FEHBlog

Cybersecurity Saturday

David ErmerCybersecurity, Generative AI

From the cybersecurity policy and law enforcement front,

  • Security Week tells us,
    • “Members of the Senate Homeland Security and Governmental Affairs Committee voted 9-6 [on July 31, 2025] to recommend Sean Plankey ’s nomination for director of the Cybersecurity and Infrastructure Security Agency, known as CISA, which sits under the Department of Homeland Security.”
  • Federal News Network informs us that a “new CISA guide helps agencies with next steps on zero trust.”
  • The American Hospital Association News points out,
    • “The FBI, Cybersecurity and Infrastructure Security Agency and international agencies July 29 released a joint advisory on recent tactics by the Scattered Spider cybercriminal group. The group, observed by federal agencies since November 2023, has members based in the U.S. and U.K. The group has targeted large companies and their IT help desks. Scattered Spider threat actors typically engage in data theft for extortion and also use ransomware variants once in a system to steal information, along with other tactics.  
    • “Scattered Spider often employs tactics like phishing, push bombing and subscriber identity module swap attacks to get credentials, bypass multifactor authentication and gain access to networks,” said Scott Gee, AHA deputy national advisor of cybersecurity and risk. “They have also impersonated company help desks to trick users into divulging credentials. These tactics serve as a reminder of the importance of training to recognize and stop these social engineering attacks. The fact that they are native English speakers can make their social engineering attacks more effective. There have been several arrests of group members recently, but their attacks persist, and their tactics are evolving to evade detection. They are currently targeting Snowflake data storage solutions and stealing customer information.”  
  • Cyberscoop reports,
    • “Federal analysts are still sizing up what the Chinese hackers known as Volt Typhoon, who penetrated U.S. critical infrastructure to maintain access within those networks, might have intended by setting up shop there, a Cybersecurity and Infrastructure Security Agency official said Thursday.
    • “We still don’t actually know what the result of that is going to be,” said Steve Casapulla, acting chief strategy officer at CISA. “They are in those systems. They are in those systems on the island of Guam, as has been talked about publicly. So what [are] the resulting impacts going to be from a threat perspective? That’s the stuff we’re looking really hard at.”
    • “Casapulla made his remarks at a Washington, D.C. event hosted by Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security.”
    • FEHBlog observation: Ruh roh! 
  • Per Cybersecurity Dive,
    • “The Department of Justice on Thursday announced a $9.8 million settlement with Illumina over allegations that the company sold genomic-sequencing systems with software vulnerabilities to federal agencies for multiple years.
    • “Between 2016 and 2023, the government said, the company sold the systems without having an adequate security program and knowingly failed to incorporate cybersecurity into its product design process.
    • “According to prosecutors’ complaint, Illumina is the dominant company in the global market, with a share of roughly 80%.
    • “Companies that sell products to the federal government will be held accountable for failing to adhere to cybersecurity standards and protecting against cybersecurity risks,” Assistant Attorney General Brett Shumate of the DOJ’s Civil Division said in a statement.”

From the cybersecurity vulnerabilities and breaches front,

  • Cyberscoop reports,
    • “Social engineering — an expanding variety of methods that attackers use to trick professionals to gain access to their organizations’ core data and systems — is now the top intrusion point globally, attracting an array of financially motivated and nation-state backed threat groups. 
    • “More than one-third (36%) of the incident response cases Palo Alto Networks’ Unit 42 worked on during the past year began with a social engineering tactic, the company said this week in its global incident response report
    • “Threat groups of assorted motivations and origins are fueling the rise of social engineering. Cybercrime collectives such as Scattered Spider and nation-state operatives, including North Korean technical specialists that have infiltrated the employee ranks at top global companies, have adopted social engineering as the primary hook into IT infrastructure and sensitive data.” 
  • and
    • “The average cost of a data breach for U.S. companies jumped 9% to an all-time high of $10.22 million in 2025, as the global average cost fell 9% to $4.44 million, IBM said in its 20th annual Cost of a Data Breach Report Wednesday [July 30].
    • While shorter investigations are pushing down costs globally, reflecting the first decline in five years, IBM found higher regulatory fines, along with detection and escalation costs, are driving up the ultimate recovery price in the United States. 
    • “This widening gap helps explain why U.S. organizations continue to face the highest breach costs globally, further compounded by more organizations in the U.S. reporting paying steeper regulatory fines,” Troy Bettencourt, global partner and head of IBM X-Force, said in an email.
    • “The report underscores that organizations face an uneven burden in the wake of data breaches, even as detection and containment times improve. On average, it took organizations 241 days to identify and contain a breach through the one-year period ending in February — a nine-year low, according to IBM.”
  • Cybersecurity Dive adds,
    • “A coalition of information-sharing groups urged their members on Wednesday [July 30] to take additional steps to mitigate potential attacks by the cybercrime gang Scattered Spider, which has spent recent months attacking the insurance, retail and airline industries. 
    • “Threat actors such as Scattered Spider are constantly innovating, so organizations must be diligent in continually monitoring their processes and identities to look for new exploits,” the group of information sharing and analysis centers (ISACs) — representing the financial services, food and agriculture, information technology, healthcare, aviation, automotive, retail, maritime and electricity sectors — said in a joint advisory.
    • Their warning came one day after the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) warned that Scattered Spider had developed an evolving set of tactics to conduct social-engineering attacks on its targets.
    • The ISACs said they expect the group to continue to find new ways to evade existing security measures.
  • Bleeping Computer points out,
    • “Researchers have found that in roughly 80% of cases, spikes in malicious activity like network reconnaissance, targeted scanning, and brute-forcing attempts targeting edge networking devices are a precursor to the disclosure of new security vulnerabilities (CVEs) within six weeks.
    • “This has been discovered by threat monitoring firm GreyNoise, which reports these occurrences are not random, but are rather characterized by repeatable and statistically significant patterns.
    • “GreyNoise bases this on data from its ‘Global Observation Grid’ (GOG) collected since September 2024, applying objective statistical thresholds to avoid results-skewing cherry-picking.
    • “After removing noisy, ambiguous, and low-quality data, the firm ended up with 216 events that qualified as spike events, tied to eight enterprise edge vendors.
    • “Across all 216 spike events we studied, 50 percent were followed by a new CVE within three weeks, and 80 percent within six weeks,” explain the researchers.”
  • CISA added three known exploited vulnerabilities to its catalog this week.

From the ransomware front,

  • HIPAA Journal tells us,
    • “A new report from the cybersecurity firm Semperis suggests ransomware attacks have decreased year-over-year, albeit only slightly. The ransomware risk report indicates healthcare is still a major target for ransomware gangs, with 77% of healthcare organizations targeted with ransomware in the past 12 months. 53% of those attacks were successful.
    • “The report is based on a Censuswide survey of 1,500 IT and security professionals across multiple sectors. While attacks are down slightly, 60% of attacked healthcare organizations report suffering multiple attacks. In 30% of cases, they were attacked more than once in the same month, 35% were attacked in the same week, 14% were attacked multiple times on the same day, and 12% faced simultaneous attacks.
    • “A general trend in recent years, as reported by several firms, is fewer victims of ransomware attacks paying ransoms, although across all industry sectors in the U.S., 81% attacked companies paid the ransom, an increase from last year. Ransom payment was far less common in healthcare. According to Semperis, 53% of healthcare victims paid a ransom to either prevent the publication of stolen data, obtain decryption keys, or both. The ransom paid was less than $500,000 for 55% of companies, 39% paid between $500,000 and $1 million, and 5% paid more than $1 million.”
  • Cybersecurity Dive adds,
    • “Manufacturing, information technology and healthcare are top targets of cybercriminals, but ransomware attacks on the oil and gas industry increased dramatically between April 2024 and April 2025, spiking 935%, according to a new report from cybersecurity firm Zscaler.
    • “Oil and gas companies may be facing more attacks because their industrial control systems are increasingly automated and digitized, “expanding the sector’s attack surface,” Zscaler said.
    • “Half of all ransomware attacks listed on leak sites during the April-to-April survey period targeted the United States, and attacks on U.S. targets more than doubled, to 3,671, a figure that exceeds the combined number of ransomware events on the 14 other countries in the top 15 list.”
  • Cybersecurity Dive further reports,
    • “A recent wave of ransomware attacks targeting SonicWall firewall devices may be related to a zero-day vulnerability in the products, according to researchers.
    • “Anomalous firewall activity that began on July 15 and involved VPN access through SonicWall SSL VPNs morphed into intrusions the following week, researchers at Arctic Wolf said.
    • “This appears to be affecting SonicOS devices from what we’ve seen so far,” Stefan Hostetler, lead threat intelligence researcher at Arctic Wolf, told Cybersecurity Dive. “Our investigation is still preliminary, so I’m not able to offer much more detail yet.”
    • “Hackers deployed the Akira ransomware variant in hands-on-keyboard attacks after compromising SonicWall SSL VPNs, according to the researchers.”
  • and
    • “Researchers from Palo Alto Networks say they are investigating a ransomware attack related to the recently disclosed ToolShell vulnerabilities in Microsoft SharePoint
    • “The hackers left the victim a ransom note on Sunday [July 27] claiming they had encrypted files using the 4L4MD4R ransomware. The note warned that any attempt to decrypt the files would result in their deletion.
    • The hackers used PowerShell commands to disable real-time monitoring in Windows Defender, according to Palo Alto Networks researchers. The intruders also bypassed certificate validation.
    • Researchers from Palo Alto Networks say they are investigating a ransomware attack related to the recently disclosed ToolShell vulnerabilities in Microsoft SharePoint
    • The hackers left the victim a ransom note on Sunday claiming they had encrypted files using the 4L4MD4R ransomware. The note warned that any attempt to decrypt the files would result in their deletion.
    • The hackers used PowerShell commands to disable real-time monitoring in Windows Defender, according to Palo Alto Networks researchers. The intruders also bypassed certificate validation.
  • and
    • “Several major ransomware-as-a-service groups have stopped posting victims to popular leak sites, suggesting that the ecosystem is more dispersed than it used to be, according to a new report from Check Point Software Technologies.
    • “At the same time, many smaller groups that used to affiliate with larger players “are operating independently or seeking new partnerships,” Check Point said in its Thursday report.
    • “Established players are actively competing to recruit these ‘orphaned’ affiliates,” according to the report, which cited competition between prominent groups Qilin and DragonForce for affiliates of the now-defunct RansomHub.”
  • Per Bleeping Computer,
    • “A wave of data breaches impacting companies like Qantas, Allianz Life, LVMH, and Adidas has been linked to the ShinyHunters extortion group, which has been using voice phishing attacks to steal data from Salesforce CRM instances.
    • “In June, Google’s Threat Intelligence Group (GTIG) warned that threat actors tracked as UNC6040 were targeting Salesforce customers in social engineering attacks.
    • “In these attacks, the threat actors impersonated IT support staff in phone calls to targeted employees, attempting to persuade them into visiting Salesforce’s connected app setup page. On this page, they were told to enter a “connection code”, which linked a malicious version of Salesforce’s Data Loader OAuth app to the target’s Salesforce environment.”
  • SC Media tells us,
    • “Epsilon Red ransomware is being spread via a unique ClickFix lure that convinces victims to download and execute HTML Application files.
    • “The campaign impersonates widely used online services such as Twitch, Kick, Rumble, OnlyFans and the popular Discord Captcha Bot, CloudSEK reported recently.
    • “Like other sites using the ClickFix social-engineering method, these impersonation sites display a fake CAPTCHA prompt, but rather than having the victim copy and paste malicious commands, this version directs them to go to a different page to complete “extra verification steps.”
    • “These extra steps include pressing CTRL + S to save a file, renaming the file to verify.hta, opening the file with Microsoft HTML Application Host (mshta.exe), clicking “YES” if a popup appears and then entering a decoy “verification code” on the original CAPTCHA page. This last step is designed to trick the user into believing they have completed a legitimate verification process.”
  • Per InfoSecurity Magazine,
    • “A new ransomware operator called Chaos has launched a wave of intrusions impacting a wide range of sectors, Cisco Talos has reported.
    • “Victims have been predominantly based in the US, with some in the UK, New Zealand India, according to the actor’s data leak site.
    • “Targeting appears to be opportunistic and does not focus on any specific verticals. However, Chaos is focused on “big-game hunting” and uses double-extortion tactics.
    • “In one incident observed by Cisco, the group adopted a novel negotiation strategy, offering an extra ‘reward’ for making payment to the attackers, or additional ‘punishment’ for resisting demands, including the threat of a distributed denial-of-service (DDoS) attack.
    • “The Chaos ransomware actor is a recent and concerning addition to the evolving threat landscape, having shown minimal historical activity before the current wave of intrusions,” the researchers wrote in a blog dated July 24.”
  • Per Trend,
    • “Gunra ransomware’s Linux variant broadens the group’s attack surface, showing the new group’s intent to expand beyond its original scope. 
    • “The Linux variant shows notable features including running up to 100 encryption threads in parallel and supporting partial encryption. It also allows attackers to control how much of each file gets encrypted and allows for the option to keep RSA-encrypted keys in separate keystore files.
    • “Since its first observed activity in April 2025, Gunra ransomware has victimized enterprises from Brazil, Japan, Canada, Turkiye, South Korea, Taiwan, and the United States. Its victims include organizations from the manufacturing, healthcare, IT and agriculture sectors, as well as companies in law and consulting.” 

From the cybersecurity business and defenses front,

  • Cyberscoop reports,
    • “Palo Alto Networks has agreed to acquire identity security firm CyberArk for approximately $25 billion, marking the cybersecurity giant’s largest acquisition and its formal entry into the identity security market as the industry continues consolidating amid rising cyber threats.
    • “The transaction ranks among the largest technology acquisitions this year and underscores the market’s focus on identity security in an era of increasing artificial intelligence adoption.
    • “CyberArk, founded over two decades ago, specializes in privileged access management technology that helps organizations control and monitor access to critical systems and accounts. The company’s customers include major corporations such as Carnival Corp., Panasonic, and Aflac. Its technology addresses what security experts consider one of the most vulnerable aspects of enterprise security: managing privileged credentials for both human users and machine identities.
    • “The acquisition comes as cybersecurity companies face pressure to offer comprehensive solutions rather than point products, with customers seeking to streamline their vendor relationships following high-profile breaches. Recent cyberattacks, including Microsoft’s SharePoint vulnerabilities that affected over 100 organizations including U.S. government agencies, have heightened focus on identity protection and privileged access management.”
  • ISACA discusses “Defending Against Human-Operated Ransomware Attacks.”
  • Per a CISA news release,
    • “Today, the Cybersecurity and Infrastructure Security Agency (CISA) released an Eviction Strategies Tool, a no-cost resource designed to support cyber defenders in their efforts to respond to cyber incidents. CISA contracted with MITRE to develop this tool that enables cyber defenders to create tailored response plans and adversary eviction strategies within minutes. They will also be able to develop customized playbooks aimed at containing and evicting adversaries from compromised systems and networks.
    • “The tool includes COUN7ER, a database of atomic post-compromise countermeasures mapped to adversary tactics, techniques, and procedures (TTPs), and Cyber Eviction Strategies Playbook NextGen, a web-based application that matches incident findings with countermeasures obtained from COUN7ER. Together, these resources help defenders build systematic eviction plans with distinct countermeasures to thwart and evict unique intrusions.”
  • Dark Reading adds,
    • “The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Department of Energy’s Sandia National Laboratories, has released Thorium, an automated malware and forensic analysis platform, to help enterprise defenders quickly assess malware threats.” * * *
    • “Thorium is available from CISA’s official GitHub repository. Organizations interested in using it will need a deployed Kubernetes cluster, block store, and object store. A successful deployment requires familiarity with Docker containers and compute cluster management.
    • “By making this platform publicly available, we empower the broader cybersecurity community to use advanced tools for malware and forensic analysis,” said Jermaine Roebuck, CISA’s associate director for threat hunting, in a statement. “Scalable analysis of binaries and digital artifacts strengthens our ability to identify and fix vulnerabilities in software.”
  • Dark Reading offers Black Hat News. The Black Hat conference starts today in Las Vegas.

