Wednesday, October 19, 2016

Legal Settlements to Remind Us How Our Health Care System Became Rigged: by GSK, Novartis, CVS

Amidst the sound and fury of the US election season, almost under the radar sneak legal settlements demonstrating continuing bad behavior by big health care organizations, and the continuing lack of accountablity of these organizations' leaders.

We note three cases involving unethical practices leading to overuse of pharmaceuticals that appeared in the last two months, in chronological and alphabetical order.

GlaxoSmithKline Settles Charges of Bribing Chinese Doctors

A summary from Stat by Ed Silverman on September 30, 2016,

GlaxoSmithKline on Friday agreed to pay $20 million to settle charges of violating the Foreign Corrupt Practices Act for what authorities called a pay-to-prescribe scheme in China. In doing so, Glaxo becomes the latest global drug maker to face such accusations as part of a long-running probe by US authorities into companies that paid bribes overseas in order to boost sales of their medicines.

The settlement is an outgrowth of the bribery scandal that rocked Glaxo and resulted in a $490 million fine two years ago after a Chinese court found the company guilty of bribing doctors, hospital officials, and other non-governmental personnel. The former head of the Glaxo unit in China also pleaded guilty to bribery-related charges and was given a three-year suspended sentence.

As part of the scheme, Glaxo employees allegedly funneled kickbacks through trade groups and travel agencies that planned events. Between 2010 and June 2013, Glaxo spent nearly $225 million on planning and travel services. But after reviewing a sample of invoices, authorities found about 44 percent were inflated and approximately 12 percent were for events that did not occur, according to an SEC order.

In 2010, Glaxo hired a Chinese company to develop a project to provide clinics with tools to store and administer vaccines that required refrigeration. Instead, the project was used to give laptops and other electronic devices as gifts to clinics that were believed to have the potential to market still other Glaxo drugs. In all, the drug maker spent about $2.3 million doing this.

Articles in the Wall Street Journal and Reuters stated the bribes were explicitly meant to boost sales of drugs.  However, I am not able to find any information in the few media reports or the US Securities and Exchange Commission order about which products were so promoted.  It appears likely, however, that these alleged practices led to overuse of drugs that at best did patients no good and at worst caused direct harm. 

Although proceedings in China resulted in punishment of a GSK official there, the US proceedings did not subject any individual to negative consequences for enabling, authorizing, directing or implementing any bribes.

Note that our posts on previous misadventures by GSK can be found here.

Novartis Settles Charges of Illegally Promoting Skin Cream for Infants in the US

Again, as summarized by Ed Silverman in Stat on October 5, 2016,

Novartis has agreed to pay $35 million to settle charges of illegally promoting a prescription skin cream for use with infants and toddlers. The deal marks the second time in the past year the drug maker has struck a deal with US authorities to resolve allegations of improperly marketing its medicines.

The agreement, announced on Wednesday, stems from a whistleblower lawsuit filed by a former Novartis sales representative, who accused the company of deliberately trying to widen the market for Elidel by encouraging prescriptions for children younger than 24 months, even though the medicine was not approved for that patient population. At one point, regulators issued a warning about the risk of cancer in small children.

'We were instructed that Elidel was so safe it could be put on up to 80 percent of a baby’s body. And we were never told that it might cause cancer,' said Donald Galmines, 44, the former rep, in a statement. He added that he was trained to invite doctors and their families or staffs to dinners at expensive restaurants, even though during the course of the meal, Elidel might not even be brought up.

The illegal marketing occurred between 2002 and 2009,...

So this case involved allegations of deceptive marketing.  In particular, the deception was potentially dangerous to infant patients, since it appears that the drug promoted was unduly dangerous.

In this settlement, however, the company got to explicitly deny wrongdoing.

Novartis denied the allegations in the settlement agreement.

Novartis has had considerable recent legal trouble involving unethical behavior.

The settlement comes amid a difficult stretch for Novartis. The drug maker last year paid $390 million to settle charges of paying kickbacks to boost sales of two other drugs. And the company is facing a trial stemming from yet another whistleblower lawsuit filed by a different former sales rep, who similarly alleged Novartis illegally marketed medicines.

