was revealed last week when the PBM announced it had named a new president, veteran supply chain leader Adam Kautzner. What was next for Bricker, however, was conspicuously absent from the announcement.

The FEHBlog often counsels clients on Family and Medical Leave Act issues. He had no idea until today that the Labor Department offers helpful information to healthcare provider and employees on this law. For example,

This background information can fill knowledge gaps for employers too.

From the Rx coverage front —

  • The Washington Post reports on the reaction to “the American Academy of Pediatrics guidelines, based on decades of scientific research, call[ing] for early and aggressive treatment, instead of “watchful waiting.” They urge intensive therapy for children as young as 6, weight loss drugs for those as young as 12 and surgery for teens as young as 13.”
  • The Institute for Clinical and Economic Research released a

Final Evidence Report on Fezolinetant for Vasomotor Symptoms Associated with Menopause

— Independent appraisal committee voted that evidence is not yet adequate to demonstrate a net health benefit for fezolinetant when compared to no pharmacological treatment —

—  Using point estimates from short-term clinical trials, analyses suggest this drug would achieve common thresholds for cost-effectiveness if priced between $2,000 – $2,600 per year for women who cannot or choose not to take menopausal hormone therapy —

— All stakeholders have a responsibility and an important role to play in ensuring that women have access to effective new treatment options for symptoms of menopause

The ICER upshot is “Given that many patients may benefit from readily available, effective, and low cost [menopausal hormone therapy] MHT, clinical experts agreed that it would be reasonable for payers to require prescriber attestation that patients are not appropriate candidates for MHT prior to prescribing fezolinetant.”

From the SDOH front, Health Leaders Media tells us about new ICD-10 diagnosis codes with an SDOH emphasis which will take effect on April 1, 2023.

From the telehealth front, U.S. News reports,

Despite distance and occasional technical glitches, a new study finds that most patients like seeing a surgeon for the first time via video.

The study was published Jan. 19 in the Journal of the American College of Surgeons. * * *

The study included 387 patients who participated in first-time visits between May 2021 and June 2022 at general surgery clinics across the Vanderbilt system. Researchers used a standard questionnaire to look at the quality of shared decision-making and asked patients and surgeons open-ended questions about their consultations.

In all, 77.8% of patients had an in-person visit, while 22.2% saw their doctor remotely.

Both groups reported high levels of quality communication during these appointments.

Levels of shared decision-making and quality of communication were similar between remote visits and in-person care, the study found.

In responding to the open-ended questions, patients praised the convenience and usefulness of telehealth appointments. Researchers received some negative comments about technical difficulties and not being physically present.

Weekend update

David ErmerCongress, COVID treatment, COVID-19, COVID-19 testing, Mental health care

Congress is back in our Nation’s capitol this week. The House is considering legislative business but is not holding hearings. The Senate is holding hearings and floor votes.

The Wall Street Journal reports

A deeply divided Congress will return to work this week, pushing ahead with partisan priorities in the Senate and House while also gearing up for a fight over how lawmakers will address raising the debt ceiling before a potential default later this year.

The Senate, narrowly controlled by Democrats as it opens its new session, is expected to focus primarily on confirming President Biden’s executive and judicial nominees in the coming weeks. Immigration is emerging as one area of possible compromise after a group led by Sen. Kyrsten Sinema (I., Ariz.) and Sen. John Cornyn (R., Texas) co-hosted a bipartisan delegation of senators to the Texas and Arizona borders during the January recess. 

House Republicans, back from a weeklong break, will dive into investigations focused on Mr. Biden, his family and his administration, starting with a hearing on border security early next month that will feature testimony from border patrol agents.

The American Medical Association outlines its wish list for improvements in the Medicare payment system.

From the Omicron and siblings front

The American Medical Association tells us about what doctors wish their patients knew about Covid reinfections. Oddly the article does not mention the availability of Paxlovid treatment.

Medscape informs folks over age 65 about what they need to know about taking Paxlovid.

The message from infectious disease experts and geriatricians is clear: Seek treatment with antiviral therapy, which remains effective against new covid variants.

The therapy of first choice, experts said, is Paxlovid, an antiviral treatment for people with mild to moderate covid at high risk of becoming seriously ill from the virus. All adults 65 and up fall in that category. If people can’t tolerate the medication — potential complications with other drugs need to be carefully evaluated by a medical provider — two alternatives are available.