Friday report

David ErmerCDC, CMS, Congress, COVID-19, FDA, Medical / Rx research, Medicare, NCQA, OPM, U.S. Healthcare
  • OPM Director Scott Kupor explains “What They Got Wrong About the Deferred Resignation Program.”
    • “We designed the DRP as a practical, humane, and voluntary option to accelerate workforce transitions in a system that desperately needed movement. Employees were given the option to retire early and receive eight months of paid leave; in return, the government will save $20+ billion in costs, annually.
    • “By the way, the DRP isn’t unusual. It mirrors what employers in the private sector across the country do every day, offer certainty and clarity to employees while restructuring in a responsible, mission-first way. What’s “unusual” is pretending government is exempt from the same pressures every other organization faces in a rapidly changing world and not understanding the simple difference between one-time severance costs and ongoing annual cost savings.”
  • The Plan Sponsor Council of America lets us know,
    • “The Senate Committee on Health, Education, Labor and Pensions (HELP) held a hearing on Thursday to discuss lowering health care prices. The hearing was entitled “Making Healthcare Affordable: Solutions to Lower Costs and Empower Patients.”
    • “Testifying witnesses and Senators agreed universally that price transparency is an important area of reform. “We all agree that price transparency is important,” noted Sen. Bill Cassidy (R-La.) the Chair of the Committee.
    • “[Sen.] Cassidy highlighted one proposed bill, the Patients Deserve Price Tags Act.”
  • Healthcare Dive informs us,
    • Regulators finalized an interoperability and technology rule on Thursday that aims to lessen administrative burden on providers, including through updates to prior authorization processes.
    • The Assistant Secretary for Technology Policy/Office of the National Coordinator for Health Information Technology’s HTI-4 rule lays out new and updated health IT certification criteria for electronic prior authorization, electronic prescribing and real-time prescription benefit checks. 
    • The regulation should help clinicians spend less time on paperwork, the ASTP said. “We believe that this work will help patients and providers determine patient benefits at the point of care,” Dr. Thomas Keane, assistant secretary for technology policy and national coordinator for health IT, said during a press briefing Friday.
  • Beckers Health IT tells us,
    • “Several health systems are voicing support for a new federal initiative to improve data exchange and expand access to digital health tools, following a July 30 White House summit that formalized a public-private partnership aimed at building a more connected health ecosystem.
    • “The Centers for Medicare & Medicaid Services, alongside the Department of Health and Human Services, convened more than 60 organizations — including EHR vendors, technology firms and provider networks — to sign onto the CMS Interoperability Framework. Eleven health systems, including Cincinnati-based Bon Secours Mercy Health, Renton, Wash.-based Providence, Cleveland Clinic, Salt Lake City-based Intermountain Health, Sioux Falls, S.D.-based Sanford Health and Atlantic City, N.J.-based AtlantiCare, committed to promoting adoption of digital tools among their patients.” * * *
    • “CMS said it plans to roll out the first phase of its interoperability framework — allowing patients to access claims data from participating provider networks — in early 2026. Future components include AI-powered care navigation tools, upgrades to Medicare Plan Finder and a digital health app library.”
  • The American Hospital News reports,
    • “The Trump administration July 31 announced modified reciprocal tariffs for several nations that would begin Aug. 7, updating those previously announced in April. Countries not listed in yesterday’s announcement will be charged a 10% baseline tariff. The executive order notes that the administration could modify tariff rates further in the future, depending on whether trade agreements are reached or if the administration determines the circumstances warrant it. 
    • “In a separate announcement, the administration raised tariffs on goods from Canada to 35%, effective Aug. 1. The tariff would not apply to Canadian goods that qualify for duty-free exemptions under the trade agreement between the U.S., Mexico and Canada.”
  • and
    • The Centers for Medicare & Medicaid Services Aug. 1 released the fiscal year 2026 final rule for inpatient rehabilitation facilities. The rule will increase payments by 2.6% overall, which includes a 3.3% market basket update reduced by a 0.7 percentage point productivity adjustment. CMS also finalized a decrease in the outlier threshold, from $12,043 to $10,062. For the IRF Quality Reporting Program, CMS finalized removal of four patient assessment data elements and removed the COVID-19 vaccination measures for both patients and health care personnel. Payment changes are effective Oct. 1, 2025.
  • and
    • “The Centers for Medicare & Medicaid Services Aug. 1 issued a final rule for the inpatient psychiatric facility prospective payment system for fiscal year 2026. CMS will increase IPF payments by a net 2.4%, or $70 million, in FY 2026 compared to FY 2025. The payment update reflects a market-basket update of 3.2% minus a productivity adjustment of 0.7 percentage points, as well as an additional cut of 0.1% due to the updated outlier threshold. In addition, the agency will increase the adjustment factors for IPFs with teaching status and in rural locations and recognize increases to IPF teaching caps as required by law. For the IPF Quality Reporting Program, CMS will remove three measures related to health equity and one on COVID-19 staff vaccination and revise the reporting period for its emergency department visit following IPF discharge measure.”
  • Per an HHS news release,
    • “Health and Human Services Secretary Robert F. Kennedy, Jr. today announced additional repeals of federal policy that financially rewarded hospitals for reporting staff vaccination rates – an incentive that was coercive and denied informed consent.
    • “Medical decisions should be made based on one thing: the wellbeing of the person – never on a financial bonus or a government mandate.” said Secretary Kennedy. “Doctors deserve the freedom to use their training, follow the science, and speak the truth-without fear of punishment.”
    • “The policy, established under the Biden administration’s Centers for Medicare & Medicaid Services (CMS) inpatient payment rule, tied hospital reimbursement to staff vaccination reporting. The data was published on CDC’s National Healthcare Safety Network as a tool for public shaming, not public health.”
  • The Washington Post reports,
    • “Some obese Americans on Medicare and Medicaid could get access to expensive weight loss drugs under a five-year experiment being planned by the Trump administration.
    • “Under the proposed plan, state Medicaid programs and Medicare Part D insurance plans would be able to voluntarily choose to cover Ozempic, Wegovy, Mounjaro and Zepbound for patients for “weight management” purposes, according to Centers for Medicare and Medicaid Services documents obtained by The Washington Post. * * *
    • “The experiment is expected to start in April 2026 for Medicaid and January 2027 for Medicare plans, according to the documents. It will be conducted through a testing lab called the Center for Medicare and Medicaid Innovation (CMMI), which tries new ways of paying for health care with the goal of lowering costs and improving care.”
    • The pilot should shift some costs from the FEHB Program to Medicare.
  • NCQA today revealed its HEDIS changes for Measurement Year 2026.

From the Food and Drug Administration,

  • MedTech Dive tells us,
    • “The Food and Drug Administration has cleared Cardiosense’s CardioTag wearable heart monitor, the company said Wednesday.
    • “CardioTag captures electrocardiogram, photoplethysmogram and seismocardiogram signals, plus heart and pulse rate, to enable physicians to noninvasively monitor a patient’s cardiac function.
    • “Cardiosense is planning to combine the data with AI models for cardiovascular parameters. The company has published a paper on a pulmonary capillary wedge pressure algorithm.”

From the judicial front,

  • Bloomberg Law reports,
    • “Trump administration restrictions on transgender care for minors have drawn a new legal challenge from a coalition of states.
    • “The lawsuit, filed Friday in the US District Court for the District of Massachusetts, argues that what it calls President Donald Trump’s “Denial of Care” executive order and subsequent implementation actions are trying to block the provision of health care for transgender youth to minors without any basis in federal law. 
    • “No federal law prohibits, much less criminalizes, the provision or receipt of gender-affirming care for transgender adolescents,” the lawsuit said.
    • Michigan, Massachusetts, Nevada, New Jersey, and New Mexico are among the states listed on the lawsuit. Also among the plaintiffs is Pennsylvania Gov. Josh Shapiro, a Democrat whose attorney general is a Republican.
    • The case is Mass. v. Trump, D. Mass., No. 1:25-cv-12162, 8/1/2025.

From the public health and medical research front,

  • The Centers for Disease Control and Prevention announced today,
    • “COVID-19 activity is increasing in many Mid-Atlantic, Southeast, Southern, and West Coast states. Seasonal influenza activity is low, and RSV activity is very low.
    • “COVID-19
      • “COVID-19 laboratory percent positivity is increasing nationally. Emergency department visits for COVID-19 are increasing among all ages. COVID-19 wastewater activity levels and model-based epidemic trends (Rt) indicate that COVID-19 infections are growing or likely growing in most states.
    • “Influenza
    • “RSV
      • “RSV activity is very low.
  • The University of Minnesota’s CIDRAP adds,
    • COVID-19 activity is picking in the United States, according to the latest update from the Centers for Disease Control and Prevention (CDC). Although wastewater levels are low nationally, the CDC said cases are rising in many Mid-Atlantic, Southeastern, Southern, and West Coast states. According to the CDC COVID Data Tracker, test positivity for the week ending July 26 rose to 6.5%, up from 4.9% the previous week, while the rate of COVID-related emergency department visits for all ages climbed from 0.6% to o.7%. The percentage of US deaths from COVID rose from 0.3% to 0.4%. Seasonal flu and respiratory syncytial virus (RSV) activity remain low. The CDC also noted that respiratory infections caused by Mycoplasma pneumoniae remain elevated in some parts of the country.
  • and
    • “The 2024-25 COVID mRNA vaccines targeting JN.1 were highly effective in protecting against hospitalization and death for at least 4 months in a cohort of Danish citizens aged 65 and older by October 1, 2024. The new analysis estimating the vaccine efficacy (VE) of last season’s COVID vaccines was published earlier this week in The Lancet Infectious Diseases. 
    • “In total, 894,560 Danish residents were included in the study, with a median age of 76. By Jan 31, 2025, 820,229 (91.7%) of the participants had received a JN.1 vaccine. Among those without updated JN.1 vaccination (74,331), 278 COVID-19 hospitalizations and 84 deaths were observed during 25.6 million person-days. 
    • “In contrast 197 COVID-19 hospitalizations and 56 deaths in 62.9 million person-days were observed in residents who received Pfizer’s Comirnaty (among 728,868 recipients). And 10 COVID-19 hospitalizations and 1 death were observed during 9.2 million person-days in those vaccinated with Moderna’s Spikevax vaccine (91,461 recipients).”
  • Per Medscape,
    • “Does drinking alcohol increase the risk for pancreatic cancer? Researchers have long suspected it does, but the evidence has remained inconsistent.
    • “Now, a global study of more than two million people is firming up the case that a link exists.
    • “The study, which pooled data from 30 prospective cohorts, found that daily alcohol intake was associated with a “modest” increased risk for pancreatic cancer in both women and men, regardless of smoking status.”
  • Per Genetic Engineering & Biotechnology News,
    • “The Notch signaling pathway plays a pivotal role in determining cell fate, especially in the development and function of T cells. But mimicking this highly mechanical, contact-dependent pathway in the lab has been a formidable challenge—until now.
    • “A team of researchers at Boston Children’s Hospital and Harvard Medical School has developed a solution by designing a synthetic protein using AI-powered tools to activate Notch signaling. These soluble protein agonists can replicate Notch activation in suspension culture, opening the door to scalable, precision-controlled T-cell therapies.
    • “The study published in Cell, “Design of Soluble Notch Agonists that Drive T Cell Development and Boost Immunity” was led by George Daley, MD, PhD, Dean of Harvard Medical School and co-founder of the Stem Cell and Regenerative Biology Program at Boston Children’s Hospital. The researchers used AI-based computational design tools to build synthetic molecules with similar geometry and multivalency required for Notch activation.”

From the U.S. healthcare business front,

  • STAT News reports,
    • “If you’ve followed health insurance earnings over the past few weeks, you might be experiencing some whiplash. 
    • Four of the biggest players — top names like UnitedHealth Group and Elevance — lowered their profit expectations for the year, while two others — Humana and CVS Health — raised them. One, Cigna, reaffirmed its previous outlook. 
    • “It turns out, the returns health insurers saw in the first half of 2025 were largely determined by what they did in the previous two years. Some saw the writing on the wall early and shook off unprofitable plans in specific counties, emerging with more stable, albeit slimmer, profiles. Others weren’t as proactive, and they’re now paying the price. 
    • “It’s sort of like where you came from in ’24 matters,” said Brad Ellis, a senior director at Fitch Ratings who leads its health insurance sector. “None of the companies I would say are doing really well, but it’s just a matter of who is doing less bad.” 
    • “Another big factor at play is everything insurers do besides insurance. Most of them now have booming pharmacy benefit managers and care delivery segments that in some cases draw more revenue and are more profitable than their insurance businesses. 
    • “One thing that unites them all: They are footing bigger bills as people get more medical services than before, and those services get more expensive. It’s happening across Affordable Care Act plans, Medicaid, and Medicare Advantage, the private form of Medicare. Some of the higher expenses stem from higher prices from hospitals and providers’ ramped-up coding tactics.”
  • World at Work adds,
    • “Healthcare costs in 2026 are expected to continue to trend upward within employer-provided coverage plans, according to recent reports from consulting firms PwC and Mercer. And, as in years past, the primary employer challenge will be how to best mitigate those expected higher costs.
    • “For instance, PwC reported in a recent survey that the overall increase in the cost of healthcare, or the “medical cost trend,” may be around 8.5% or higher for 2026. Medical cost trend is a metric that shows how much a health plan’s medical claim costs would change if it kept its plan design the same. The projection is similar to what PwC analysts have seen for the U.S. group health market so far for 2025. 
    • “PwC also noted that one force that could increase employers’ health plan costs are looming federal spending cuts to Medicaid and Affordable Care Act (ACA) subsidies as a result of the recently signed H.R. 1 (also known as the “One Big Beautiful Bill Act”).
    • “In its survey, Mercer found that as health plan costs continue to increase, more employers intend to change or reduce their 2026 benefit offerings to control spending.
    • “For example, 51% of respondents said they’re “likely” or “very likely” to make plan changes that would shift more costs to employees, such as raising deductibles or out-of-pocket maximums. The percentage increased from 45% in 2024.”
  • Here is a link to Milliman’s July 2025 report titled Commercial health insurance: Detailed 2023 financial results and emerging 2024 and 2025 trends.
  • Healthcare Dive lets us know,
    • “UnitedHealth announced on Thursday it will replace its CFO, another significant executive change for the healthcare behemoth as it mounts a financial turnaround. 
    • “Wayne DeVeydt, most recently a managing director and operating partner at investment firm Bain Capital, will take up the CFO role on Sept. 2, according to a press release. 
    • “John Rex, the company’s CFO since 2016, will become a strategic advisor to CEO Stephen Hemsley, who returned to the top job in May after UnitedHealth’s previous CEO stepped down.”
  • Beckers Hospital Review points out the 20 highest, lowest paid physician specialties | 2025.
  • The Wall Street Journal reports,
    • “President Trump demanded pharmaceutical companies lower drug prices, aligning them with other advanced countries.
    • “Analysts believe the proposals’ impact may be limited, facing legal challenges and requiring Congressional approval.
    • “PhRMA opposed the plan, advocating for addressing healthcare middlemen and urging other countries to pay their fair share for drug innovation.”
  • Per BioPharma Dive,
    • “Biotechnology companies specializing in psychedelics research saw their share prices rise after rumors of a billion-dollar acquisition hinted that big pharma is now more open to betting on this area of drug development.
    • “Bloomberg News reported early Thursday that AbbVie is in talks to buy privately held Gilgamesh Pharmaceuticals. If agreed to, the deal would hand AbbVie a small slate of experimental therapies for depression, anxiety and mental health conditions. Gilgamesh’s most advanced drug, code-named GM-2505, works by latching onto a brain protein known to interact with psychedelics like LSD and psilocybin.” * * *
    • “Analysts note, too, the inroads psychedelics are making with drug regulators. Martin Makary, commissioner of the Food and Drug Administration, and Robert F. Kennedy Jr., head of the Department of Health and Human Services, both support speeding up the testing — and possible approval — of psychedelics. The FDA, under former president Joe Biden, also issued guidance in 2023 for psychedelic drug developers.”