Those cases gained considerable attention because US Attorney Preet Bharara, who is based in New York, claimed Novartis is a repeat offender when he announced the government had joined the lawsuits in 2013. He was referring to a 2010 case in which the company paid $422.5 million for allegedly marketing six drugs off-label and paying kickbacks to health care professionals.

The United States is not the only venue where Novartis has encountered such charges. Last March, the drug maker agreed to pay $25 million to settle charges that it violated the Foreign Corrupt Practices Act by making illegal payments to health care providers in China. Employees gave money, gifts, vacations, and entertainment to health care professionals between 2009 and 2011, according to US authorities.
Furthermore, an even more extensive list of previous Novartis misadventures can be found in our post here.

Despite all that, however, the settlement did not subject any individual to negative consequences for enabling, authorizing, directing or implementing the allegedly illegal promotion.

Omnicare Settles Charges of Accepting Kickback to Help Illegally Promote Depakote

Finally, as yet again best summarized by Ed Silverman on StatNews on October 17, 2016,

Omnicare, which is the nation’s largest nursing home pharmacy, agreed on Monday to pay more than $28 million to resolve charges of seeking kickbacks from Abbott Laboratories in exchange for boosting prescriptions for a medicine that the drug maker had promoted illegally.

As part of the scheme, Omnicare disguised the kickbacks from Abbott as grants and educational funding, and took rebates from the drug maker based on the amount of Depakote that was prescribed for each nursing home resident. In addition, Abbott paid for Omnicare management meetings at a Florida resort and offered tickets to sporting events, according to the US Department of Justice.

The arrangement between Omnicare and Abbott began after the drug maker launched a new initiative in 1997 to boost prescriptions for the drug, which is approved for treating seizures, bipolar mania, and migraines, but not uncontrollable behavior due to dementia. The following year, Omnicare began soliciting kickbacks from Abbott and the scheme lasted about three years, according to court documents.

The settlement is the latest in a long-running probe by the feds into Omnicare, which is now owned by CVS, and the interplay between nursing home pharmacies and drug makers.

In 2012, Abbott reached a $1.5 billion global civil and criminal settlement that resolved, among other things, alleged kickbacks paid to nursing home pharmacies. At the time of the agreement, the feds noted that Abbott promoted Depakote for controlling behavioral disturbances in dementia patients, even though the US Food and Drug Administration never approved the pill for this particular use.

'Kickbacks to entities making drug recommendations compromise their independence and undermine their role in protecting nursing home residents from the use of unnecessary drugs,' said Benjamin Mizer, the principal deputy assistant attorney general in the Justice Department’s Civil Division,...

So it appears that at best the kickbacks led to prescription of drugs that did patients little good, and may have caused adverse effects.  

An article in the Cincinnati Business Courier noted that CVS, of which Omnicare is now a subsidiary, avoided admitting any responsibility for the alleged acceptance of kickbacks,

CVS 'agreed to settle this matter to avoid the expense and uncertainty of protracted litigation,' spokesman Mike DeAngelis said of the suit against Omnicare. 'The activities, which were alleged to have violated anti-kickback laws, all occurred prior to CVS Health’s acquisition of Omnicare. These matters involved Omnicare only, and no allegations were made against any of CVS Health’s other businesses, including CVS Pharmacy and CVS Caremark. CVS Health is committed to the highest standards of ethics and business practices, and there was no admission of wrongdoing.'

An Associated Press article noted Omnicare's previous track record,

Omnicare has spent hundreds of millions of dollars resolving kickback litigation in recent years. In 2014, it agreed to pay more than $124 million to settle lawsuits alleging it gave kickbacks to some facilities so they would keep the company as their drug provider for elderly Medicare and Medicaid recipients.

In 2009, Omnicare said it would pay $98 million to settle allegations that it solicited or paid a variety of kickbacks. That included an accusation that it received kickbacks from Johnson & Johnson for recommending that doctors prescribe to nursing home patients the antipsychotic Risperdal, which can hasten death in elderly people with dementia.

Furthermore, an extensive list of parent company CVS' misadventures can be found in this post.

Despite all that, again, the settlement did not subject any individual to negative consequences for enabling, authorizing, directing or implementing the alleged acceptance of kickbacks.


