Health Business Blog

Six Until Me hosts this week’s edition of Grand Rounds. Rural Doctoring will host next week.

Share

A dozen years ago or so when I was at the Boston Consulting Group, my colleague George Stalk asked us to imagine a world of infinite bandwidth and to dream about what new functionality and business models it would enable. We were still in the heart of the dial-up era, and video-conferencing was an expensive and ultimately unsatisfying experience, but desktop and mobile video were popular dreams. Infinite bandwidth is still far away (at least from my neighborhood) but we’ve at least reached the point where desktop video is generally usable.

Companies like American Well (see my podcast interview with the company’s CEO for more information) are already starting to use video in health care. Now Cisco is encouraging us to think about video in health care through a webiste on Unified Communications for Your Business.

The two-minute Improve Patient Care video struck your jaded blogger as somewhat hokey and contrived (though accurate enough) but I thought the 12-minute podcast entitled Video in Healthcare Then and Now was quite worth listening to.

Of course there is a bit of irony in using audio to discuss the benefits of video…

Share

American Well provides a platform where consumers can obtain real-time access to physicians via the Web. The company has already signed a deal with Blue Cross Blue Shield of Hawaii to offer online services to BCBS members and non-members –and is busy putting other deals in place.

I met this morning with Dr. Roy Schoenberg, the company’s CEO. He described the concept behind American Well and outlined the value proposition for health plans, physicians, and consumers.  American Well has big ambitions, which include revolutionizing the practice of medicine, making the medical home a reality, helping health plans stave off disintermediation, and even offering an alternative to politicians’ plans for universal health care.

You can also read the transcript.

Share

David Williams interviews Dr. Roy Schoenberg, CEO of American Well Play Now | Play in Popup | Download

I’m a big fan of the Wall Street Journal, which I’ve always found heads and shoulders above any other business news source, so naturally I have been concerned about what will happen to it under new owner Rupert Murdoch. I’ve tried to keep an open mind and so far I’d say Murdoch has improved the paper overall. There’s more non-business news and more independent analysis than before, which is great.

But I was really excited and heartened by the story I saw today, tucked away at the bottom of page B1: Boston Scientific Study Flawed. As I started reading the article I noticed that something was different. What was it? When I got to the ninth paragraph and encountered the first quote (from Boston Scientific’s chief scientific and medical officer) I realized what the Journal was up to: Not the usual reporting on what the New England Journal of Medicine had printed the previous today or what some scientist had said at a conference or what some think tank had come up with, but the Journal’s own, independent analysis.

The issues raised are hard-hitting and direct:

• That the Wald equation used by Boston Scientific in the Taxus Liberte Atlas study –and also used by Boston Scientific’s rivals– is a flawed measure
• That using any other measure would have rendered the study a failure “by the common standards of statistical significance in research”
• That non-inferiority studies like this one aren’t a particularly high standard to meet
• That omission of a control group biases the study in Boston Scientific’s favor

Here’s a taste of the Journal’s critique:

In a vital part of its calculation, called the “standard error,” Boston Scientific assumed that the difference between the true rates of reclogging between Liberte and Express was one percentage point-what the trial showed. In a sense, the company’s equation assumed that Liberte definitely isn’t inferior. That’s a problem, since the equation was supposed to be deciding whether Liberte might be inferior after all. As a result, Boston Scientific’s equation gives wrong answers that consistently favor the Liberte.

To remove that flaw, the standard-error calculation should be modified so that it assumes the true difference between rates is three percentage points. When done that way, the chance falls above 5% — meaning the results failed to reach statistical significance.

In typical Journal style, the article is fact-based and neutral in its tone. It doesn’t include loaded terms or use “experts” to act as proxies for the reporter’s personal opinions. I’m sure the Journal will publish letters that it receives in response and that they won’t all be patting the paper on the back the way I am.

I think this type of reporting is great, and much needed. It’s hard to find trustworthy, unbiased sources of medical information these days. Device and pharmaceutical companies have an obvious bias in favor of their products, researchers are influenced by fees they receive from the companies, medical journals are heavily supported by industry revenue, payers are focused on cost control, and the FDA is understaffed and limited in its freedom. We need another voice and I’m glad the Journal is providing it.