Thursday report

David ErmerCDC, CMS, FDA, Medical / Rx research, Medicare, Rx coverage, U.S. Healthcare

From Washington, DC,

  • The Centers for Medicare and Medicaid Services finalized three payment rules on Thursday, all of which will take effect on October 1, 2025, according to the American Hospital Association News.
    • “The Centers for Medicare & Medicaid Services July 31 issued a final rule that would increase Medicare inpatient prospective payment system rates by a net 2.6% in fiscal year 2026, compared with FY 2025, for hospitals that are meaningful users of electronic health records and submit quality measure data.    
    • “This 2.6% payment update reflects a hospital market basket increase of 3.3% as well as a productivity cut of 0.7%. This update also reflects CMS’ proposal to rebase and revise the market basket to a 2023 base year. In addition, the rule includes a $2 billion increase in disproportionate share hospital payments and a $192 million increase in new medical technology payments. Overall, it would increase hospital payments by $5 billion in FY 2026 as compared to FY 2025. 
  • and
    • The Centers for Medicare & Medicaid Services today finalized a 3.0% payment update for long-term care hospitals for fiscal year 2026 relative to FY 2025. This includes a 3.4% market basket update, reduced by a 0.7 percentage point productivity adjustment. In addition, although CMS will increase the outlier threshold from $77,048 to $78,936, it says outlier payments will increase by 0.3%.  
  • and
    • “The Centers for Medicare & Medicaid Services today issued a final rule for the skilled nursing facility prospective payment system for fiscal year 2026. The rule will increase aggregate payments by 3.2%, which reflects a 3.3% market basket update, a 0.7 percentage point cut for productivity, and an increase of 0.6 percentage points for the market basket forecast error for FY 2024.”
  • STAT News reports,
    • “President Trump escalated his demands that pharma companies lower U.S. drug prices in line with what other countries pay, sending letters to 17 major drug companies Thursday that called on them to take actions by Sept. 29.
    • “He specifically asked the firms to: provide their full portfolio of drugs to Medicaid patients at prices in line with what other major wealthy countries pay; guarantee that new drugs will be offered to Medicare, Medicaid, and commercial payers at those lower prices; implement direct-to-consumer distribution models for “high-volume, high rebate” drugs; and repatriate increased revenues that they earn abroad back to the U.S. 
    • “The companies he sent letters to were: AbbVie, Boehringer Ingelheim, Bristol Myers Squibb, Novartis, Gilead, EMD Serono, Pfizer, Novo Nordisk, AstraZeneca, Amgen, Genentech, Johnson & Johnson, GSK, Merck, Regeneron, Sanofi, and Eli Lilly.”
  • The AHA News tells us,
    • “The Department of Health and Human Services today issued a notice announcing a 340B Rebate Model Pilot Program as a voluntary mechanism for qualifying drug manufacturers to effectuate the 340B ceiling price on select drugs to all 340B-covered entities. 
    • “The notice said HHS’ Health Resources and Services Administration’s Office of Pharmacy Affairs, which currently oversees the 340B Drug Pricing Program, is inviting certain drug manufacturers to apply for participation in the pilot program for a minimum of one year. HRSA said the pilot program will be limited to the NDC-11s included on the Centers for Medicare & Medicaid Services’ Medicare Drug Price Negotiation Selected Drug List regardless of payer. 
    • “HRSA said manufacturers must submit applications to participate in the pilot program by Sept. 15, and approvals will be made by Oct. 15 for a Jan. 1, 2026, effective date.” 
  • Per an HHS news release,
    • “Susan Monarez, Ph.D., was sworn in today as Director of the Centers for Disease Control and Prevention (CDC) by U.S. Health and Human Services Secretary Robert F. Kennedy, Jr.”
  • The Departments of Labor, HHS, and Treasury as well as OPM issued CAA 2021 and ACA FAQs (No. 71, government link) Thursday morning. The FAQs brings us up to date on the application of the Fifth Circuit’s Texas Medical Association case to QPA calculations and reiterates that “The maximum annual limitation on [in-network] cost sharing for the 2026 plan year will be $10,600 for self-only coverage, and $21,200 for other than self-only coverage.”

From the Food and Drug Administration front,

  • Per an FDA news release,
    • “The U.S. Food and Drug Administration is requiring safety labeling changes to all opioid pain medications to better emphasize and explain the risks associated with their long-term use. These changes follow a public advisory committee meeting in May that reviewed data showing serious risks—such as misuse, addiction, and both fatal and non-fatal overdoses—for patients who use opioids over long period.”
  • The New York Times reports,
    • “The Food and Drug Administration on Wednesday approved a medical device that offers new hope to patients incapacitated by rheumatoid arthritis, a chronic condition that afflicts 1.5 million Americans and is often resistant to treatment.
    • “The condition is usually managed with medications. The device represents a radical departure from standard care, tapping the power of the brain and nervous system to tamp down the uncontrolled inflammation that leads to the debilitating autoimmune disease.
    • “The SetPoint System is an inch-long device that is surgically implanted into the neck, where it sits in a pod wrapped around the vagus nerve, the longest nerve in the body. The device electrically stimulates the nerve for one minute each day.
    • ‘The stimulation can turn off crippling inflammation and “reset” the immune system, research has shown. Most drugs used to treat rheumatoid arthritis suppress the immune system, leaving patients vulnerable to serious infections.”

From the public health and medical research front,

  • STAT News reports,
    • “U.S. kindergarten vaccination rates inched down again last year and the share of children with exemptions rose to an all-time high, according to federal data posted Thursday.
    • “The fraction of kids exempted from vaccine requirements rose to 4.1%, up from 3.7% the year before. It’s the third record-breaking year in a row for the exemption rate, and the vast majority are parents withholding shots for non-medical reasons.
    • “Meanwhile, 92.5% of 2024-25 kindergartners got their required measles-mumps-rubella shots, down slightly from the previous year. Before the Covid-19 pandemic, the vaccination rate was 95% — the level that makes it unlikely that a single infection will spark a disease cluster or outbreak.” * * *
    • “In the last decade, the percentage of kindergartners with medical exemptions has held steady, at about 0.2%. But the percentage with nonmedical exemptions has risen.”
  • BioPharma Dive lets us know,
    • “Eli Lilly’s popular diabetes drug Mounjaro proved about as effective as its older medicine Trulicity in protecting heart health in the largest and longest clinical trial of the newer GLP-1 therapy to date.
    • “According to summary results released by Lilly Thursday, Mounjaro met the main goal of the head-to-head study, which enrolled more than 13,000 people with Type 2 diabetes and heart disease and ran for nearly five years.
    • “While Mounjaro’s benefit wasn’t great enough for researchers to declare it superior to Trulicity, the rate of all-cause mortality was 16% lower for the newer drug, which in addition to stimulating the GLP-1 hormone receptor like Trulicity, also activates another known as GIP.”
  • Per MedPage Today,
    • “The past two respiratory virus seasons tallied at least 41 pediatric cases of influenza-associated acute necrotizing encephalopathy (ANE), a rare but severe neurologic condition, a multicenter case series showed.
    • “And most of these (76%) occurred in previously healthy children with no significant medical history, Andrew Silverman, MD, MHS, of Weill Cornell Medicine in New York, and colleagues from the Influenza-Associated ANE Working Group reported in JAMA.
    • “There hasn’t been any formal national surveillance of ANE to know whether the case counts for these two seasons are higher than normal, but that certainly seemed to be the case, Silverman said.
    • “Anecdotally, there seems to be an uptick in cases in the U.S.,” Silverman told MedPage Today. “From informally surveying all of these senior pediatric neurologists who have seen zero to one case in their career, now it seems like all of a sudden we’re forced to know more about ANE and how to treat it.”
    • “Mortality was high, at 27%, with 11 deaths. Patients died a median of 3 days from symptom onset, primarily from cerebral herniation (91%).”
  • Per Health Day,
    • “Blood-based colon cancer tests have become more common in recent years, offering a non-invasive option for screening
    • “Follow-up colonoscopy is recommended when a test result is ‘abnormal,’ but new data shows less than half of people following guidelines
    • “More must be done to educate people on the potentially life-saving importance of proper follow-up during colon cancer screening.”

From the U.S. healthcare business front,

  • The Wall Street Journal reports,
    • CVS Health reported earnings that beat Wall Street’s expectations and upgraded its projection for 2025, as its health-insurance business showed signs of recovery.
    • “The healthcare giant’s results underscore a split among health insurers. On one side are companies struggling this year with a surprise financial squeeze from higher-than-expected medical costs, a list that includes CenteneMolina Healthcare and the industry bellwether, UnitedHealth Group
    • “On the other side, Humana and CVS, which both had major financial challenges last year, say that the higher medical costs are largely in line with what they had projected. Humana, like CVS, had second-quarter results that came in above analysts’ predictions, and raised its 2025 guidance.” * * *
    • “89.9%: The share of insurance premiums at Aetna spent on healthcare costs, known as the medical-loss ratio. It is a bit higher than last year’s 89.6%, but lower than the FactSet consensus of 90.5%.”
  • Beckers Payer Issues tells us,
    • “The Cigna Group reported a net income of $1.53 billion in the second quarter of 2025, compared to $1.55 billion during the same quarter last year, according to its July 31 financial report. 
    • “Total revenue was $67.2 billion for the three months ended June 30, up 11% year over year. Cigna said the increase was primarily driven by Evernorth Health Services and includes growth of existing client relationships and strong specialty pharmacy growth.” * * *  
    • “Cigna’s medical loss ratio was 83.2% in the second quarter, up from 82.3% during the same period last year. The company attributed the increase to expected higher stop-loss medical costs.” 
  • Per an Institute for Clinical and Economic Review (ICER) news release,
    • ICER announced today that it will assess the comparative clinical effectiveness and value of therapies targeting abnormal complexes of immunoglobulin for IgA nephropathy. These are expected to include sibeprenlimab (Otsuka Holdings Co., Ltd.), atacicept (Vera Therapeutics, Inc.), and budesonide (Tarpeyo®, Calliditas Therapeutics AB).  
    • The assessment will be publicly discussed during a meeting of the CTAF in February 2026, where the independent evidence review panel will deliberate and vote on evidence presented in ICER’s report.
    • ICER’s website provides timelines of key posting dates and public comment periods for this assessment

Midweek report

David ErmerFDA, HSA, Medical / Rx research, Medicare, NIH, OPM, Patient safety, U.S. Healthcare
  • Fedscoop interviews the new OPM Director Scott Kupor.
  • Kevin Moss, writing in Govexec, discusses how to avoid Medicare Part B late enrollment penalties.
  • The Wall Street Journal informs us,
    • “A Trump administration effort to block all funding that flows to outside health researchers was scrapped Tuesday evening after senior White House officials intervened, people familiar with the matter said. The funds—billions of dollars to study diabetes, cancer and more—are set to flow again, the people said.”
  • The American Hospital Association News tells us,
    • “The Centers for Medicare & Medicaid Services July 30 announced the creation of a “digital health ecosystem” that includes partnerships with health care organizations and technology companies, including Amazon, Anthropic, Apple, Google, and OpenAI. The initiative includes an interoperability framework with a goal of making health information easier to share between patients and providers. During an event at the White House, CMS announced voluntary criteria for data exchange to make data more accessible for health information networks and exchanges, electronic health records and technology platforms. More than 60 companies, including networks, payers, providers and app vendors signed pledges for the interoperability framework and agreed to meet certain objectives in the first quarter of 2026. The initiative will use secure digital identity credentials to obtain medical records from CMS-aligned networks that meet the agency’s data sharing criteria. Applications will be used to assist in delivering services such as diabetes and obesity management, conversational AI assistants and tools to replace paper intake forms with digital check-in methods.” 
  • Beckers Clinical Leadership points out four things to know about “a July report from HHS’ Office of Inspector General [concluding that’ hospitals failed to capture 49% of patient harm events because staff either did not consider them harmful or were not required to disclose them.”
  • BenefitsFocus shares HSA/HDHP trend identified by Benefitfocus’ 2025 Report.
    • “Benefitfocus found that Gen Z workers had the highest HSA-eligible HDHP participation relative to Millennials, Gen Xers, and Baby Boomers, and while overall participation in HDHP plans dipped slightly across all generations in 2025, Benefitfocus’ data showed that HSA-eligible HDHP participation increased among Gen Zers at a greater clip compared to Millennials, Gen Xers, and Baby Boomers from 2024 to 2025. 
    • “Benefitfocus also found that Gen Z workers had the lowest health care utilization. This makes some sense considering the fact that Gen Z are younger, and it’s likely that the younger you are, the less health care you may need to utilize. 
    • “However, Benefitfocus suggests that Gen Zers are under-utilizing health care because there is a gap in understanding (1) the benefits that are available to them, and also, (2) the various engagement tools that can help them access these benefits. 
    • “To this latter point, there are various tools and different programs that employers can deploy (1) to “engage” Gen Zers and (2) to better help Gen Zers understand that accessing high-value, cost-effective health care services (like preventive care, Telehealth services, and also Direct Primary Care services) is available to them for both short-term and long-term health needs.” 
  • Route 50 informs us,
    • “The Federal Communications Commission voted last week to require text messages to the 988 suicide and mental health crisis hotline to be georouted to local crisis centers based on where they are sent from.
    • “Previously, texts to 988, also known as Lifeline, had been routed to crisis centers based on the area code of the texter’s phone number. Mental health and crisis counseling experts had long warned the FCC that the discrepancy could limit Lifeline’s ability to connect those in crisis with local resources.”

From the Food and Drug Administration front,

  • Fierce Healthcare notes,
    • “Following the departure of Vinay Prasad, M.D., former head of the Center for Biologics Evaluation and Research (CBER), the FDA has already tapped someone else to temporarily fill his shoes.
    • “Freshly appointed Center for Drug Evaluation and Research (CDER) leader George Tidmarsh M.D., Ph.D., will now take on the role of acting director of CBER as well, according to an internal letter from FDA Commissioner Marty Makary, M.D., to staffers that was viewed by Fierce.
    • “Both departments fall under the FDA’s umbrella, with CDER covering most small-molecule and biological therapeutics while CBER oversees vaccines, cell and gene therapies and other blood products.”
    • “Tidmarsh is a veteran biotech executive who stepped into his federal leadership role at the beginning of last week.”

From the public health and medical research front,

  • STAT News reports,
    • “After patients go into remission, there may still be undetected cancer cells lying dormant through the body. Years or even decades after remission, these cells might activate and cause metastatic lesions in these patients. Certain respiratory infections, including the flu and Covid-19, may be among the triggers for this awakening, according to a new study.
    • “The study, which combined mouse experiments and epidemiological data, focused on breast cancer and was published Wednesday in Nature. It found the immune system’s response to viral infections in the lungs might be contributing to this cancer cell activation. The epidemiological analyses also found that patients in breast cancer remission were more likely to develop lung metastases if they tested positive for Covid.
    • “Taken together, experts told STAT that the findings reveal new insights on how metastatic disease occurs, although they also cautioned that the findings are early and may not yet be generalizable to all cancer types or even all subtypes of breast cancer.
    • “It’s an exciting link between acute infections and a reactivation of these dormant cells that can lead to cancer progression,” John Alcorn, an immunology professor at the University of Pittsburgh who was not involved in the study, told STAT. “Something that we once thought of as a two-week problem really has far-reaching effects beyond that.”
  • Per a National Institutes of Health news release,
    • “Researchers at the National Institutes of Health (NIH) have shown for the first time that a type of human papillomavirus (HPV) commonly found on the skin can directly cause a form of skin cancer called cutaneous squamous cell carcinoma (cSCC) when certain immune cells malfunction. cSCC is one of the most common cancers in the United States and worldwide. Previously, scientists believed HPV merely facilitated the accumulation of DNA mutations caused by ultraviolet (UV) radiation, usually the primary driver of cSCC. The findings were published today in The New England Journal of Medicine.
    • “This discovery could completely change how we think about the development, and consequently the treatment, of cSCC in people who have a health condition that compromises immune function,” said Andrea Lisco, M.D., Ph.D., of NIH’s National Institute of Allergy and Infectious Diseases (NIAID). “It suggests that there may be more people out there with aggressive forms of cSCC who have an underlying immune defect and could benefit from treatments targeting the immune system.”
    • “There are many different types of HPV, each tending to infect cells in a particular tissue and part of the body. The types of HPV found mostly on the skin—beta-HPV—are considered benign members of the skin microbiome that typically do not integrate into the DNA of skin cells. This contrasts with the alpha types of HPV, known to integrate into the DNA of mucous membrane cells and directly cause cancer of the genitals, anus, head and neck.”
  • The National Institute of Standards and Technology’s Taking Measure blog explains “How Nature’s Symmetry Might Help Us See Early Warning Signs of Cancer.”
  • Health Day reports,
    • “A dementia diagnosis typically arrives more than three years after the onset of symptoms
    • “That time lag jumps to an average of more than four years for folks battling early-onset dementias
    • “As drugs to fight dementias emerge, spotting the disease early will be crucial, researchers say.”
  • Also per STAT News,
    • “The decades-long push to develop an HIV vaccine has been riddled with setbacks. But researchers reported on Wednesday that they have managed to circumvent one of the longstanding challenges to developing protective shots against this complex and crafty virus.
    • “Scientists used a messenger RNA-based vaccine to reliably trigger antibodies that block viral infection in people and monkeys. The key, they found, was to use a vaccine that hid a portion of a key protein complex that pokes out of HIV’s surface, concealing a region that usually distracts the immune system from mounting a protective response. Only 4% of participants given a vaccine that exposed this part of the viral surface produced antibodies that could block infection; that jumped to 80% when this region wasn’t visible to the immune system.
    • “While researchers found that the vaccines they tested were generally safe and well tolerated, 6.5% of study participants developed hives, a finding also seen in another mRNA-based HIV vaccine study. These cases improved when participants took antihistamines, but scientists are looking into why this happened and how to avoid it.
    • “The findings were described in a pair of papers published in Science Translational Medicine. The authors note that this is the first time an HIV vaccine candidate has sparked antibodies that can neutralize infection in a large percentage of subjects.”
  • Per Medical Economics,
    • “Teens who regularly use e-cigarettes are just as likely to become cigarette smokers as their peers were in the 1970s, according to a new study co-led by researchers at the University of Michigan.
    • “The findings, published in the journal Tobacco Control, come despite dramatic declines in overall teen cigarette use over the last five decades. The study, a collaboration between the University of Michigan, Penn State University, and Purdue University, reveals that teenagers who had never used e-cigarettes had less than a 1-in-50 chance of smoking cigarettes weekly. In contrast, those who had tried e-cigarettes faced more than a 1-in-10 chance, while consistent e-cigarette users had nearly a 1-in-3 chance of also reporting cigarette use.
    • “The use of e-cigarettes and the proliferation of e-cigarettes have really disrupted those awesome trends and improvements,” said Jessica Mongilio, research fellow at the U-M School of Nursing and one of the study’s lead researchers. “For kids who have never used e-cigarettes, we do see those historic declines in risk. But for kids who do use e-cigarettes, it’s almost as if all of those policies and all of those perceptions have done nothing, and they’ve got a really high risk of smoking cigarettes.”
  • The Wall Street Journal reports,
    • “The use of ultrapotent synthetic opioids called nitazenes are spreading in Europe.
    • “Nitazenes, often from China, are mixed into heroin and other drugs. Even trace amounts can cause fatal overdoses, authorities warn.
    • “The U.S. has seen nitazenes in drug seizures, and the DEA warns Mexican cartels could use their relations with China-based suppliers to obtain nitazenes.” * * *
    • “The most common street nitazenes are roughly 50 to 250 times as potent as heroin, or up to five times the strength of fentanyl. They are likely much more prevalent than official statistics suggest, due to limited testing. Authorities say official death tolls are almost certainly undercounts.”