The upshot is the older Americans and immunocompromised American should create a treatment plan in consultation with their primary care providers before Omicron shows up at the door.

NPR offers us an update on the state of rapid Covid testing

As the COVID-19 pandemic enters its fourth year, a negative result on a little plastic at-home test feels a bit less comforting than it once did.

Still, you dutifully swab your nostrils before dinner parties, wait 15 minutes for the all-clear and then text the host “negative!” before leaving your KN95 mask at home.

It feels like the right thing to do, right?

The virus has mutated and then mutated again, with the tests offering at least some sense of control as the Greek letters pile up. But some experts caution against putting too much faith in a negative result.

The NPR article provides the details.

In other public health news, Fortune Well reports

A so-called “super strain” of gonorrhea—against which many types of antibiotics are less effective or not effective at all—has been identified in the U.S. for the first time, health officials said Thursday, [January 19] raising further concern that a post-antibiotic era is approaching.

The case, identified in Massachusetts, was successfully treated with ceftriaxone, an antibiotic recommended to treat the disease, state health officials said in a news release. A higher-than-recommended dose wasn’t required to clear the infection, a state public health spokesperson tells Fortune, though the U.S. Centers for Disease Control and Prevention recently doubled the recommended dose.

The newly identified strain showed reduced susceptibility to three types of antibiotics and resistance to an additional three, including penicillin. It marks the first U.S. case in which all recommended drugs were less effective or completely ineffective, the state health department said in a Thursday bulletin to clinicians.

The case serves as “an important reminder that strains of gonorrhea in the U.S. are becoming less responsive to a limited arsenal of antibiotics,” health officials said in a statement.

The U.S. is experiencing “a rising epidemic of sexually transmitted disease,” Dr. Georges Benjamin, executive director of the American Public Health Association, tells Fortune, with some experts referring to the issue as a “hidden epidemic.” 

No bueno.

From the mental health care front

  • NPR Shots discusses when patients can opt for chat therapy from a free chatbot., e.g., Wysa .
  • Bloomberg Prognosis calls our attention to a dementia quiz.

Most cases of dementia aren’t linked to lifestyle. But in as many as four in 10 cases, external risk factors — everything from educational level, brain injury and hearing loss to excessive drinking and smoking — may play a role, a report by The Lancet Commission found in 2020. This week, Alzheimer’s Research UK, a charity that funds science and education about dementia, launched an online quiz that draws on that study to help people zero in on what they could change in their own lives to help improve the health of their brains. 

“Much of this is about helping people understand that they can be empowered to affect their risk of Alzheimer’s disease,” Paul Matthews, director of the UK Dementia Research Institute at Imperial College London, said in a briefing hosted by the Science Media Centre. “We need to give people the knowledge to make these choices.” 

For what it’s worth, The FEHBlog took the quiz which is offered by the British Alzheimers Disease Association. The FEHBlog found it worthwhile.

Cybersecurity Saturday

David ErmerCybersecurity

    From the cyberpolicy front —

    Cyberscoop reports

    The Government Accountability Office said Thursday that U.S. federal departments have implemented just 40% of the cybersecurity recommendations the watchdog agency has issued since 2010.

    The lethargic pace in which government agencies put in place cybersecurity precautions and best practices underlines the need for the Biden administration to “urgently” release a comprehensive national cybersecurity strategy with effective oversight, the GAO said in its report.

    The GAO said that the updated national cybersecurity strategy, which the administration is reportedly planning to release soon, should address key “desirable characteristics of national strategies” such as performance measures that was missing in President Trump’s 2018 cybersecurity strategy.

    “We stressed that moving forward, the incoming administration needed to either update the existing strategy and plan or develop a new comprehensive strategy that addresses those characteristics,” the report noted. 

    The GAO noted that only about 145 of its 335 recommendations have been put in place. The agency recommended such actions establishing the national cyber director and the General Service Administration updating their security plans.

    The Cybersecurity and Infrastructure Security Agency released a report on 2022 year in review. Health IT Security examines the CISA report from the standpoint of the healthcare sector.

    The FEHBlog noticed that two Federal Acquisition Regulation proposed rules that he has been tracking are now pending review at OMB’s Office of Information and Regulatory Affairs.