I had a look at the comments on the topic at the Wall Street Journal’s Health Blog. A few praise the coverage, but others are skeptical. Issues include: who supplied the data, why didn’t the Journal raise the issue when the study came out, what about the Journal’s own bias toward its advertisers, and a couple of people who say this is a whole lot of fuss about nothing. I’m all for the debate –and say thanks to the Journal for enabling it to occur.

Share

Harvard is helping to build a medical wiki. From The Crimson:

The Medpedia Project, which [James P.] Currier aims to launch by the end of the year, is a global effort modeled after Wikipedia, to build a comprehensive medical resource that will be readily accessible and understandable to both health professionals and patients.

In addition to the encyclopedic “wiki” component of Medpedia—which will be edited by approved contributors selected through an internal review process—the online Web site will serve as a professional network for the medical community and a platform for patient groups.

“In the big picture, it’s an attempt to engage the health and medical communities with Web technology, something that is only beginning today,” said Currier, who graduated from Harvard Business School in 1999 and has partnered with scholars at Harvard to launch Medpedia.

Scherokman and Segal had previously raised this model as a possibility in Health 2.0 for Neurologists

• Should doctors focus on contributing to existing Wikipedia articles? Or is medicine so technical or opinion-based that doctors should favor wikis with authorship restricted to medical professionals? The typical Wikipedia approach is to open up authorship to everyone, though exceptions are made for opinion-based material.
• Should doctor-authored wikis be sponsored by publishing companies, Wikipedia, professional societies, or other not-for-profit groups? Various groups are already experimenting with these options. The largest medical publisher, Elsevier, has placed the content of a textbook into WiserWiki, with authorship restricted to board-certified physicians. Some not-for-profit groups have also started general medical wikis with authorship restricted to physicians (AskDrWiki) or a slightly wider group of medical professionals (Ganfyd).
• Should there be separate doctor-authored wikis intended for clinicians and others for patients?
• Should there be separate wikis for specialties (e.g., the wiki Handbook of Genetic Counseling) or should information be in an all-encompassing collection such as Wikipedia?

Share

This is the transcript of my podcast interview with Yuval Ben-Itzhak of Finjan Incorporated.

David Williams:  This is David Williams, co-founder of MedPharma Partners and author of the Health Business Blog. I’m speaking today with Yuval Ben-Itzhak, Chief Technology Officer of Finjan Incorporated, which is a provider of secure web gateway products. We’re talking today about the malicious page of the month where Finjan has found stolen data being traded by cybercriminals.

Yuval, it’s nice to have you here today.

Yuval Ben-Itzhak:  Hi, thank you very much.

David:  Yuval, can you tell me how cybercrime is evolving, and also help us understand these crimeware servers that you’re discovering?

Yuval:  What we see today are criminals moving from looking for fame to looking for data. They are even shifting from attacking individuals or the consumer toward targeting businesses and health care organizations. We see this worldwide with the type of data they’re looking for, and the efforts that they are putting into collecting the data and later trading them.

David:  And what are you finding in terms of how data are being collected? I’ve heard for a long time about credit card information being stolen and social security numbers and identity theft, but more recently about health care data. What are you seeing there?

Yuval:  We’re starting to see that more and more of the attacks are looking for health care information. And we found that, basically, because we inspect the data on the servers.

That means our researchers can put their hands on the criminal servers and look in the data. What is there? What was collected? And we started to see more and more health care information there.

These criminals manage to infect doctors’ PCs worldwide. And it can be the laptop or it can be the desktop of the health care network environment.

So once this desktop is infected and the doctors login to the system –either through a Citrix system, or just reading documents, or writing any prescription, or something like that– the information is recorded using keyloggers, using screenshots that the trojans are taking. And then later they are transmitted back to the criminals and stored on other servers.

By doing that, these criminals manage to get all the medical history of patients, all the data that the doctor is looking at, or writing about, and this information, of course, has a lot of value for them.

David:  Yuval, I’ve read a number of headlines in the general press where you hear about a laptop that was stolen that had millions of people’s records on it and so on. But the examples that you give here are a little bit different. You talked about Citrix and Citrix credentials. Can you, first of all, explain for the lay health care audience what Citrix is? And then, why it would be valuable for someone to have the credentials?

Yuval:  Citrix is a very well known company that provides products that enable users to have remote control and remote access to a network. Usually IT and CIOs will provide it to their end users when they want to increase security to separate between the internal network and external network.