From the U.S. healthcare business front,

  • Healthcare Dive lets us know,
    • “Humana raised its 2025 guidance alongside the release of second quarter results that beat analyst expectations on Wednesday. It’s a bright spot for investors in the health insurance sector following dismal reports from other payers.
    • “Executives attributed the outperformance to higher-than-anticipated prescription volumes and more lucrative drugs dispensed in Humana’s pharmacy services division. The company also benefited from higher revenue in its insurance segment from unexpectedly strong Medicare Advantage membership retention.
    • “In addition, medical costs — though elevated — remained generally in line with what Humana had planned for coming into 2025, the company said. Humana’s stock was up 6% in Wednesday morning trading following the results.”
  • and
    • “Certain Universal Health Services growth targets for 2025 are looking less achievable after the for-profit health system reported another quarter of lackluster admissions on Monday.
    • “Behavioral health volumes in the second quarter were essentially flat, with adjusted admissions rising just 0.4%. It’s an improvement from last quarter, when behavioral health volumes declined. However, executives now consider UHS’ plans to grow adjusted behavioral patient days by 2.5% to 3% a long-term target, instead of a 2025 goal.
    • “CEO Marc Miller said one of the reasons UHS’ patient day target has remained “elusive” is payers’ growing preference for outpatient care, a trend that hasn’t favored UHS’ inpatient-heavy portfolio. To be competitive in the long term, UHS plans to focus capital spending on outpatient projects, building 10 to 15 freestanding behavioral health facilities per year.”
  • Fierce Healthcare points out,
    • “Teladoc Health announced its second-quarter earnings Tuesday, which revealed a 2% decline in revenue for the company. The company performed roughly 1% better than Wall Street analysts anticipated. 
    • “Teladoc reported $631.9 million in total revenue for the quarter that ended June 30, and a net loss of $32.7 million, or $0.19 per share. In the same quarter a year ago, the company posted a net loss of $838 million after it was hit with a $790 million goodwill impairment charge related to its virtual mental health offering, BetterHelp.
    • “Teladoc’s adjusted EBITDA margin was $69.3 million, down 23% year over year. Citigroup, Goldman Sachs Group, Bank of America and Truist Financial reduced their target prices for Teladoc in early July, MarketBeat noted.
    • “The integrated care portion of the business was the lone division with upside in the second-quarter earnings results. Integrated care brought in $391.5 million, up 4% compared to the same period last year. Its adjusted EBITDA margin was 14.7%.
    • “BetterHelp garnered $240.4 million in revenue, down 9% year over year. The tele-mental health brand had an adjusted EBITDA margin of 4.9%.” 
  • Beckers Hospital Review notes “Where hospital margins are climbing [and] dropping the most.”
    • “Margin growth or decline varied by region and hospital size. Here is the breakdown:
      • “South: 6.1 percentage points
      • “Midwest: 2.5 percentage points
      • “Northeast: 1.6 percentage points
      • “West: -2.2 percentage points
      • “0 to 25 beds: -1 percentage points
      • “100 to 199 beds: 4.2 percentage points
      • “300 to 400 beds: 0.8 percentage points
      • “500 or more beds: -0.2 percentage points’
  • The Wall Street Journal Bankruptcy Pro publication reports on “Hospital Failures Following Private-Equity Payouts Leave Patients, Taxpayers in Lurch. Communities where Steward Health Care and Prospect Medical had hospitals that closed are trying to fill gaps in healthcare and government budgets.”
  • WTW consulting’s Pulse offers the latest news on GLP-1 drugs.
    • “Utilization will continue to rise. A robust pipeline of new GLP-1 drugs later this year and in 2026 will bring more competition with the potential to drive lower unit costs.
    • “Government price negotiations for Medicare Part D plans could also put downward pressure on GLP-1 drugs in the commercial market.
    • “The drugs will likely gain other uses this year including metabolic dysfunction associated steatohepatitis, heart failure and peripheral artery disease, which will also contribute to more utilization.”

Tuesday report

David ErmerAHRQ, CDC, CMS, Congress, FDA, Generative AI, HSA, Medical / Rx research, Medicare, Mental health care, No Surprises Act, OPM, Rx coverage, U.S. Healthcare

From Washington, DC,

  • The Senate confirmed Susan Monarez to be Director of the Centers for Disease Control and Prevention today by a 51 to 47 vote. The AP adds,
    • “She holds a doctorate in microbiology and immunology from the University of Wisconsin and did postdoctoral research at Stanford University. Prior to the CDC, Monarez was largely known for her government roles in health technology and biosecurity.”
  • MedCity News tells us,
    • “On Thursday, a coalition of 28 healthcare organizations sent a letter to leaders in Congress calling on them to extend the Affordable Care Act enhanced premium tax credits, which are set to expire at the end of the year.
    • “The letter was addressed to John Thune, Senate majority leader; Chuck Schumer, Senate minority leader; Mike Johnson, speaker of the House; and Hakeem Jeffries, minority leader of the House. The letter was led by Keep Americans Covered and was signed by healthcare organizations including AHIP, Blue Cross Blue Shield Association, the American Medical Association, Kaiser Permanente, Families USA and more.” 
  • STAT News reports,
    • “Health secretary Robert F. Kennedy Jr. could “imminently” overhaul a key federal advisory panel that recommends which preventive services insurers must pay for, according to a person familiar with the plans. 
    • “The person said that federal health officials are actively vetting new members for the U.S. Preventive Services Task Force. David Mansdoerfer, an adviser to a Kennedy-aligned group of physicians, said he’s aware of people being considered for the panel, but declined to name them.” * * *
    • “Mansdoerfer added that the existing panel is “M.D. heavy” and a reconstituted panel is more likely to include “allied health professionals,” which are health care providers who aren’t nurses or physicians, like physical therapists and dietitians.” 
  • Following up on yesterday’s post about Medicare Part D, here is a link to the CMS guidance upon which the Wall Street Journal relied.
  • World at Work informs us,
    • “Health savings accounts (HSAs) have become a staple total rewards offering over the last decade, but a new study by the Employee Benefit Research Institute (EBRI) showed employees are still leaving the full value of these accounts on the table.
    • “The June 12 EBRI report pulled data from 14.5 million accountholders, containing more than $48 billion in total assets — roughly 40% of the entire HSA universe. The analysis revealed:
      • “Low balances. End-of-year balances increased in 2023 (the most recent analysis period) to $4,747 but are still modest compared with average out-of-pocket maximums for HSA-eligible health plans ($8,300 for individual coverage in 2025, $16,600 for family coverage)
      • Low contributions. Relative to 2022, average HSA contributions increased in 2023. However, after adjusting for inflation, both employer and employee contributions were higher in the 2010s. Also, notably, the average combined HSA contribution was $760 less than the statutory maximum contribution for individuals and $4,660 less than the statutory maximum contribution for accountholders with family coverage.
      • High withdrawals. More than half of accountholders withdrew funds, and the average distribution rose to $1,801.
      • “Low investment. Only 15% of accountholders invested in assets other than cash. 
    • EBRI found that, essentially, employees use HSAs as specialized checking accounts rather than investment accounts, and in doing so, miss out on the triple tax advantage available if they maximize contributions, minimize withdrawals and invest their balances.
    • “The good news is that, here we are 20-plus years after HSAs launched, and they’ve become pretty standard. They’re a typical plan offering from most employers of all sizes — not just large or small companies, or in certain industries,” said Alexander Domaszewicz, a principal and healthcare consultant at advisory firm Mercer. “If we live long enough, we’ll have healthcare expenses, and we want to be prepared for that. But while awareness and visibility of HSAs have grown, they’re still intimidating to folks.”
  • Beckers Payer Issues calls attention to recent No Surprises Act developments.
  • Federal News Network lets us know,
    • “The Trump administration is detailing how it expects agencies to recruit more political appointees through the new “Schedule G” hiring category, while also reminding agencies that all non-career hires must be approved by the White House.
    • “The Office of Personnel Management on Tuesday outlined how agencies should adopt the federal employment classification President Donald Trump created earlier this month. Generally, the new Schedule G broadens agencies’ options for hiring political appointees, beyond the avenues already available to presidential administrations for picking their own staff members.
    • “In its guidance on Trump’s new hiring authority, OPM said agencies will have to run any Schedule G hires they want make by the White House for review and approval.
    • “As a matter of practice,” OPM said, agencies will have to send all their political hires to their White House liaison — a position that coordinates with the White House on hiring and retention of political appointees — before agencies can advance any Schedule G appointments.”

From the Food and Drug Administration front,

  • Bloomberg Law informs us,
    • “Vinay Prasad, a top regulator at the US Food and Drug Administration, has left the agency after a controversy over his handling of Sarepta Therapeutics Inc.’s gene therapy. 
    • “Dr. Prasad did not want to be a distraction to the great work of the FDA in the Trump administration and has decided to return to California and spend more time with his family,” Department of Health and Human Services spokesperson Andrew Nixon said in a written statement. 
    • “Prasad did not immediately respond to a request for comment about his departure.” 
  • The Washington Post reports,
    • “The Food and Drug Administration pushed Tuesday to restrict a synthetic opioid found in tablets, gummies and drinkable shots commonly sold in convenience stores.
    • “Health officials announced they will seek to add 7-OH — a potent substance synthesized from a compound in the kratom leaf — to the tier of controlled substances reserved for the most addictive drugs, such as heroin and LSD.
    • “The FDA, researchers and kratom companies have grown increasingly alarmed by the rise of 7-OH products they say are distinct from all-natural teas and powders derived from a leaf that grows on trees native to Southeast Asia.
    • “FDA Commissioner Marty Makary said at a news conference that the agency is not asking to restrict natural products made from kratom, which contains trace amount of the compound. In a report released Tuesday, the agency said it maintains concerns about kratom broadly but needed to act urgently on 7-OH because of its risk of sedation, nausea, breathing problems and addiction.”
  • From the judicial front,
    • Fierce Healthcare reports,
      • “A new law in Arkansas banning pharmacy benefit managers from owning pharmacies has been blocked by a federal judge, the latest development in one of the industry’s most-watched new pieces of legislation.
      • “Judge Brian Miller said the law may violate (PDF) the Commerce Clause in the constitution and is likely preempted by TRICARE, a health care program for military families. The state is barred from enforcing the law until final disposition, a ruling shows.
      • “Act 624 appears to overtly discriminate against plaintiffs as out of state companies and the state has failed to show that it has no other means to advance its interests,” said Miller, adding other enacted state laws already can properly restrict PBMs.
      • “Arkansas Attorney General Tim Griffin said he plans on appealing the decision, reported the Associated Press.
      • “We’re pleased with the Court’s decision to grant a preliminary injunction to stop the implementation of Act 624,” a CVS Health spokesperson said in a statement. “We continue to be focused on serving people in Arkansas and are actively looking to work together with the state to reduce drug prices and ensure access to pharmacies.”

From the public health and medical researach front,

  • KFF considers whether our country’s measles elimination status is at risk.
  • The Agency for Healthcare Research and Quality released a medical expenditures survey report titled “Healthcare Expenditures for Heart Disease among Adults Aged 18 and Older in the U.S. Civilian Noninstitutionalized Population, 2022.”
    • “In 2022, 7.8 percent of adults aged 18 and older were treated for heart disease, and men were more likely than women to have treated heart disease (8.4 % vs. 7.2%).
    • “Among age groups, the treated prevalence of heart disease was highest for those aged 65 and older (22.8%) compared to only 6.0 percent for adults aged 45-64, and 1.4 percent for adults ages 18-44.
    • “In 2022, healthcare expenditures to treat heart disease for adults in the US totaled $100.0 billion (with an average cost of $4,900 per adult with diagnosed and treated heart disease).
    • “The largest portion of heart disease expenditures were incurred through hospital inpatient stays (46.1%) and prescribed medications (20.5%).
    • “The majority of heart disease treatment costs were paid by Medicare (57.6%) and private insurance (24.2%).”
  • Per MedPage Today,
    • “The global incidence of liver cancer is projected to double by 2050.
    • “Sixty percent of liver cancers are preventable by controlling risk factors including hepatitis B and C, alcohol consumption, and MASLD.
    • “The Lancet Commission estimated that a 2-5% reduction in the age-standardized incidence rate of liver cancer could prevent up to 17.3 million new cases and save up to 15.1 million lives.”
  • Per Neurology Adviser,
    • “Urinary tract infections (UTIs) may be a trigger for myocardial infarction (MI) or stroke, with an increased risk for both within the first 7 days of infection, according to the findings of a study published in BMJ Open.”
    • “Growing evidence suggests that acute infection plays a role in the pathogenesis of cardiovascular disease.
    • “Researchers from Cardiff University in the United Kingdom conducted this self-controlled cases series using data from the Secure Anonymised Information Linkage (SAIL) Databank which houses nation-wide data from Wales. Patients (N=105,930) with MI (n=51,660) or stroke (n=58,150) between 2010 and 2020 were evaluated for general practitioner suspected or confirmed UTI before or after MI or stroke event. The peak risk period was defined as up to 90 days after UTI.
    • “The MI and stroke cohorts consisted of 63% and 49% men, with mean ages of 69 and 74 years for men and 77 and 79 years for women, respectively.”
  • STAT News reports,
    • “A major Alzheimer’s disease medical group is recommending that specialists may use certain blood tests to help diagnose patients with cognitive impairment in lieu of more complex and invasive tests, a move that could lead more people to get treated for the devastating disease.
    • “The Alzheimer’s Association, in its first clinical guidelines on blood biomarker testing, said Tuesday that tests that have over 90% sensitivity (ability to identify positive results) and 90% specificity (ability to identify negative results) can be used instead of current diagnostic methods like PET scans and cerebrospinal fluid tests.
    • “The group said that tests that have over 90% sensitivity and 75% specificity can be used to triage patients, meaning negative results rule can rule out Alzheimer’s with high probability but positive results should be confirmed with the standard diagnostic methods, given that these blood tests have a higher likelihood of false positives.
    • “The authors stressed that the guidelines should not be considered a substitute for a full clinical evaluation and that they apply only to people who are in the care of specialists and have already been confirmed to have cognitive impairment. The authors also noted that there’s wide variability in the blood tests on the market and that many do not meet the accuracy thresholds.”
  • Per Benefits Pro,
    • “Researchers at Cigna’s Evernorth Research Institute are seeing early signs that offering patients semaglutide and other GLP-1 agonists might cut the cost of managing mental health problems.
    • “Duy Do and two other Evernorth researchers found that using Ozempic or similar drugs to control blood sugar reduced use of office visits to treat depression by 13% and reduced use of office visits to treat anxiety by 15%.
    • “Use of GLP-1 agonists did not reduce use of emergency room visits or inpatient care for depression or anxiety, but the researchers say their work shows the need for understanding how GLP-1 agonist use affects people’s mental health and use of mental health services.
    • “Given the high economic burden of mental health disorders among patients with T2DM, further research is needed to confirm the clinical and cost-effectiveness of [GLP-1s] in reducing the overall health care burdens for this patient population,” Do and colleagues conclude.”