    DOD/GSA/NASA (FAR)

    AGENCY: FAR RIN: 9000-AO34 Status: Pending Review
    TITLE: Federal Acquisition Regulation (FAR); FAR Case 2021-017, Cyber Threat and Incident Reporting and Information Sharing
    STAGE: Proposed Rule ECONOMICALLY SIGNIFICANT: Yes
    RECEIVED DATE: 12/19/2022 LEGAL DEADLINE: None

    AGENCY: FAR RIN: 9000-AO35 Status: Pending Review
    TITLE: Federal Acquisition Regulation (FAR); FAR Case 2021-019, Standardizing Cybersecurity Requirements for Unclassified Information Systems
    STAGE: Proposed Rule ECONOMICALLY SIGNIFICANT: No
    RECEIVED DATE: 12/19/2022 LEGAL DEADLINE: None

    Should these regulations clear OIRA review, then the next step will be published in the Federal Register.

    From the cyberbreach front,

    Cybersecurity Dive reports

    T-Mobile on Thursday said a threat actor accessed personal data on about 37 million current customers in an intrusion that went undetected since late November.

    The wireless network operator identified the malicious activity on Jan. 5 and during a subsequent investigation determined the unauthorized access began on or around Nov. 25, the company said in a filing with the Securities and Exchange Commission.

    T-Mobile said it was able to trace the source of the malicious activity to an application programming interface and stop it with the help of cybersecurity consultants. 

    This incident marks the eighth publicly acknowledged data breach at T-Mobile since 2018, including a massive data breach in August 2021 that exposed personal data of at least 76.6 million people.

    The investigation is ongoing, but T-Mobile said there is no evidence its systems or network were breached during the incident.

    From the cyber vulnerabilities front —

    Cybersecurity Dive reports

    • Potential cyber incidents and business interruption remained the two leading worldwide corporate risk concerns for the second year in a row, according to a report published Tuesday by Allianz Group’s corporate insurance unit, Allianz Global Corporate & Specialty. 
    • Both cyber and business interruptions were the top concerns among 34% of respondents in the annual Allianz Risk Barometer. The study measured the responses of 2,712 risk management experts in 94 countries and territories, including CEOs, risk managers, brokers and other insurance experts. 
    • Respondents were concerned about a range of potential incidents, from ransomware to data breaches and IT outages. The report noted ransomware remains a frequent threat and cited IBM data showing the average cost of a data breach hit a record of $4.35 million, with the cost expected to surpass $5 million this year.

    Health IT Security tells us

    Cloud security concerns settled into the number five spot on ECRI’s list of “Top 10 Health Technology Hazards for 2023,” a report that the organization has released annually for the past 16 years. ECRI is a nonprofit organization that focuses on healthcare technology and safety.

    The organization’s annual health tech hazards list is compiled by a team of clinicians, healthcare management experts, and biomedical engineers. Last year, ECRI identified cyberattacks as the number one health tech hazard.

    CISA added one more known exploited vulnerability to its catalog.

    The Healthcare Sector Cybersecurity Coordination Center issues three reports this week:

    • Healthcare Cybersecurity Bulletin for Q4 2022 “Ransomware attacks, data breaches, and often both together, continued to be prevalent attacks against the health sector,” the bulletin notes. “Ransomware operators continued to evolve their techniques and weapons for increasing extortion pressure and maximizing their payday. Vulnerabilities in software and hardware platforms, some ubiquitous and some specific to healthcare, continued to keep the attack surface of healthcare organizations wide open. Managed service provider compromise continued to be a significant threat to the health sector, as did supply chain compromise.”
    • December Vulnerabilities of Interest to the Health Sector “In December 2022, vulnerabilities to the health sector have been released that require attention. This includes the monthly Patch Tuesday vulnerabilities released by several vendors on the second Tuesday of each month, along with mitigation steps and patches. Vulnerabilities for this month are from Microsoft, Google/Android, Apple, Intel, Cisco, SAP, Citrix, VMWare, and Fortinet.”
    • Artificial Intelligence and Its Current Potential to Aid in Malware Development Artificial intelligence (AI) has now evolved to a point where it can be effectively used by threat actors to develop malware and phishing lures. While the use of AI is still very limited and requires a sophisticated
      user to make it effective, once this technology becomes more user-friendly, there will be a major paradigm shift in the development of malware. One of the key factors making AI particularly dangerous for the healthcare sector is the ability of a threat actor to use AI to easily and quickly customize attacks against the healthcare sector.