So it’s like the early days of the remote terminals that you can go from a remote, and login to a system, and do whatever you want. The Citrix presentation layer has its own benefit by doing the separation. However, once I have the login and password to this system, I have complete access to the internal network. And this is what the criminals are targeting.

The trojan horses, basically (and this is what we included in the report we just released), are monitoring access to Citrix systems. They’re trying to find out the login and passwords to the Citrix interface. And by doing that, they have the key to the internal network.

So they don’t need to have a physical access to the network. They don’t need to directly compromise a server within that network. But by having the credentials to log into the Citrix interface, this interface that enables me to access a remote system, this is my key to enter your data and to put my hands on them, and do whatever I want.

David:  In your report you gave examples of a couple of well known health care organizations. You didn’t mention them by name, which I can understand. But how do you find the leading health care organizations in the United States, in terms of their sophistication to be able to defend against these sorts of intrusions, compared to financial services or whatever industry you would say is most ahead in this area?

Yuval:  Recently, I had an opportunity to speak with about 10 IT heads and CIOs from health care organizations in the United States. And what they told me is they’re starting to become aware of the problem. They’re currently using antivirus or URL filtering products within their system to protect them. However, they understand that the mobile users or the mobile laptops, it’s now a problem that they need to deal with.

But also, the attacks today or the methods that the criminals are using to install the malicious code can no longer be detected just by signatures, simply because these criminals are encrypting the payload. It’s called ossification technique.

And by doing that, they break all the signatures. Our antiviruses we’re using for the last 20 years, they’re breaking them dynamically. And because of that, they successfully install the [malware] on the doctor’s PC.

David:  Is that different from what you would have with, say, from a loan officer or whoever the equivalent would be in a financial institution? Are they equally vulnerable, or is health care different in some way?

Yuval:  They’re equally vulnerable. It’s all about the value of the data for the hacker. If the hacker can steal credit card numbers and sell them online, he will go target them. If the hacker can collect data off a patient medical history or any other health care related data and sell it online, he will go and target it. The risk is the same for the financial sector, for the health care sector.

The regulation is different. And the results of violating them or being noncompliant with them has a different impact. But for the criminal to go and bypass and infiltrate a malicious code through an antivirus, URL filtering, or intrusion detector, it’s exactly the same. And what we see based on our research and audits that we’re doing in this type of organization, today they are very successful in bypassing these types of products.

David: I wrote recently on the blog about how medical data is becoming more valuable relative to credit card data. And I speculated, but I didn’t really know, that once a credit card number, for example, was compromised the detection would be faster, and therefore, the criminal would have less of an opportunity to use the card.

And that would make it different from, and perhaps less valuable than, health care data, where for example, if someone had insurance information, they could use it a long time before it was detected just because of the nature of how health care tends to be more disorganized than financial services.

I don’t know if that’s an area that you get into, but would you think that that speculation is on target, or would there be other reasons why the medical information would be more valuable relative to financial?

Yuval:  It definitely makes sense. There is another reason that we believe drives them now toward the health care information, and it’s the basic supply and demand rule in economics. If many hackers are offering credit card numbers for sale, the price drops. And if you go online today and you just search and Google “credit card dumps for sale” you probably are going to find many sites offering this type of data for sale.

So if many people offer credit card numbers and PIN’s, the price goes down. And this is exactly what we saw. The price went down from $100 to $20 per credit card number. So now, the criminals are looking for additional valuable data that’s not particularly rare or hard to find.

So they can charge a higher price for it until it will become a commodity like stolen credit card numbers. So this is another reason we believe it’s just a force of supply and demand in the market, and there is a value for this data, so they’re going and targeting it right now.

David:  Yuval, you’ve been describing today the research that Finjan has done. Can you describe the relationship between the research side of Finjan and the sort of products and services that you offer, and what the implications would be for someone who wanted to protect themselves against these sort of difficulties?

Yuval:  Sure. The research is like the visionary. They provide insights such as: Where these criminals are going, what exactly they’re doing, and how they manage to develop these types of tools. In terms of the product, Finjan sells a gateway product. It’s an appliance that you install to your network. Usually, it’s the DMZ, the demilitarized zone.

It inspects the traffic of your user, either incoming or outgoing traffic, to the Internet. And the unique solution from Finjan, unlike the antivirus that looks at something as it is known and there is a signature for it, or URL filtering that is looking for where content is coming from. The Finjan technology is completely different.