From the U.S. healthcare business front,

  • The Wall Street Journal reports,
    • “UnitedHealth Group anticipates its 2025 earnings to fall below expectations due to rising costs and operational issues.
    • “CEO Stephen Hemsley aims to restore UnitedHealth to high performance, projecting earnings growth for the coming year.
    • “UnitedHealth is facing industry upheaval with rising healthcare costs, government actions, and ongoing Justice Department probes.”
  • Modern Healthcare tells us,
    • “Humana is offering certain employees voluntary early retirement buyouts.
    • “Employees age 50 or older with at least three years of service are eligible for the program, although those working in certain business-critical areas will be ineligible, a company spokesperson said Tuesday. He said the window to apply for voluntary early retirement will be open for several weeks.
    • “The Louisville, Kentucky-based health insurer said the offers are part of ongoing evaluations Humana conducts to adjust staffing and drive organizational efficiency.”
  • Beckers Hospital Review lets us know,
    • U.S. News & World Report released its 2025-2026 Best Hospitals rankings and ratings July 29, which included its list of 504 Best Regional Hospitals across 49 states and 95 metropolitan areas.
    • “The latest edition of Best Hospitals, now in its 36th year, evaluated more than 4,400 hospitals on measures such as risk-adjusted mortality rates, preventable complications and level of nursing care.” 
    • The article lists the no. 1 ranked hospitals in each eligible state.
  • Cardiovascular Business points out the best heart hospitals according to U.S. News and World Report.
  • Fierce Healthcare informs us,
    • “Earlier this year, CVS Health announced that it would invest $20 billion in improving the consumer experience and making the healthcare journey simpler.
    • “Now, its health benefits arm, Aetna, is unveiling its new Care Paths program, which connects members who have certain health needs—launching with diabetes, joint health and maternity care—to a more personalized view of their benefits and more directly with the care team supporting them. The platform is powered by artificial intelligence and offers users individualized recommendations for health and wellness programs related to their conditions as well as care kits when available.
    • “The goal, the insurer said, is to make members’ interactions with their health plans feel less transactional and instead more holistic. Aetna offered an exclusive look at the new offering to Fierce Healthcare.”
  • and
    • Sword Health, a company that provides virtual physical therapy and mental health, is now offering an AI assistant for payers and providers to tackle operational and administrative tasks.
    • “The new AI division marks a notable expansion from the company’s core business of virtual care services like digital musculoskeletal care, pelvic health and movement health.
    • “The launch of the new division, called Sword Intelligence, marks a “pivotal evolution” in Sword Health’s strategy, according to the company.
    • “Sword Intelligence allows us to move beyond delivering care to our own members to enabling the entire healthcare industry to scale it efficiently and effectively,” Virgilio “V” Bento, founder and CEO of Sword Health, told Fierce Healthcare when reached via email.”
  • The Wall Street Journal further reports,
    • Merck & Co. said it is embarking on a multi-year cost-savings plan, which includes cuts to its workforce and real-estate footprint, as it looks to redirect resources toward new product launches.
    • “The plan comes as the drug company on Tuesday logged lower revenue and sales in its latest quarter and narrowed its full-year guidance.
    • “The company said it expects the plan to result in $3 billion in annual cost savings by the end of 2027, which it plans to reinvest to support new products as well as its pipeline across multiple therapeutic areas.
    • “As part of the cost-savings plan, Merck expects to eliminate certain administrative, sales and research-and-development positions.
    • “The company didn’t disclose how many workers would be affected but said it would continue to hire employees in new roles across strategic growth areas of its business.
    • “Merck said it also would reduce its global real-estate footprint and continue to optimize its manufacturing network.
    • “The company expects the workforce cuts and real-estate reductions to result in annual cost savings of about $1.7 billion, which would be substantially realized by the end of 2027.”
  • and
    • “Novo Nordisk shares plunged after losing its lead in the weight-loss drug market to competitors like Eli Lilly.
    • “The company lowered its 2025 sales growth forecast due to copycat versions of Wegovy and slower Ozempic sales.
    • “Maziar Mike Doustdar was named chief executive, effective Aug. 7, succeeding Lars Fruergaard Jorgensen.”

Monday report

David ErmerCDC, CMS, FDA, Generative AI, Medical / Rx research, Medicare, NIH, Obesity, Patient safety, U.S. Healthcare

From Washington, DC,

  • The Wall Street Journal reports,
    • “Medicare drug plan premiums are expected to rise significantly next year due to rising costs and regulatory changes.
    • “A subsidy program that shielded seniors from rising monthly bills will be cut by about 40% in 2026.
    • “The premium increase will affect millions of seniors and may push more enrollees into Medicare Advantage plans.”
  • KFF tells us,
    • “Two new KFF analyses examine the latest data about Medicare Advantage, including trends in enrollment, premiums, out-of-pocket limits, supplemental benefits and prior authorization.
    • “The first analysis, focusing on enrollment trends, finds that 54% of eligible Medicare beneficiaries are enrolled in Medicare Advantage in 2025, though increases in enrollment slowed this year. One in five Medicare Advantage enrollees is in a special needs plan (SNP), reflecting a steady increase in recent years. And Medicare Advantage enrollment remains highly concentrated among a handful of insurance companies. 
    • “The second analysis finds that more than three quarters (76%) of enrollees in individual Medicare Advantage plans with prescription drug coverage pay no premium other than the Medicare Part B premium. The share of enrollees in plans offering a rebate against the Part B premium rose sharply from 12% in 2024 to 32% in 2025, but among these enrollees, about half are in plans that offer rebates of less than $10 a month while fewer (36%) are in plans that offer rebates of $50 or more per month. Prior authorization is most often required for expensive services such as skilled nursing facility stays (99%), Part B drugs (98%), inpatient hospital stays (acute: 96%; psychiatric: 93%) and outpatient psychiatric services (80%).” 
  • STAT News reports,
    • “No decision has been made on the future of an advisory panel [the U.S. Preventive Services Task Force] that decides which preventive care offerings, like cancer screenings, must be covered by insurers, a federal health department spokesperson said, after a [Wall Street Journal] report that health secretary Robert F. Kennedy Jr. is planning to oust all members. 
    • “But the report has alarmed the American Medical Association, which is calling on Kennedy to keep the panel’s members in place.” 
  • Modern Healthcare informs us,
    • “The Centers for Medicare and Medicaid Services wants to take another crack at creating a national provider directory in an effort to replace insurance company lists that are often riddled with errors.
    • “Health and Human Services Secretary Robert F. Kennedy Jr. and CMS Administrator Dr. Mehmet Oz touted the idea at a meeting with health information technology executives in June. In a later post on the social media platform X, CMS described its goal as a “dynamic, interoperable directory that connects the data CMS has with what the industry knows, so we all work from the same map.” * * *
    • “The insurance industry would support a national provider directory “grounded in a robust public-private partnership,” the trade group AHIP said in a statement. At the AHIP 2025 conference last month, executives from Centene, Cigna and Aetna parent company CVS Health said their companies have met with CMS to discuss the concept.”
  • and
    • “Top Trump administration health officials are expected to bring tech companies to the White House this week to roll out a plan to encourage more seamless sharing of healthcare data, according to people familiar with the matter.
    • “Health and Human Services Secretary Robert F. Kennedy Jr. and Centers for Medicare and Medicaid Services Administrator Mehmet Oz are expected to host executives at an event on Wednesday, said the people, who did not provide names of the attendees and asked not to be named because the details haven’t been made public.
    • “The plan was developed in coordination with the White House, building on a May effort by CMS to get public input on addressing barriers to sharing patient data.”
  • The American Hospital Association lets us know,
    • “The Substance Abuse and Mental Health Services Administration July 28 released its latest national survey on drug use and mental health. Among the findings, the percentage of adolescents aged 12 to 17 who had serious thoughts of suicide declined from 12.9% in 2021 to 10.1% in 2024. It also found a decline in adolescents who experienced a major depressive episode, dropping from 20.8% in 2021 to 15.4% in 2024. The survey also found that among the 61.5 million adults aged 18 or older in 2024 with any mental illness, 52.1% (32 million) received any mental health treatment in the past year. Among 14.6 million adults with serious mental illness in the past year, 70.8% (10.3 million) received mental health treatment. Due to changes to the survey questions and approach, not all estimates in the 2024 survey are comparable with 2023 and 2022 estimates, SAMHSA notes.” 
  • An HHS news release adds,
    • “The U.S. Department of Health and Human Services (HHS) has announced a $100M pilot funding opportunity to prevent, test for, treat, and cure Hepatitis C (HCV) in individuals with substance use disorder (SUD) and/or serious mental illness (SMI). This program is designed to support communities severely affected by homelessness and to gain insights on effective ways to identify patients, complete treatment, cure infections, and reduce reinfection by Hepatitis C (a liver disease caused by the Hepatitis C virus).
    • “HHS is delivering on our promise to the American people for a healthier, brighter future,” said HHS Secretary Robert F. Kennedy, Jr. “Through this pilot program, we are launching a comprehensive, integrated care model that not only cures HCV but also tackles critical risk factors like substance use, mental health challenges, and homelessness head-on.”
  • Beckers Hospital Review highlights five things to know about the foreign trade deals that the Trump administration has recently struck.

From the Food and Drug Administration front,

  • BioPharma Dive reports,
    • “The Food and Drug Administration has given Sarepta Therapeutics a green light to resume shipping its gene therapy Elevidys to some patients with Duchenne muscular dystrophy, a little over one week after demanding the company halt sales over safety concerns. 
    • “In a statement Monday evening, Sarepta said it would begin shipments to treatment sites “imminently.” The resumption applies only to Duchenne patients who can still walk, which typically describes individuals who are younger and whose disease hasn’t advanced as far.”
  • and
    • “The Food and Drug Administration has delayed its review of a Bayer therapy for hot flashes related to menopause, telling the drugmaker it needs additional to review the company’s application.
    • “In a Friday statement, Bayer said the FDA did not raise any concerns around “general approvability” of the drug, called elinzanetant. Still, the agency extended its decision deadline by three months.”
  • Per MedTech Dive,
    • “Johnson & Johnson’s Ethicon unit has corrected disposable surgical stapler cartridges over a fault related to one death and one injury, the Food and Drug Administration said Friday.
    • “The company wrote to customers in April after learning that devices may activate but not cut or staple tissue. Additional steps are needed to open and remove locked devices from tissue. 
    • “Ethicon designed the stapler to prevent lockout events from harming patients. Still, the FDA said the lockout problem could cause life-threatening hemorrhage, surgical delay and death.”

From the public health and medical research front,

  • The New York Times reports,
    • “A combination of healthy activities including exercise, nutritious diet, computer brain games and socializing can improve cognitive performance in people at risk for dementia, according to a large new study.
    • “The study, conducted in five locations across the United States over two years, is the biggest randomized trial to examine whether healthy behaviors protect brain health.
    • “It confirms that paying attention to things like physical activity and vascular risk factors and diet are all really important ways to maintain brain health,” said Dr. Kristine Yaffe, an expert in cognitive aging at the University of California, San Francisco, who was not involved in the study.
    • “The results were presented on Monday at the Alzheimer’s Association International Conference in Toronto and published in the journal JAMA.”
  • The Washington Post adds,
    • “Any amount of walking is good for your health but picking up the pace has significant benefits — and it’s never too late for someone to train to walk faster.
    • “In an analysis published in PLOS One earlier this month, researchers found that frail older adults who deliberately walked faster saw a meaningful improvement in the distance they could travel when instructed to walk for six minutes straight. (Frailty is an age-related syndrome that affects 5 to 17 percent of older adults and is characterized by fatigue, a loss of strength and unexplained weight loss.)
    • “The results show that regardless of your age, the intensity of your workout can lead to greater improvements in physical function, said Daniel Rubin, the lead author of the analysis and an associate professor of anesthesia and critical care at the University of Chicago.”
  • Per the National Academy of Medicine,
    • “With more than half a million people globally living beyond the age of 100, it is time to rethink how health professionals and educators view older adults and the aging process. “Redefining aging” begins with transforming the mindset of current and future health professionals through targeted education. This involves encouraging them to reconsider how they address the unique needs of older adults and identifying those who can drive this change. Educators, health professionals, administrators, and policymakers must collaborate to reshape systems and attitudes. Together, they can build a well‑trained workforce that is not only prepared but motivated to address the complexities of aging that may include chronic disease and functional decline but also opportunities for growth and innovation. The barriers to achieving a change in mindset and solutions for overcoming challenges prompt a call to action. This paper is an entreaty by a group of interprofessional educators passionate about ensuring all health professionals are trained to meet the complex needs of older adults.”
  • MedPage Today tells us,
    • “Chronic obstructive pulmonary disease (COPD) affects at least 4.5% of those 18-49 years old, according to an analysis of U.S. cohorts * * * as reported in NEJM Evidence.”
    • “The early COPD group was more likely to be hospitalized or die from chronic respiratory disease, to develop heart failure, and to die before 75 years of age from any cause.
    • “Having a definition for early COPD might allow for studies to find ways to treat the disease and reduce its impact.”
  • The AHA News informs us,
    • “Five pediatric flu deaths were reported to the Centers for Disease Control and Prevention last week, pushing the total to 266 for the 2024-2025 flu season, according to the latest data. The total is the highest reported in any non-pandemic flu season since the agency began reporting it in 2004. The CDC said 90% of reported pediatric deaths this flu season have happened to children who were not fully vaccinated against the flu.”
  • The American Medical Association lets us know what doctors wish their patients knew about the impact of caffeine.

From the U.S. healthcare business front,

  • The Wall Street Journal reports,
    • Bristol Myers Squibb BMY and Bain Capital are forming a new biopharmaceutical company focused on therapies for autoimmune diseases.
    • The new company will be created with $300 million in financing led by Bain Capital, including funds from the Canada Pension Plan Investment Board.
    • The company will begin with five potential treatments for autoimmune diseases in-licensed from Bristol Myers Squibb, which will retain 20% equity in the new company. Bristol Myers Squibb will also be entitled to royalties and milestones from the potential treatments.
    • Biotech executive Daniel Lynch, currently chairman of the board at Xilio Therapeutics XLO, will lead the new company as chief executive.
  • Per BioPharma Dive,
    • “GSK is turning to a China-based biotechnology company in search of its next blockbuster medicine, announcing Monday a broad drug making alliance with Hengrui Pharma that could be worth billions of dollars.
    • “GSK will pay Hengrui $500 million upfront to start the alliance. In return, it will receive rights outside of the greater China region and Taiwan to an experimental drug for chronic obstructive pulmonary disease as well as the potential to develop up to 11 other therapies for respiratory illnesses, immune disorders or cancer. If a variety of milestones are met, the deal could be worth up to $12 billion, plus royalties, GSK said.”
  • Beckers Payer Issues offers us six prior authorization updates that Beckers has reported since June 23.
  • Per an NIH news release,
    • “Researchers at the National Institutes of Health (NIH) have developed an artificial intelligence (AI) agent powered by a large language model (LLM) that creates more accurate and informative descriptions of biological processes and their functions in gene set analysis than current systems.
    • “The system, called GeneAgent, cross-checks its own initial predictions—also known as claims— for accuracy against information from established, expert-curated databases and returns a verification report detailing its successes and failures. The AI agent can help researchers interpret high-throughput molecular data and identify relevant biological pathways or functional modules, which can lead to a better understanding of how different diseases and conditions affect groups of genes individually and together.”

Weekend Update

David ErmerCongress, Generative AI, Medical / Rx research, U.S. Healthcare

From Washington, DC

  • Roll Call discusses likely Senate activities this week.
  • Congress in the July 4, 2025, budget reconciliation act (§ 90101, at 291) did enact a law requiring OPM to place more internal controls over family member eligibility.
    • – No later than 12/31/25, OPM must develop a process by which any [ineligible] individual enrolled in, or covered under, a [FEHB or PSHB] shall be disenrolled or removed from enrollment in, or coverage under, that plan.
  • This requirement should include implementation of the HIPAA 820 standard enrollment roster transaction. 
    • – No later than July 3, 2026, OPM must issue regulations and implement a process to verify – (1) the veracity of any qualifying life event through which an enrollee seeks to add a member of family to his/her coverage; and (2) that, when an enrollee in the Program seeks to add a member of family to his/her coverage, including during any open season, the individual so added is a qualifying member of family with respect to the enrollee.
  • It would be sensible for OPM to implement a program similar to TRICARE’s DEERS program which places the reporting burden on the TRICARE enrollee. 
  • HIPAA Suite explains,
    • “The HIPAA 820 transaction set [which has been around since 2008] handles the [electronic] communication between a sponsor that is an entity that pays for someone’s health care, and another entity that manages health care benefits, such as an insurance company.
    • “For example, a large employer that has a contract with an insurance company or a government agency that handles social and health benefits will use the 820 transaction to manage premium payments. This information can either be very detailed and contain demographic information on each individual that is covered or just contain a summary of the payment for all members.
  • The HIPAA standard transaction law requires health plans to be able to process the HIPAA 820. What’s more nearly half of FEHB and PSHB enrollees have self only coverage.