    In this regard CSO offers a feature on how ChatGPT changes the phishing game. “The Microsoft-backed free chatbot is improving fast and can not only write emails, essays but can also code. ChatGPT is also polyglot and that could facilitate and increase exponentially phishing attacks.” Wonderful.

    From the ransomware front —

    • An ISACA expert explains why ransomware looms large on the third party risk landscape. “As adoption of cloud datacenters and software as a service grows, so does reliance on complex and global supply chains that introduce a multitude of potential vulnerabilities that can be exploited by cybercriminals. In this blog post, we will explore some key strategies for identifying and mitigating supply chain risks, with a special emphasis on ransomware risks in the supply chain.”
    • In Cybersecurity Dive, a ransomware negotiator shares three tips for victim organizations.
    • Dark Reading adds “in another sign that the tide may be finally turning against ransomware actors, ransom payments declined substantially in 2022 as more victims refused to pay their attackers — for a variety of reasons.”

    From the cyber defenses front, Tech Republic explains that while the cybersecurity implications of ChatGPT are vast, especially for email exploits, putting up guardrails, flagging elements of phishing emails that it doesn’t touch and using it to train itself could help boost defense. Ah, a double edged sword.

    Friday Factoids

    David ErmerCDC, COVID treatment, COVID-19, Mental health care, Patient safety, U.S. Healthcare
    Photo by Sincerely Media on Unsplash

    Becker’s Hospital Review reports

    The weekly rate of emergency department visits and hospitalizations for flu, COVID-19 and respiratory syncytial virus peaked in early December, new CDC data shows. 

    The CDC unveiled two data dashboards Jan. 17 that track emergency department visits and hospitalizations for COVID-19, flu and RSV. 

    ED visits for flu, RSV and COVID-19 peaked the week ending Dec. 3, hitting a weekly total of 235,850 before falling through December and the first half of January. The nation’s current weekly total was 72,119 as of Jan. 14, according to the ED dashboard. The dashboard uses information from the CDC’s National Syndromic Surveillance Program, which receives data from 73 percent of the nation’s EDs. 

    The combined hospitalization rate for flu, RSV and COVID-19 peaked at 22.5 admissions per 100,000 in the week ending Dec. 3. This figure now sits at 9.4 per 100,000 for the week ending Jan. 7, though the CDC said reporting delays may affect the most recent week’s data.

    RSV hospitalizations peaked in mid-November, while flu hospitalizations peaked in early December, CDC data shows. COVID-19 admissions also appear to be leveling off nationwide, even as the highly transmissible omicron subvariant XBB.1.5 gains prevalence. This trend suggests the U.S. will see more of a COVID-19 “bump” this winter versus a full-fledged surge, experts told The New York Times.

    The CDC’s weekly interpretative review of its Covid stats focuses on these new dashboards this week. The agency’s weekly Fluview report informs us “Seasonal influenza activity continues to decline across the country.”

    The Wall Street Journal adds

    Three years after health authorities announced the first known Covid-19 case in the U.S., the virus behind the disease remains persistent but thus far hasn’t triggered the severity of the waves seen in prior winters.

    A recent climb in hospitalizations and Covid-19 wastewater readings—two key metrics for spotting trends—appears to have stalled following the quick rise of the Omicron XBB.1.5 subvariant. The U.S. was gripped in significantly more deadly waves at this point in the last two winters, though currently there are still hundreds of deaths reported each day. * * *

    At least for now, it appears unlikely new variants are going to cause as substantial illnesses and deaths as the virus did early on and in the prior winter waves, said Jay Varma, a physician and epidemiologist who directs Weill Cornell Medicine’s Center for Pandemic Prevention and Response in New York City. He cautioned that more severe mutations could still emerge. “We seem to have settled into somewhat of a detente with the virus,” he said.

    Although the FEHBlog will continue to track Omicron and siblings developments, he has decided to replace Friday Stats and More with Friday Factoids.

    Medscape tells us

    Public health officials have said for some time that use of Paxlovid, approved under an FDA emergency use authorization (EUA) in December 2021, remains far below the proportion of Americans who could potentially benefit from the therapy.

    What’s driving the lackluster uptake remains unknown, so Medscape Medical News took a deeper dive into the challenges surrounding Paxlovid prescribing.