Three settlements in two months by three major health care corporations involved allegations of unethical behaviors that were meant to increase prescribing of various pharmaceuticals, whether or not patients needed them, or were more likely to be harmed by them.  Despite the unsavory nature of the behaviors, and the likelihood of patient harms, the companies involved had to pay fines that were tiny relative to their multi-billion dollar revenues.  The companies did not have to admit responsibility, and company managers and leaders did not suffer any negative consequences for enabling, authorizing, directing or implementing the bad behavior.  Thus they exhibited impunity.

These cases are just the latest in a long march of legal settlements to remind us of the continuing bad behavior of large health care organizations, and the continuing impunity of their managers and leaders.

This adds to the evidence suggesting that US health care, at least, is rigged to benefit its top insiders and cronies, and as such, is part of a larger rigged system.  We have previously discussed how market fundamentalism (or neoliberalism) led to deregulation, which enabled deception, fraud, bribery, and intimidation to become standard business practices, and allowed increasing concentration of power by large corporations. Managerialism allowed the top leaders of these corporations and their insider cronies to amass increasing power and money. Everyone else, other employees, stockholders of public corporations, customers, vendors and suppliers, and the public at large lost out. In health care, these changes led to an increasingly costly system which produced increasingly bad results for patients and the public.

We have called for years for what we sometimes term "true health care reform" to derig the system.  Little has changed, while perceptions that the system is rigged have become more common.

Unfortunately, perceptions of a rigged system may not always inspire honest reform. Instead, they can enable the rise of demagogues and would be dictators who promise only they can solve the problem. This appears to have happened in the US. Now honest people who want to unrig the system must first prevent an even worse result, authoritarianism or frank dictatorship.  Never has Benjamin Franklin's warning that we only have "a republic, if you can keep it" been more salient.

However, should we be successful in fending off despotism, the original problems that led the system to be rigged will remain, and new men on white horses may appear, unless we truly reform the system. 

So let us not forget how we got here in the first place.  And should we successfully preserve our republic, let us remember the need for wholesale, real health care reform that would make health care leaders accountable for what their organizations do, particularly when these organizations misbehave.

Monday, October 17, 2016

Petitions for Research Integrity and Against Corruption Available for Signature

Recently, two petitions relevant to the goals of Health Care Renewal have become available. 

US Petition to "Stop False Reporting of Drug Benefits & Harms by Making FDA & NIH Work Together"

Health Care Renewal blogger Dr Bernard Carroll, along with Dr Mickey Nardo, who blogs on 1BoringOldMan, and Emeritus Professor John H Noble Jr have authored a petition to improve the reporting of clinical research in the US, and hence combat the manipulation of clinical research, a topic we often discuss.

Its essence is:

We now petition Congress to require the FDA and NIH to coordinate their monitoring and sharing of key information through Working together, the two agencies could enable stakeholders to verify whether purported scientific claims are faithful to the a priori protocols and plans of analysis originally registered with the FDA. Publication of analyses for which such fidelity cannot be verified shall be prohibited unless the deviations are positively identified (as in openly declared unplanned, secondary analyses). This prohibition shall include scientific claims for on-label or off-label uses made in medical journals, archival conference abstracts, continuing education materials, brochures distributed by sales representatives, direct-to-consumer advertising, and press releases issued by companies or their academic partners. It shall extend to FDA Phase 2, Phase 3, and Phase 4 clinical trials. By acting on this petition, Congress will create a mechanism for stakeholders independently to verify whether inferences about clinical use suggested by the unregulated corporate statistical analyses can be trusted.

The full petition is available online, and is sponsored by the Science and Evidence Council of the Right Care Alliance.

Transparency International Declaration Against Corruption

Transparency International is sponsoring a declaration, valid globally, against corruption.  We often discuss health care corruption, despite the apparent taboo against doing so.  As we just noted, this comes as Transparency International is launching a major initiative against health care corruption.

Its essence is:

I will not pay bribes
I will not seek bribes
I will work with others to campaign against corruption
I will speak out against corruption and report on abuse
I will only support candidates for public office who say no to corruption and demonstrate transparency, integrity and accountability.

It is available for signature here.  