From the public health and medical reseach front,

  • MedPage Today reports,
    • “For years, we’ve told our patients that human papillomavirus (HPV) vaccination works best when administered before sexual debut — and rightfully so. But what happens when a woman has already developed high-grade cervical dysplasia and undergoes surgical treatment?
    • Our recent study, published in The Lancet Regional Health – Europe, explored that very question. And the results were striking: women who received the HPV vaccine after surgical excision (conization) experienced a 74% reduction in recurrent high-grade cervical lesions (CIN2+), with the most dramatic benefit seen within the first 6 months after surgery.
  • and
    • “Cases of “Ozempic mouth” and “Ozempic teeth” have recently been described in the news, with most of the problems — inflammation affecting the gums, tooth decay, and even bad breath — linked to a dry mouth.
    • “All of the GLP-1 agonists that we use now cause changes in how everything is secreted in your GI tract,” Ann Marie Defnet, MD, who specializes in obesity medicine and bariatric surgery at Northwell Health’s North Shore University Hospital and Long Island Jewish Medical Center in New York City, told MedPage Today. And this “definitely has an impact on saliva.”
    • “People taking GLP-1 drugs also tend to be a bit dehydrated because they are often not hungry or thirsty, she noted.
    • “I haven’t seen too many horrible cases of periodontal disease, gingivitis, or anything like that, nor have I had any patients really complaining about dry mouth,” she noted. “But definitely I have patients all the time that [say], ‘Oh yeah, I can tell I’m dehydrated.'”
    • “Defnet said she believes some of the serious oral health issues that have been reported are likely representative of “more of a later stage issue with patients who maybe just aren’t staying hydrated in general.”
    • “One of the big things I always counsel my patients on is they just have to remember to continue to drink water, even if they’re not thirsty, even if they’re not hungry,” Defnet said. “That seems to help with all of these symptoms.”
  • The New York Times discusses “Coronary artery calcium testing [which] can reveal plaque in arteries, offering a more precise estimate of a patient’s risk [of having a heart attack]. Yet the test remains underused.”
    • “A brief and painless CT scan, it would show whether the fatty deposits called plaque were developing in the arteries leading to her heart.
    • “When plaque ruptures, it can cause clots that block blood flow and trigger heart attacks. The scan would help determine whether Ms. Hollander would benefit from taking a statin, which could reduce plaque and prevent more from forming.
    • “The test is used by more people every year,” said Dr. Michael Blaha, co-director of the preventive cardiology program at Johns Hopkins University. Calcium scans quadrupled between 2006 and 2017, his research team reported, and Google searches for related terms have risen even more sharply.
    • “Yet “it’s still being underused compared to its value,” he said.
    • “One reason is that although the test is comparatively inexpensive — sometimes up to $300, but often $100 or less — patients must pay for it out of pocket. Medicare rarely covers it, though some doctors argue that it should.”

From the U.S. healthcare business front,

  • Radiology Business lets us know,
    • “Physicians are increasingly exiting Medicare, according to new research published in JAMA Health Forum
    • “Radiology and other specialties have expressed concern in recent years that inadequate payment rates could push practices to close or stop accepting the federal program for seniors. Since 2001, Medicare reimbursements to physicians have fallen 33%, when adjusting for inflation, according to the American Medical Association. 
    • “Researchers recently sought to test this theory, analyzing 100% of fee-for-service Medicare Part B claims logged between 2010 to 2024. They found the share of physicians exiting Medicare increased “significantly” from 1.8% to 3.6% by the end of the study period. 
    • “The findings may reflect multiple factors, including the greater burden of new communication methods (e.g., portal messages) and demands for clinical documentation,” Hannah T. Neprash, PhD, and Michael E. Chernew, PhD, healthcare policy experts with the University of Minnesota and Harvard Medical School, respectively, wrote July 18. “More rapid growth in exit[s] among small practices likely contributes to consolidated physician markets, given that new physicians increasingly work for large practices.”
    • “Researchers excluded docs who on average billed for fewer than 100 Medicare claims annually. They defined an exit as the absence of any claims in the payment program for 12 consecutive months. Altogether, the study sample included over 791,000 physicians at an average age of nearly 45. Physician Medicare exits displayed a gradual increase from 2010-2013 before stabilizing between 2014-2016. They saw another gradual increase from 2017-2019 and then spiked amid the COVID-19 pandemic in 2020-2021 before returning to regular levels by 2023.” 
  • The boilerplate in an FEHB or PSHB brochure (meaning its OPM policy) reads,
    • If you are enrolled in Medicare Part B, a physician may ask you to sign a private contract agreeing that you can be billed directly for services ordinarily covered by Original Medicare. Should you sign an agreement, Medicare will not pay any portion of the charges, and we will not increase our payment. We will still limit our payment to the amount we would have paid after Original Medicare’s payment. You may be responsible for paying the difference between the billed amount and the amount we paid.
  • MedCity News informs us that “Sentara Health has rolled out Regard’s AI-powered chart review and discharge summary tool across all 12 of its hospitals [located in Virginia and North Carolina]. The tool has delivered consistent benefits when it comes to patient safety and documentation accuracy, said Joseph Evans, Sentara’s chief health information officer.

Cybersecurity Saturday

David ErmerCybersecurity, Generative AI

Exploitation of Microsoft SharePoint Vulnerabilities

  • Last Sunday, July 20, the Cybersecurity and Infrastructure Security Agency (CISA) added a known exploited vulnerability to its catalog
    • CVE-2025-53770 Microsoft SharePoint Server Remote Code Execution Vulnerability
  • CISA also created an alert on the new KVE, which the agency updated on Tuesday and Thursday.
  • The Wall Street Journal reported on July 21,
    • Microsoft issued an alert about “active attacks” targeting its server software and urged customers to install new security updates that have been released.
    • Microsoft’s Security Response Center said in a blog post over the weekend that the attacks target on-premises SharePoint server customers and exploit vulnerabilities that were partially addressed by a July security update.
    • “Organizations typically use Microsoft SharePoint to create intranet websites, store and organize information, and facilitate file-sharing among workers. Cloud-based SharePoint Online in Microsoft 365 isn’t affected, the company said.
    • “By Monday, cybersecurity investigators said that the SharePoint attacks were widespread. At least one of the “multiple” hacking groups involved in the attacks was linked to China, according to Google’s Mandiant cybersecurity group.
    • “Microsoft declined to comment beyond its blog post.
    • “Hackers exploiting the SharePoint flaws then stole cryptographic keys that could be used to run commands on the affected server in the future, even if it had been patched, cybersecurity investigators said on Monday.”
  • and added on July 24,
    • Last year, Satya Nadella pledged to make security priority number one at Microsoft. A new hack involving China is showing just how difficult that can be.
    • The attack involves several versions of Microsoft’s SharePoint software that serve as a document storage platform for customers who don’t want to use the cloud. Microsoft released patches for a pair of SharePoint bugs earlier this month, but the fixes were quickly bypassed, allowing China-linked hackers to break into hundreds of organizations, according to security researchers.
    • Instead of protecting customers, the faulty patches may have served as a road map for hackers to hone their attacks, the researchers said.
    • It’s the latest in a string of lapses by the technology giant that have benefited China’s vast and global cyber-espionage operations, a top U.S. national security threat. * * *
    • “In the SharePoint attack * * * the issue began in May 2025, at a hacking contest in Berlin where the Vietnamese researcher [and pentester] Dinh Khoa (LinkedIn page) won $100,000 and a laptop.
    • “This is a very hard target so we spent a lot of time digging into it,” Khoa said in an interview posted online after the contest.
    • “To the applause of audience members, he showed how to break into a SharePoint system and was soon escorted into a private room where he explained the bugs to a representative from Microsoft and Dustin Childs, head of threat awareness with cybersecurity company Trend Micro’s Zero Day Initiative. Two months later, on July 8, Microsoft fixed the bugs. They were two of the 130 bugs that Microsoft fixed that month.” * * *
    • “On Saturday [July 19], Microsoft took the unusual step of issuing two emergency patches, which contain “more robust protections” to the bugs that Khoa had found, the company said. SharePoint customers should also change the cryptographic keys used by their servers, a move that—when combined with the new patches—effectively closes the back door created by the attack, Microsoft said.”
  • Cyberscoop noted on July 24,
    • The fallout from an attack spree targeting defects in on-premises Microsoft SharePoint servers continues to spread nearly a week after zero-day exploits were discovered, setting off alarms across the globe. More than 400 organizations have been actively compromised across four waves of attacks, according to Eye Security.
    • Multiple government agencies, including the Departments of Energy, Homeland Security and Health and Human Services, have been hit. The California Independent System Operator, which operates some of the state’s wholesale electric grid, was also impacted.
    • As more victims confirm varying levels of compromise from the attack spree, researchers are learning and sharing more details about post-exploit activities. One of the China-based attackers behind the initial wave of attacks, Storm-2603, deployed Warlock ransomware starting July 18, Microsoft Threat Intelligence said Wednesday in an updated blog post.
    • The Chinese government-affiliated threat groups Linen Typhoon and Violet Typhoon — which have been active for at least a decade — are also actively exploiting the zero-day vulnerabilities, Microsoft said. Linen Typhoon has focused on stealing intellectual property and Violet Typhoon is an espionage threat group. Storm is a moniker Microsoft uses for threat groups in development.
  • NextGov/FCW discusses the impact of the Sharepoint vulnerabilities on federal government agencie here (Homeland Security, among other agencies affected) and there (Defense Department not affected).

From the cybersecurity breaches and vulnerabilities front,

  • Security Week informs us,
    • “The Alcohol & Drug Testing Service (TADTS) is notifying roughly 750,000 people that their personal information was compromised in a July 2024 data breach.
    • “TADTS is based in Texas and was until recently known as the Texas Alcohol and Drug Testing Service. It provides workplace and individual alcohol and drug testing services in Texas and other states.
    • “The incident, TADTS says, was identified on July 9, 2024, and involved unauthorized access to and the theft of data maintained in its systems.
    • “The investigation into the potentially compromised information, conducted with the assistance of a professional data mining team, was concluded only recently, and determined that personal information was included in the stolen data.” * * *
    • “While TADTS did not share details on the type of cyberattack it fell victim to, the infamous BianLian ransomware group took credit for the intrusion on July 14, 2024, claiming the theft of roughly 218 gigabytes of data.
    • “It is unclear whether the hackers released the stolen information publicly, as their Tor-based leak site is currently offline and the group has been quiet for months, with their last known victim announced on March 31.”
  • and
    • “Marketing software and services company Cierant Corporation and law firm Zumpano Patricios have independently disclosed data breaches, each impacting more than 200,000 individuals.
    • “What the Cierant and Zumpano Patricios incidents have in common is that the number of impacted people was brought to light in recent days by the healthcare data breach tracker maintained by the US Department of Health and Human Services (HHS).
    • “The Zumpano Patricios breach impacts nearly 280,000 individuals. The law firm, which has offices in several major US cities, is representing healthcare providers in disputes with health insurance companies over medical service payments to patients. 
    • “Zumpano Patricios is informing impacted individuals that it had detected an intrusion in its IT network on May 6, 2025, but could not determine the date and time of initial access. 
    • “An investigation revealed that the hackers accessed and possibly exfiltrated files containing information such as patient name, date of birth, Social Security number, provider name, health insurer information, dates of service, and amounts charged by the provider and payments they received.”
  • Cybersecurity Dive tells us,
    • “Hackers breached the Philadelphia Indemnity Insurance Company in June and stole customer data, the company said in a filing with the California Attorney General’s office
    • “An unauthorized party accessed customer data during an intrusion discovered between June 9 and June 10, according to the disclosure.
    • “The company previously called the incident a network outage, however it said there was no ransomware and no encryption. The company did report the incident to law enforcement and retained outside forensic experts to investigate.”
  • In addition to the June 20 addition discussed above, CISA added six known exploited vulnerabilities to its catalog this week.
    • July 22, 2025
      • CVE-2025-49704 Microsoft SharePoint Code Injection Vulnerability
      • CVE-2025-49706 Microsoft SharePoint Improper Authentication Vulnerability”
        • Cybersecurity Dive explains,
          • “The [Sharefile] intrusions are exploiting ToolShell, an attack sequence that combines remote code injection and network spoofing vulnerabilities tracked as CVE-2025-49704 and CVE-2025-49706.” 
    • Also July 22, 2025,
      • CVE-2025-54309 CrushFTP Unprotected Alternate Channel Vulnerability
        • Tenable discusses the CrushFTP vulnerability
      • CVE-2025-6558 Google Chromium ANGLE and GPU Improper Input Validation Vulnerability
      • CVE-2025-2776 SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability
      • CVE-2025-2775 SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability
  • Security Week notes,
    • “SonicWall on Wednesday announced patches for a critical vulnerability in Secure Mobile Access (SMA) 100 series secure access gateways, urging organizations to take immediate action in the wake of the recently disclosed Overstep malware attacks.
    • “The newly addressed flaw, tracked as CVE-2025-40599 (CVSS score of 9.1), is described as an arbitrary file upload issue in the SMA 100’s web management interface.
    • “The bug can be exploited by remote attackers to upload arbitrary files to the system, which could lead to remote code execution (RCE). The attackers need administrative privileges to exploit the security defect, SonicWall’s advisory reads.”
  • and
    • “The Lumma Stealer has returned after Microsoft and law enforcement caused significant disruption to its infrastructure, Trend Micro reported on Tuesday.” * * *
    • “The ability of Lumma Stealer’s operators to regroup and innovate poses a continued risk to organizations and individuals worldwide,” Trend Micro said. “This emphasizes the need for ongoing vigilance, proactive threat intelligence, and sustained collaboration between law enforcement and the cybersecurity community. Without this, even the most significant takedowns might only offer temporary relief from evolving cyber threats.”
  • Per Dark Reading,
    • “A suspected Chinese nation-state threat group is conducting an extensive cyberespionage campaign that takes advantage of vulnerable VMware ESXi and vCenter environments.
    • “Since early 2025, researchers at Sygnia have responded to multiple incidents tied to a cyberespionage campaign they track as “Fire Ant.” According to research published Thursday, Fire Ant actors are establishing initial access in organizations’ VMware systems, which have become popular targets for attackers in recent years.
    • “More importantly, Fire Ant actors used deep knowledge of the target environments and strong capabilities to consistently bypass segmentations and reach isolated portions of the network.”

From the ransomware front,

  • In line with this week’s theme, Bleeping Computer points out,
    • “A China-based hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks targeting the recently patched ToolShell zero-day exploit chain.
    • “Non-profit security organization Shadowserver is currently tracking over 420 SharePoint servers that are exposed online and remain vulnerable to these ongoing attacks.
    • “Although Microsoft has observed this threat actor deploying Warlock and Lockbit ransomware in the past, Microsoft is currently unable to confidently assess the threat actor’s objectives,” the company said in a Wednesday report.”
  • July 22, 2025, CISA issued an alert and advisory on Interlock ransomware.
  • Per Bleeping Computer,
    • “Law enforcement has seized the dark web extortion sites of the BlackSuit ransomware operation, which has targeted and breached the networks of hundreds of organizations worldwide over the past several years.
    • “The U.S. Department of Justice confirmed the takedown in an email earlier today, saying the authorities involved in the action executed a court-authorized seizure of the BlackSuit domains.
    • “Earlier today, the websites on the BlackSuit.onion domains were replaced with seizure banners announcing that the ransomware gang’s sites were taken down by the U.S. Homeland Security Investigations federal law enforcement agency as part of a joint international action codenamed Operation Checkmate.”