    Older Americans remain one of the groups at highest risk for COVID-19 adverse outcomes, including hospitalization and severe illness. However, the survey found that providers also remain reluctant to prescribe Paxlovid in this population for multiple reasons. * * *

    The survey found that almost half of patients were on a medication that is contraindicated with Paxlovid and that could not be discontinued (44%). Another finding was that almost the same proportion were on a medication that is contraindicated with Paxlovid, but the risk of discontinuing that medication was too high (41%). Also, the researchers found some patients were on a medication that could interact with Paxlovid, but it was unclear how to manage the interaction (29%).

    [Medscape medical editor in chief Dr. Eric Topol said that doctors, in some cases, may be overly concerned about the drug interactions. “There’s a straightforward workaround strategy for nearly all the drug interactions — most commonly statins — which can easily be stopped for 5 days,” he said.

    Another concern preventing Paxlovid prescription is renal impairment, the survey reveals. More than one third of respondents, 37%, said they did not prescribe the protease inhibitor combination because of concerns over this condition, which can lower how efficiently medications are cleared by the body.

    That’s a helpful study.

    In other survey news, MedPage Today informs us

    Fewer emergency department (ED) visits end with a prescription for opioids, CDC survey data showed.

    The percentage of ED visits with an opioid prescribed at discharge fell from 12.2% in 2017-2018 to 8.1% in 2019-2020, reported Loredana Santo, MD, MPH, and Susan Schappert, MA, of the National Center for Health Statistics in Hyattsville, Maryland, in NCHS Data Briefopens in a new tab or window.

    The rate of prescribing at discharge also dropped: in 2019-2020, opioids were prescribed at 36.4 ED visits per 1,000 adults, lower than 50.5 per 1,000 in 2017-2018. The decline was similar for both men and women.

    In U.S. healthcare business news —

    • Cigna points out the value of integrated health plans a/k/a health plans without carveouts.

    A study released today by Cigna (NYSE: CI), a global health service company, finds that triple integration of medical, pharmacy and behavioral benefits resulted in lower health care costs for employers. Conducted by Aon plcThis link will open in a new tab., a leading global professional services firm, the Value of Integration StudyThis link will open in a new tab. [PDF] shows that Cigna’s integrated employer clients saved $148 per member per year in 2021. 

    Using a similar study method, Cigna then evaluated the financial impact of engaging employees to participate in health improvement programs, such as wellness coaching. The results show even greater client savings for Cigna integrated employer clients, exceeding $1,400 per member per year.

    In addition, Cigna found that when individuals with specific high-cost conditions and therapies were enrolled in a triple-integrated health plan and needed specialty medicines, the savings for the health plan were:

    • Nearly $9,000 per member per year, increasing to more than $11,000 per member when the specialty drug is for an inflammatory condition like rheumatoid arthritis; and
    • Almost $17,500 per year for members who took specialty drugs and have a confirmed depression diagnosis.
    • Medpage Today reports, “Switching to [employer-sponsored] high-deductible health plans (HDHPs) spelled trouble when it came to diabetes complications, a retrospective cohort study found.” The report studies health savings account (HSA) – eligible HDHPs versus traditional low-deductible plans. The FEHBlog doesn’t understand why the HSAs don’t balance out the two types of coverage. The article doesn’t compute.
    • STAT News relates, “More than a dozen of the country’s large not-for-profit hospital systems descended on this year’s J.P. Morgan Healthcare Conference with a subtle but clear message for bankers and municipal investors: Higher costs in 2022 slowed them down, but they are adamant about increasing revenue by expanding their footprints and hiking prices.” Charming.
    • Fierce Healthcare calls our attention to

    A new behavioral health solution launched this week aims to make it easier for insurers to connect members with tools that may benefit their mental health care.

    Lucet represents the combination of New Directions Behavioral Health and Tridiuum and is a spinout from the Blues network, where its core product cut its teeth. Lucet’s Navigate & Connect platform harnesses a large team of care navigators with an advanced technology stack that allows insurers to better optimize care and access for members.

    Shana Hoffman, president and CEO of Lucet, told Fierce Healthcare that the platform enables faster connections to appointments and helps cut through the noise on which solutions a plan may want to bring into the fold.

    “What we’re bringing to the market is really an operating system platform for health plans that allows them to reliably connect members to care,” Hoffman said.

    • Health Affairs Forefront analyzes “The Fair Price For One-Time Treatments; How Can We Overcome Existing Market Price Distortions?” Check it out.