It’s looking for what’s the intent behavior of the contents coming from the web, or basically what it does, what it’s about to do when it will show in your browser. Is it about to delete a file? Is it about to install software? And because of this reason, because of this behavior, our technology will be able to detect and block this content from infiltrating your network.

So the product that installs the DMZ of course connects to the entire system and authentication and caching or any other device that you’ve already got, and will be able to detect and prevent these criminals from infecting your computers. And these types of techniques today are the ones that we truly believe can prevent today’s crimeware.

David:  I’ve been speaking today with Yuval Ben-Itzhak, Chief Technology Officer of Finjan Incorporated. Yuval, thanks for your time today.

Yuval:  Thank you very much.

Share

Tara Parker-Pope of the New York Times summarizes six rules doctors need to know, based on a blog post by Dr. Rob at Musings of a Distractible Mind. One is a rule that doctors follow far too often:

Rule 5: They pay for a plan.

What do people pay for when they come to the medical office? They pay for opinion, yes. They pay for knowledge as well. But what they really pay for is a plan of action….They want to know what is going to be done to help. I try and give a plan, either verbal or written, to each patient that walks out of the exam room. What medications are given and why? What medications are to be stopped? What tests are ordered and what will the results mean? When is the next appointment? What should they call for if they have problems? The better I can answer these questions, the more confidently the patient will walk out of the exam room. The days of paternalistic medicine are over – no handing a prescription and just saying “take it.” Patients should know why they are putting things in their body.

I asked SimulConsult CEO Michael Segal, MD, PhD for his thoughts on this one:

This is why many doctors give treatment plans that are worthless or worse – patients expect something more than advice that the problem will get better by itself.  Much use of band-aids (with potential latex allergies), antibiotics (with potential bacterial resistance) and cold medicines (with side effects such as secondary infections) is attributable to doctors following Parker-Pope’s rule when they should be providing reassurance.  In addition, this focus on intervention is built into reimbursement schedules, making it so doctors are paid little for diagnosis and paid well for intervention.

Then this morning I saw this piece this morning from MedPage Today (For Unexplained Infertility, Continued Trying Is as Good as Treatment)

ABERDEEN, Scotland, Aug. 8 — Commonly used treatments for unexplained infertility may be ineffective in raising the odds of pregnancy, researchers found.

The live birth rate was similar whether couples continued to try for pregnancy naturally, used oral clomiphene (Serophene, Clomid), or had unstimulated intrauterine insemination (17% versus 14% and 23%), reported Siladitya Bhattacharya, M.D., of the University of Aberdeen, and colleagues online in the BMJ.

However, women in the randomized trial were least satisfied with the just-keep-trying approach — dubbed expectant management by the researchers — despite a significant difference in outcomes.

Share

The CRO market was recently estimated at $16.3B for 2006 by Turner Investment Partners with 12.6% compounded annual growth through 2011.  Significant growth drivers are the focus on cost control and emphasis of internal efforts on developing the drug pipeline.

This week, Eli Lilly announced three deals with Covance, Quintiles, and i3 that easily could more than double their current level of outsourcing. 

• The biggest of these three deals by far is the 10-year, $1.6B deal with Covance selling them their Greenfield Indiana facility for $50M and assuming 260 Lilly employees.  According to Forbes, the Covance CEO says they already do “about $70 million in work annually for Lilly. The new contract will lock that in and add $90 million annually.”
• U.S. clinical-trial monitoring work will be transferred to Quintiles, another large CRO.
• Data management will be transferred to i3, a CRO subsidiary of United Healthcare.

A few years ago, the Wyeth made a big splash in the industry when they announced large deals with Accenture for clinical data management and RPS for field monitoring.  The 10-year Accenture deal included 175 Wyeth employees.

Look for other big outsourcing announcements like this, not to mention all the offshore activities being established by big pharma.

Share

Kaiser Permanente plans to run its Community Bike commercial during the opening ceremony of the Olympics tomorrow. If you can’t wait till then, you can see a sneak preview at the Champion Media site, where you can also check out other commercials that are part of KP’s Thrive campaign. The idea is to promote good health, prevention, and the importance of taking responsibility for one’s own health. In case you don’t get the symbolism of the ads, you can watch KP’s SVP of Brand Strategy, Communications and PR explain it.