From the cybersecurity policy and law enforcement front,

  • Cyberscoop reports,
    • “The Trump administration’s new AI Action Plan calls for companies and governments to lean into the technology when protecting critical infrastructure from cyberattacks.
    • “But it also recognizes that these systems are themselves vulnerable to hacking and manipulation, and calls for industry adoption of “secure by design” technology design standards to limit their attack surfaces.
    • “The White House plan, released Wednesday, calls for critical infrastructure owners — particularly those with “limited financial resources” — to deploy AI tools to protect their information and operational technologies.
    • “Fortunately, AI systems themselves can be excellent defensive tools,” the plan said. “With continued adoption of AI-enabled cyberdefensive tools, providers of critical infrastructure can stay ahead of emerging threats.” * * *
    • “The Trump plan states that “all use of AI in safety-critical or homeland security applications should entail the use of secure-by-design, robust, and resilient AI systems that are instrumented to detect performance shifts, and alert to potential malicious activities like data poisoning or adversarial example attacks.”
    • “The plan also recommends the creation of a new AI-Information Sharing and Analysis Center (AI-ISAC) led by the Department of Homeland Security to share threat intelligence on AI-related threats.”
  • Cybersecurity Dive lets us know,
    • “Sean Plankey, President Donald Trump’s nominee to lead the Cybersecurity and Infrastructure Security Agency, faced sharp questions during a Senate confirmation hearing Thursday about the looming expiration of an information-sharing law and CISA’s work on election security.
    • Plankey — currently a senior adviser to Secretary of Homeland Security Kristi Noem — explained his vision for leading an agency that has experienced major workforce cuts and faces significant budget reductions in Trump’s Fiscal Year 2026 spending proposal.”
    • The Senate Homeland Security and Governmental Affairs Committee will vote on whether to send Mr. Plankey’s nomination to the Senate floor at a business meeting next Thursday.
  • Cyberscoop adds,
    • “President Donald Trump’s pick to lead the Cybersecurity and Information Security Agency told senators Thursday that he would prioritize evicting China from the U.S. supply chain, and wouldn’t hesitate to ask for more money for the shrunken agency if he thought it needed it.
    • “If confirmed it will be a priority of mine to remove all Chinese intrusions, exploitations or infestation into the American supply chain,” Sean Plankey told Rick Scott, R-Fla., at his confirmation hearing before the Homeland Security and Governmental Affairs Committee. Scott had asked Plankey about reports of Chinese infiltration of U.S. energy infrastructure.”
  • Per a National Institute of Standards and Technology news release,
    • “NIST has issued draft updates to Special Publication (SP) 800-53 to provide additional guidance on how to securely and reliably deploy patches and updates in response to the Executive Order 14306Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144. A two-week expedited public comment period on the draft updates is open through August 5, 2025.” 
  • Per a July 23, 2025, HHS news release,
    • “Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with Syracuse ASC, LLC doing business as Specialty Surgery Center of Central New York, for potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security and Breach Notification Rules. Syracuse ASC is a single-facility, ambulatory surgery center located in Liverpool, New York that provides ophthalmic and ENT surgical services and pain management procedures to patients.” * * *
    • “The settlement resolves an OCR investigation concerning a ransomware breach of ePHI that affected 24,891 individuals. OCR initiated the investigation in October 2021 after Syracuse ASC reported to HHS that an unauthorized individual had accessed its network in March 2021. Further investigation revealed that Syracuse ASC was affected by a ransomware attack involving the PYSA ransomware variant, which is a cross-platform cyber weapon known to target the healthcare industry. OCR’s investigation found that Syracuse ASC never conducted an accurate and thorough risk analysis to determine the risks and vulnerabilities to the ePHI it held. OCR also found that Syracuse ASC failed to timely notify affected individuals and the Secretary of the breach.
    • “Under the terms of the resolution agreement, Syracuse ASC agreed to implement a corrective action plan that OCR will monitor for 2 years and paid $250,000 to OCR.”
  • Cyberscoop reports,
    • “Ukrainian authorities Tuesday [July 22, 2025] arrested the alleged administrator of XSS.is, a Russian-language cybercrime forum, following a four-year investigation by the Paris public prosecutor’s office. 
    • “Law enforcement officials from France and Europol seized the domain of the influential forum following the arrest. Authorities have not named the suspected administrator of XSS.is.
    • “The forum, which was active since 2013, had more than 50,000 registered users and was a key marketplace for stolen data, malware, access to compromised systems and ransomware services, officials said. “It has long been a central platform for some of the most active and dangerous cybercriminal networks, used to coordinate, advertise and recruit,” Europol said in a news release.”
  • Dark Reading alerts us,
    • “A “laptop farmer” [Christina Marie Chapman] in Arizona responsible for enabling North Korean IT worker infiltration into US companies is going to jail for eight and a half years, after raising $17 million in illicit funds for Kim Jong-Un’s regime. That news, however, is merely a drop in the justice bucket, and DPRK’s efforts to siphon salaries off of American companies is unlikely to wane anytime soon. So, US organizations need to wrap their heads around the magnitude of the threat.
    • “North Korea’s multiyear HR-compromise effort has the twin goals of earning money for the hermit kingdom’s nuclear program and other efforts via salaries, as well as gaining a foothold inside corporate networks for the purpose of planting cryptominers or malware for stealing secrets.”
  • Cybersecurity Dive adds,
    • “The U.S. Department of the Treasury on Thursday [July 24, 2025] sanctioned three North Koreans and their company for participating in remote IT worker scams and other operations designed to generate revenue for Pyongyang.
    • The sanctions target the North Korean firm Korea Sobaeksu Trading Co., Sobaeksu employee Kim Se Un, Sobaeksu “IT team leader” Jo Kyong Hun and Kim’s associate Myong Chol Min. 
    • “The Treasury Department calls Sobaeksu a front for North Korea’s Munitions Industry Department, which oversees the country’s nuclear weapons program. North Korea “has previously utilized Sobaeksu to send teams of IT workers overseas, including to Vietnam, in order to generate revenue,” the department said.”

From the cybersecurity defenses front,

  • HelpNet Security explains “Why we must go beyond tooling and CVEs to illuminate security blind spots.”
  • SC Media discusses “exposure management [, which is] a new blueprint for modern cyber defense.
  • Here is a link to Dark Reading’s CISO Corner.

Friday report

David ErmerCDC, Congress, COVID-19, No Surprises Act, Obesity, OPM, Telehealth, U.S. Healthcare

From Washington, DC,

  • Here is a link to OPM Director Scott Kupor’s second weekly blog post which is titled “Rightsizing with a purpose.”
  • The Wall Street Journal reports,
    • “Health and Human Services Secretary Robert F. Kennedy Jr. is planning to remove all the members of an advisory panel that determines what cancer screenings and other preventive health measures insurers must cover, people familiar with the matter said.
    • “Kennedy plans to dismiss all 16 panel members of the U.S. Preventive Services Task Force because he views them as too “woke,” the people said.
    • “The White House has made a priority of targeting initiatives that promote diversity equity and inclusion, or DEI, in everything from artificial intelligence to health research grants.
    • “The task force has advised the federal government on preventive health matters since 1984. The Affordable Care Act in 2010 gave it the power to determine which screenings, counseling and preventive medications most insurers are required to cover at no cost to patients. The group, made up of volunteers with medical expertise who are vetted for conflicts of interest, combs through scientific evidence to determine which interventions are proven to work.
    • “The Supreme Court decided a case in June that centered on a task-force recommendation to cover HIV-prevention drugs. The employer plaintiffs in the case had argued that requiring them to cover such drugs for employees violated their religious rights and that the task-force members weren’t properly appointed. The high court ruled that the task- force appointments were constitutional, while highlighting that the Health and Human Services Secretary has the authority to remove the members of the panel at will.”
  • Per a Senate news release,
    • Today, U.S. Senators Bill Cassidy, M.D. (R-LA), chair of the Senate Health, Education, Labor, and Pensions (HELP) Committee, Maggie Hassan (D-NH), and Roger Marshall, M.D. (R-KS) highlighted the importance of fully implementing the No Surprises Act, which protects patients from surprise medical bills and ensures they know the cost of care before receiving it. This bipartisan legislation was signed into law by President Trump in 2020 as part of his efforts to improve price transparency and lower health costs for American patients.
    • “Nearly five years ago, President Trump signed the No Surprises Act (P.L. 116-260) into law. This historic, bipartisan legislation protects patients from surprise medical bills and ensures that they know the cost of care before receiving it,” wrote the senators. “Ensuring that patients have transparent, personalized cost estimates for their health care is a bipartisan priority. Full implementation of both the good faith estimate and advanced explanation of benefits are critical to providing patients with the entirety of protections enacted under the No Surprises Act…We commend President Trump’s commitment to price transparency and stand ready to assist to ensure a successful and complete implementation of the No Surprises Act.”
    • Since the bipartisan legislation led by Senators Cassidy and Hassan was signed into law by President Trump in 2020, the No Surprises Act has protected American patients from more than 25 million surprise medical bills. This would not be possible without the work of the Departments of Health and Human Services, Labor, and the Treasury.
    • To build on this success, the senators are requesting rules to implement provisions in the law to give covered patients clear cost estimates before their scheduled medical care. To date, the good-faith estimate has been implemented for uninsured and self-pay patients. Additional rulemaking is needed to implement the good-faith estimate and the advanced explanation of benefits for covered patients. For a patient with insurance, providers and facilities are required to provide the good-faith estimate to the individual’s health plan or issuer of coverage, which in turn, must use the estimate to give the patient an advanced explanation of benefits outlining what the plan will cover and what the individual will owe out of pocket.
    • Read the letter here 
  • If Congress wants to improve the No Surprises Act, it should refine the dispute resolution process.
  • Healthcare Dive tells us,
    • “More than 200 telehealth and provider organizations are asking the Trump administration to hammer out regulation governing telehealth prescriptions of controlled substances before pandemic-era flexibilities expire at the end of the year. 
    • “In a letter sent to Terry Cole, the newly confirmed administrator of the Drug Enforcement Administration, the groups urged the administration to ensure a plan is in place by fall so patients can continue to receive remote prescriptions of controlled substances.
    • “The Biden administration proposed a framework for telehealth prescriptions just before President Joe Biden left office in January, but some industry groups have panned the proposed rule as too onerous for providers.”

From the public health and medical research front,

  • The U.S. Disease Control and Prevention announced today,
    • “COVID-19 activity is increasing in many Southeast, Southern, and West Coast states. Seasonal influenza activity is low, and RSV activity is very low.
    • “COVID-19
      • COVID-19 laboratory percent positivity is increasing nationally. Emergency department visits for COVID-19 are increasing among young children 0-4 years old. COVID-19 model-based epidemic trends (Rt) and wastewater activity levels indicate that COVID-19 activity is increasing in many Southeast, Southern, and West Coast states.
    • “Influenza
    • “RSV
      • “RSV activity is very low.”
  • The University of Minnesota’s CIDRAP adds,
    • Emergency department visits rose 4.8% compared to the week before, mainly in children up to 4 years old. Test positivity rose slightly and is now at 5.3% nationally, with levels highest in the Southwest, followed by the South.
    • Wastewater SARS-CoV-2 detections remained at the low level and are highest in the West, with other regional hot spots, including Louisiana with very high activity and Florida with high activity.
    • “The CDC has not updated its variant proportion estimates since the middle of June owing to low numbers of sequences reported when the NB.1.8.1 subvariant was the most common. Variant proportions predicted from testing in international travelers during the same period suggested the XFG variant—one of many JN .1 offshoots— was most common. Both are considered variants under monitoring by the World Health Organization, which in late June said XFG seems to have a moderate growth advantage and a low risk of immune escape, though it added that confidence in its assessments were low because of recent expansion and low sequencing levels.”
  • The CDC also reports,
    • “Tetrahydrocannabinol (THC), a psychoactive substance found in Cannabis sativa plants, including varieties such as hemp, is increasingly being used in consumer products.
    • “During October 22–24, 2024, at least 85 persons, ranging from age 1–91 years, ate food from a restaurant in Wisconsin and experienced symptoms consistent with THC intoxication. The restaurant was in a building with a cooperative (i.e., shared) kitchen used by a state-licensed vendor who produced edible THC products. The restaurant mistakenly used THC-infused oil from the cooperative kitchen to prepare dough.
    • “Clinicians and public health practitioners should be alert to the possibility of mass THC intoxication events via food.
  • Doug Corley, MD, PhD, of The Permanente Medical Group, tells us why rising colon cancer rates—up 2% yearly in younger patients—demand earlier screening.
    • “Younger people are at increased risk compared to what they were,” said Doug Corley, MD, PhD, chief research officer for The Permanente Medical Group. Colorectal cancer “is a substantial problem, and it causes a lot of mortality … and morbidity.”
    • The Permanente Medical Group is a part of the AMA Health System Member Program, which provides enterprise solutions to equip leadership, physicians and care teams with resources to help drive the future of medicine.
    • “Dr. Corley discussed the growing concerns about colon cancer in younger people, as well as how The Permanente Medical Group is helping these populations in a recent episode of “AMA Update.”
  • The American Hospital News lets us know,
    • “A report from AARP and the National Alliance for Caregiving released today found nearly 1 in 4 U.S. adults (63 million) are caring for an adult or child with a complex medical condition or disability. Over half of the caretakers are managing complex medical and nursing tasks like injections, wound care or medication management, though only 20% have training to do so.”
  • Per Medscape,
    • “Urgent care visits frequently result in inappropriate prescribing, with 12.4% leading to antibiotic fills, 9.1% to glucocorticoid fills, and 1.3% to opioid fills. Analysis of over 22.4 million urgent care visits revealed concerning patterns, including 40.8% of acute bronchitis visits resulting in inappropriate glucocorticoid prescriptions.” * * *
    • “Inappropriate prescribing in urgent care is influenced by clinician knowledge, patient demands, and lack of decision support. Antibiotic, glucocorticoid, and opioid stewardship programs are needed to reduce inappropriate urgent care prescribing and support long-term glucocorticoid and opioid deprescribing efforts,” wrote the authors of the study.”
    • “The study was led by Shirley Cohen-Mekelburg, MD, MS, Division of Gastroenterology and Hepatology and Institute for Healthcare Policy and Innovation, University of Michigan in Ann Arbor, Michigan. It was published online on July 21 in Annals of Internal Medicine.

From the U.S. healthcare business front,

  • The Wall Street Journal reports,
    • Centene swung to a loss in the second quarter and offered a drastically reduced projection for full-year earnings, delivering a result even worse than Wall Street feared amid growing signs of a financial meltdown across the health-insurance industry.
    • “The managed-care company, which focuses on Medicaid, Affordable Care Act plans and Medicare, withdrew its earnings guidance for 2025 earlier this month, citing rising costs in Medicaid and problems in the ACA business. 
    • “Centene’s latest woes come after smaller competitor Molina Healthcare reduced its 2025 earnings projection for the second time in a month, and larger Elevance Health reported cost pressures as well. Industry bellwether UnitedHealth Group is set to report earnings next Tuesday, after earlier this year withdrawing its own guidance and replacing its chief executive. 
    • “The entire industry is contending with rising costs as well as a shifting membership and regulatory landscape across various lines of business that appear to have weakened insurers’ ability to predict the risks of the populations they enroll—a fundamental function.
    • Centene said in a conference call with analysts on Friday that it expects results to improve next year as it seeks higher payments and tightens its operations.” 
  • STAT News adds,
    • “Hospitals’ finances are strongly influenced by two factors: the prices they negotiate with insurers and how many patients they treat in their facilities. Right now, the latter does not appear to be the main driver of their strong profits. Inpatient and outpatient surgeries, which tend to be hospitals’ profit centers, were down slightly at both companies. Admissions barely budged. Another hospital chain, Community Health Systems, reported similarly underwhelming patient numbers this week. 
    • “It’s a different story among insurers, who say they’re being forced to shell out more money than usual for their members’ medical costs, particularly those who rely on Medicaid and Affordable Care Act plans. Elevance’s finance chief described what’s happening as a “market-wide morbidity shift,” meaning patients are sicker than the companies had expected when they priced their policies.
    • “One number may help explain why hospitals are faring well as insurers struggle: the amount of money hospitals make on each patient. In Tenet’s outpatient surgery business, revenue per case was up 8.3% year-over-year on a same-facility basis. In its hospital segment, that metric grew 5.2%. Tenet chalked that up to charging insurers higher prices — framed as patients having better-paying insurance — and its focus on offering higher-acuity services like cardiac care and orthopedics. At HCA, revenue per admission grew 4% year-over-year on a same-facility basis.”
    • “And consider which services are at issue for insurers. On the Medicaid front, Elevance said its members are using more home health, transportation, adult day care, and services to help them with daily activities like bathing and dressing. They’re also getting more behavioral health services and inpatient surgeries. As for people on ACA plans, the increase in care is concentrated among emergency room visits, behavioral health services, and high-cost drugs. 
    • “But on Friday, HCA said it’s seeing less demand for services among Medicaid patients.”
  • Here’s a link to a Beckers Hospital Review story about HCA’s second quarter earnings announcement.
    • “Nashville, Tenn.-based HCA Healthcare has reported “16 consecutive quarters of volume growth,” highlighting the strength of its diversified network of markets and services, CEO Sam Hazen said July 25 during the company’s second-quarter earnings call.
    • “The for-profit health system reported a 1.7% year-over-year increase in equivalent admissions for the second quarter and a 2.3% rise year-to-date. YTD managed care equivalent admissions — including the exchanges — increased 4%, in line with HCA’s expectations, according to CFO Mike Marks. Medicare grew 3%, slightly below the company’s expectations.
  • Per Beckers Payer Issues,
    • “With GLP-1 medication costs being a top concern for employers heading into 2026, UnitedHealthcare is addressing the challenge through its Total Weight Support program, aimed at improving weight loss outcomes for employees while managing the costs of medication adherence. 
    • “In our conversations and consultations with employers, they are all looking for solutions for their employees who are dealing with obesity and metabolic conditions that bring better value,” Rhonda Randall, DO, chief medical officer for UnitedHealthcare’s commercial business, told Becker’s. “Total Weight Support was put into the marketplace as a comprehensive solution for employers who are looking for that full-person approach to care for their beneficiaries and employees dealing with obesity.”
  • Mercer consulting offers detailed compliance consideration for GLP-1 drug coverage.

Thursday report

David ErmerCongress, FDA, Federal employment benefits, Medical / Rx research, Obesity, OPM, Patient safety, U.S. Healthcare

From Washington, DC,

  • It’s worth noting that while the House of Representative has gone out of town for the August recess, the Senate will remain in session through next week.
  • The Wall Street Journal reports,
    • “Hospitals would be required to disclose how they make key decisions regarding extremely premature infants in a bill set to be introduced Thursday by Sen. Tom Cotton (R., Ark.).
    • “The legislation is in part prompted by a Wall Street Journal investigation last year that found mothers had been told no lifesaving measures were possible for their extremely premature infants, even though other hospitals nearby offered care for infants born at similar gestational ages.
    • “The Neonatal Care Transparency Act of 2025 would require hospitals to disclose publicly whether there is a minimal gestational age at which they offer active care for infants, rather than comfort measures before their death. While many hospitals require lifesaving measures to be given at 25 weeks’ gestational age or above, decisions on whether to attempt to save younger premature infants can vary by hospital or even doctor.”
  • Per Senate news releases,
    • “On Thursday, July 31, the Senate Health, Education, Labor, and Pensions (HELP) Committee will hold a hearing on how to lower health costs and make health care more affordable for American patients.
      • Title: Making Health Care Affordable: Solutions to Lower Costs and Empower Patients
      • Date: Thursday, July 31, 2025
      • Time: 10:00 AM ET/ 9:00 AM CT
      • Location: 430 Dirksen Senate Office Building
      • “Click here to watch live”
  • and
    • “U.S. Senate Finance Committee Chairman Mike Crapo (R-Idaho) announced the Committee will hold a nomination hearing on Thursday, July 31, 2025, at 10:00 AM ET to consider Bryan Switzer to be a Deputy United States Trade Representative (USTR), Gustav Chiarello III to be an Assistant Secretary of Health and Human Services (HHS), Michael Stuart to be General Counsel of HHS and Derek Theurer to be a Deputy Under Secretary of the Treasury.
      • Title: Hearing to consider nominees for USTR, HHS and Treasury
      • Witnesses: Bryan Switzer; Gustav Chiarello; Michael Stuart; Derek Theurer
      • Date: Thursday, July 31, 2025
      • Time: 10:00 AM ET
      • Location: 215 Dirksen Senate Office Building
      • “Witness testimony, opening statements and a live video of the hearing will be available on www.finance.senate.gov.”
  • The Society for Human Resource Management tells us,
    • “The annual employee contribution limit for dependent care flexible spending accounts (FSAs) is increasing by 50% beginning next year, a change employers will want to communicate to employees as open enrollment season gears up. 
    • “The massive tax law that President Donald Trump signed July 4, known as the One Big Beautiful Bill Act, raises the limit for the pretax benefit account used to pay for eligible dependent care services to $7,500 for single individuals and married couples filing jointly, up from $5,000, and $3,750 for married couples filing separately, up from $2,500. The increase is effective beginning Jan. 1, 2026.
    • “Industry experts have been pushing for a higher contribution limit for years, calling the new increase long overdue. Although other limits, such as for health savings accounts and medical FSAs, are indexed for inflation and usually increase nominally each year, that’s not the case for dependent care FSAs. The current limits have been in place since 1986, except for a temporary increase during the pandemic.
    • “The increase is a “game changer for both working parents and businesses,” said Sara Redington, co-founder of The Best Place for Working Parents (BP4WP), a Fort Worth, Texas-based organization that recognizes employers supporting working parents.”
  • Tammy Flanagan, writing in Govexec, discusses “Why federal retirements are spiking this year. A sharp rise in retirement claims may be tied to fear instead of planning. If you’re eyeing the exit, make sure you’re not rushing into something you’ll regret.”
  • Per STAT News,
    • “Everyone agrees that diet is important to good health. And yet fewer than a third of medical students receive the recommended minimum of 25 hours of nutrition education, and more than half report receiving no formal education on the topic at all. 
    • “That’s why health secretary Robert F. Kennedy Jr. may be pushing on an open door with his plans to require medical schools to include nutrition education in their curricula or else lose federal funding. 
    • “One of the things we’re gonna do at NIH is to really give a carrot and stick to medical schools across the country saying you gotta put in your first-year curriculum a really good, robust nutrition course,” he said in a video posted to his Instagram account earlier this month. 
    • “Medical experts who spoke with STAT noted that there is no standardized curriculum for nutrition, and that it’s not yet clear what specifics Kennedy may attach to funding or what training medical schools might have to cut back to make room for nutrition courses. But they were on board with Kennedy’s general goal, noting that many nutrition and food policy experts have been calling for this kind of change for years. A 2022 House of Representatives resolution on the need for better nutrition education also won bipartisan support. And some medical schools have already taken steps to strengthen their offerings on the subject.”

From the Food and Drug Administration front,

  • Fierce Pharma points out,
    • “Although Sarepta Therapeutics managed to defuse a brief stalemate with the FDA earlier this week, the U.S. drug regulator is reportedly going to put the company to work in order to affirm the safety of its Duchenne muscular dystrophy (DMD) gene therapy Elevidys.
    • “Sarepta would need to conduct new analyses to validate the safety of Elevidys—which has had U.S. shipments paused by the company over a mounting string of controversies—to the FDA, Endpoints News reported Thursday, citing an unnamed senior FDA official.
    • “It’s unclear what sorts of studies Sarepta would need to run to get Elevidys back in the agency’s good graces, or whether the company might need to conduct a new clinical trial, Endpoints noted. The publication said it was unable to independently verify the internal FDA discussions alluded to by the official.
    • “That said, no one at the FDA thinks the treatment should return to market based on current data, an anonymous FDA official told Bloomberg.”
  • and
    • “Danish dermatology specialist Leo Pharma has scored an FDA approval that makes its JAK inhibitor cream Anzupgo (delgocitinib) the first therapeutic in the U.S. specifically indicated for chronic hand eczema (CHE).
    • “The endorsement covers adults with moderate to severe CHE for whom topical corticosteroids either have been inadequate or are not suitable. In September of last year, Anzpugo became the first topical treatment for the condition approved in Europe.
    • “Dermatologists hailed the approval as a long-awaited treatment option for a condition that is often overlooked despite it affecting 1 in 10 adults in the world. A recent study commissioned by Leo and conducted by Ipsos showed that more than half of nearly 200 dermatologists who were surveyed were frustrated by the lack of progress in the indication.
    • “They said current therapeutics for moderate to severe atopic dermatitis—which are often prescribed to treat CHE—don’t sufficiently translate as treatments for moderate to severe CHE.”
  • The American Hospital Association News lets us know,
    • “The Food and Drug Administration has identified a Class I recall of Edwards Lifesciences OptiSite Arterial Perfusion Cannula devices due to the potential for serious injury or death. Edwards identified incidents in which a 3mm to 4mm section of wire from the wire-reinforcement coil at the cannula tip was found to be exposed. The FDA said that some Femoral Arterial Cannula models are made of the same components as the OptiSite Arterial Perfusion Cannula models. Edwards has called for both products to be removed from wherever they are used or sold.”
  • Modern Healthcare reports,
    • “The Food and Drug Administration has classified Baxter’s recall of its Q-Link 13 mobile lift component as the most serious type, meaning it could lead to critical injuries or death if customers continue to use it.
    • “The Q-Link 13 is used with seven models of the company’s mobile lifts, which are used to move patients with limited mobility from one location to another or help with gait training.
    • “It’s an optional part that can be connected with a quick-release hook for sling bars, which hold the lifting sling. It could be attached incorrectly, possibly causing it to come loose and lead to a patient fall. This could result in serious injury to the patient or a caregiver trying to prevent the fall.
    • “This issue has potentially been associated with three serious injuries and one death, according to Baxter.”

From the judicial front,

  • The Northwest Arkansas Democrat Gazette reports,
    • “A federal judge on Wednesday said he will try to issue a ruling soon on whether a new state law banning pharmacies operated by out-of-state pharmacy benefit managers should be enjoined while the matter is being litigated in court.”
  • Govexec tells us,
    • “The Trump administration revealed to a federal court on Thursday the specific offices at which widespread layoffs were planned as of earlier this year, providing rare insight into the scale of its proposed reductions in force.” * * *
    • “The administration revealed the requests to the U.S. Court for the Northern District of California after Judge Susan Illston ordered their disclosure. Illston previously blocked the administration from moving forward with RIFs at all, but that injunction was overturned by the Supreme Court. The judge is now seeking to verify the legality of RIF plans on an agency-by-agency basis and sought information from 17 agencies the administration had told the Supreme Court were set to begin layoffs when Illston’s injunction took effect. 
    • “The Trump administration said the list in some cases undercounted the number of offices developing RIF plans and in others overcounted and has consistently maintained its plans were moving targets. An appeals court this week blocked another order from Illston requiring the administration to disclose to the court reorganization and RIF plans at every major agency, though those were not yet set to be made public.”  

From the public health and medical research front,

  • The AP reports,
    • “The fertility rate in the U.S. dropped to an all-time low in 2024 with less than 1.6 kids per woman, new federal data released Thursday shows.
    • “The U.S. was once among only a few developed countries with a rate that ensured each generation had enough children to replace itself — about 2.1 kids per woman. But it has been sliding in America for close to two decades as more women are waiting longer to have children or never taking that step at all. 
    • “The new statistic is on par with fertility rates in western European countries, according to World Bank data.
    • “Alarmed by recent drops, the Trump administration has taken steps to increase falling birth rates, like issuing an executive order meant to expand access to and reduce costs of in vitro fertilization and backing the idea of “baby bonuses” that might encourage more couples to have kids.
    • “But there’s no reason to be alarmed, according to Leslie Root, a University of Colorado Boulder researcher focused on fertility and population policy. 
    • “We’re seeing this as part of an ongoing process of fertility delay. We know that the U.S. population is still growing, and we still have a natural increase — more births than deaths,” she said.”
  • The Hill tells us,
    • “A new study suggests diets including eggs, especially the yolk, may help reduce the risk of Alzheimer’s disease.
    • “Published in The Journal of Nutrition, the study followed more than 1,000 U.S. adults and found that those who consumed more than one egg weekly had a 47 percent reduced risk of Alzheimer’s.
    • “Over an average follow-up of 6.7 years, 280 participants, or 27.3 percent, were diagnosed with Alzheimer’s dementia. Researchers found that 39 percent of the “total effect of egg intake” was linked to choline, a nutrient found in egg yolks known to support memory and brain function.
    • “Egg yolks also contain omega-3 fatty acids, which have neuroprotective benefits, further supporting brain health.”
  • The New York Times relates,
    • “Tens of millions of people in the United States struggle with obstructive sleep apnea, a condition that occurs when the throat muscles narrow during sleep, leading to temporary pauses in breathing that can cause people to snore and jolt awake, gasping for air.
    • “Poor sleep can leave people feeling exhausted, irritable and unfocused during the day. And if left untreated, sleep apnea can increase the risk for serious conditions like high blood pressure, Type 2 diabetes, heart attack and stroke.
    • “For decades, the primary treatment for sleep apnea has been continuous positive airway pressure (or CPAP). Before bed, those with the condition put on a face mask that is connected to a CPAP machine, which keeps the airway open by forcing air into it. The machines are effective, but many find them so noisy, cumbersome or uncomfortable that they end up abandoning them.
    • “Now, a more appealing option may be on the way, according to a news release from Apnimed, a pharmaceutical company focused on treating sleep apnea. On Wednesday, the company announced a second round of positive Phase 3 clinical trial results for a first-of-its-kind oral pill that can be taken just before bedtime to help keep a person’s airway open.” * * *
    • “Dr. Phyllis Zee, a sleep doctor and researcher at Northwestern Medicine who was not involved with the trial, said that if approved, the drug could transform the lives of many. That includes not only those who can’t tolerate CPAP machines, but also those who can’t — or prefer not to — use other interventions, such as other types of oral devices or weight loss medications. (Excess weight is a risk factor for sleep apnea.)”
  • Per STAT News,
    • “A Phase 3 study of AstraZeneca’s gefurulimab hit its primary and all secondary endpoints, teeing up talks with regulators about the potential blockbuster treatment for generalized myasthenia gravis, Fierce Biotech writes. AstraZeneca’s high hopes for the drug rest on the belief that the weekly, self-administered medicine can unlock an earlier, broader population than its existing gMG drug Ultomiris. In the study, people on gefurulimab performed significantly better on a gMG scale that assesses the ability to perform daily activities versus those on placebo, achieving the primary endpoint of the study.”
  • The U.S. Preventive Services Task Force released its Final Research Plan for Vision in Children Ages 6 Months to 5 Years: Screening.
  • Aunt Minnie adds,
    • “Changing national lung cancer screening guidelines in 2021 may have contributed to a surge in screening exams, but less lung cancer was detected in newly screened participants, and racial, ethnic, and sexual disparities persisted overall, according to a study published July 21 in the Journal of Thoracic Imaging.
    • “While numerous studies have examined the effects of the U.S. Preventive Services Task Force (USPSTF)’s 2021 lung cancer screening (LCS) guidelines on eligibility, this study focused on participation and lung cancer outcomes over the first 10 years of implementing an LCS program.” * * *
    • “Simply revising the guidelines increases eligibility but does not guarantee participation in LCS for these populations,” Lin and colleagues wrote. “These findings underscore the need for continued emphasis on active outreach and patient education efforts to promote LCS among racial and ethnic minority groups, as well as the further evaluation of how these initiatives impact participation and outcomes.”

From the U.S. healthcare business front,

  • Yahoo Finance lets us know,
    •  “Independence Blue Cross (IBX) is helping to improve recovery outcomes for its Medicare Advantage members after they leave the hospital and reduce costs with its Post-Acute Care Program. The program combines predictive analytics, proactive case management, and a focus on home-based recovery, to ensure members receive the right care at the right time after a stay at the hospital. Since its launch in July 2022, it has helped to improve CAHPS survey scores—a tool used to measure members’ experiences with health care services and strengthen health care in the U.S. It has also delivered $13 million in cost savings and earned the prestigious Blue Cross Blue Shield Association’s (BCBSA) North Star Award for its measurable impact.”
  • Per Beckers Payer Issues,
    • “Priority Health, the insurance arm of Grand Rapids, Mich. based Corewell Health, will become the governing member of Group Health Cooperative of Eau Claire, a Wisconsin-based health plan with more than 61,000 members.
    • “Both organizations expect the transaction to close by the end of 2025, pending regulatory approvals.
    • “The agreement will make Priority Health a four-state health plan with more than 1.3 million members across Michigan, Indiana, Ohio and Wisconsin.”
  • Per the AHA News,
    • “The AHA July 24 announced it is collaborating with health care technology leader Epic to help hospitals adopt tools that support the early detection and treatment of postpartum hemorrhage, a leading cause of maternal mortality. 
    • “The organizations have released a toolkit that includes dynamic risk assessments, clinical decision support and treatment guidance embedded in the electronic health record. With the proper permissions from applicable content providers, users of any EHR should be able to implement a similar set of tools. 
    • “The American Hospital Association and Epic share a deep commitment to improving health outcomes for moms and babies,” said Chris DeRienzo, M.D., AHA chief physician executive and a neonatologist. “This new collaboration amplifies our efforts to drive continuous improvement by sharing evidence-based resources to help reduce this tragic condition. It’s a natural extension of AHA’s Patient Safety Initiative, a collaborative data-driven effort to highlight and learn from patient safety progress at hospitals and health systems around the country.” 
    • “The AHA and Epic will support hospitals in their implementation journey with programming, resources and a space to learn from each other and engage with hospitals already seeing successful outcomes with items that are included in the toolkit.”
  • Healthcare Dive informs us,
    • “Labcorp has agreed to acquire certain ambulatory outreach laboratory assets from Community Health Systems, furthering an expansion push that has seen the testing services provider forge deals with a growing list of local and national health systems.
    • “The $195 million cash agreement with CHS includes patient service centers and in-office phlebotomy locations in 13 states, where Labcorp will assume some facility leases.
    • “Evercore ISI analyst Elizabeth Anderson, in a note to clients Tuesday, called the deal “very much in-line with [Labcorp’s] long-stated hospital management and outreach strategy where it continues to build a strong track record.”