Sunday, October 16, 2016

ONC to Boost Oversight over EHR Usability, Patient Safety Woes

ONC (The Office of the National Coordinator for Health Information Technology at HHS, is reportedly getting more authority to oversee HIT quality.

Some initial observations:

(1) More government control of yet another healthcare domain may be a double-edged sword, BUT:

(2) Something had to be done about HIT, and this initiative could have a good outcome if not overwhelmed too much by corporate and inter-party politics (in our current environment, that is far from assured), and

(3) It validates what we have been writing about on this blog since 2004, and elsewhere on my part since about 1998.

I am also bolding passages I find of most interest.  Emphases mine:


Health Analytics

The ONC will now have more authority to look into EHR usability problems that may produce patient safety risks, thanks to a rule that increases oversight capabilities.

The nation’s quality improvement and payment activities aren’t the only things receiving a federal overhaul this week: the electronic health records that will support clinicians as they implement MACRA and move towards a patient-centered, value-based care environment are also getting some renewed attention.
In conjunction with the publication of the MACRA final rule, the ONC has announced enhanced oversight for the Certified EHR Technology (CEHRT) program, which aims to address some of the usability, patient safety, and workflow design flaws endemic in the current generation of health IT tools.

What have we written about for years here?  Problems including but not limited to:

  • EHR usability
  • Patient safety
  • Workflow design flaws

I hope my efforts and those of other "HIT iconoclasts" (a term that was often used pejoratively) has helped spur recongition of these problems and the resultant action.

The “ONC Health IT Certification Program: Enhanced Oversight and Accountability” rule will give the ONC more authority to regulate the design and functionality of certified tools, which form the backbone of most organizations’ health IT infrastructure.  The final rule will be officially published in the Federal Register on October 19, 2016.

A transparent, direct, and more stringent review process may help to reduce the continuous litany of complaints about convoluted workflows, lost hours of productivity, insufficient interoperability capabilities, and frustrating inconsistencies that often prompt users to develop dangerous and unauthorized workarounds.

What else have we written about for years here?  Problems including but not limited to:

  • lost hours (person-years, really) of clinician productivity,
  • insufficient interoperability (although my emphasis has been that we musst have basic operability before interoperability)
  • Ill-conceived, ill-implemented, discombobulated user interfaces that force dangerous workarounds (e.g., my 2009 ten-part series "Are Health IT Designers, Testers and Purchasers Trying to Harm Patients?" at

(Such EHR problems as the six items above led to the 2011 death of my own mother.)

An increased focus on design and user experience may also help to reduce opportunities for providers to make data integrity mistakes that make big data analytics such a difficult proposition for many stakeholders – and put patient safety at risk due to inadequate communication, lost data, or incorrect inputs.

I add "IT-based data integrity mistakes" as well.

EHRs are consistently found at the top of patient safety hazard lists from organizations like the ECRI Institute.  The ONC itself has repeatedly acknowledged the danger of inefficient and poorly designed health IT tools, most recently releasing a pair of reports in June that outlined the many dangers of inadequate EHRs, clinical decision support systems, and big data analytics technologies.

I recall this 2010 statement from ONC Chair Blumenthal.  From my May 3, 2010 post "David Blumenthal on health IT safety: nothing to see here, move along" at


Blumenthal said that although an advisory committee concluded that more information was necessary, he called the evidence of the reports “anecdotal and fragmented” at best ... [Blumenthal's] department is confident that its mission remains unchanged in trying to push all healthcare establishments to adopt EMRs as a standard practice. "The [ONC] committee [investigating FDA reports of HIT endangement] said that nothing it had found would give them any pause that a policy of introducing EMR's could impede patient safety," he said.

I opined that "Perhaps I'm a bit behind these postmodern times, but I once believed the perhaps now old-fashioned and obsolete view that a scientist would not base a conclusion of medical safety in national dissemination of drug, device, or whatever on some analysis of anecdotal data, whether 'preliminary' or final."

(Just sixteen days after that post, on May 19, 2010, an EHR-related medication reconciliation failure caused my mother to suffer severe injuries, that led to her crippling and death.)

I was right, ONC was dead wrong, and I'm sure ONC hates me for that reason.  From a blog post here:

... Edmund Burke correctly predicted the outcome of the French revolution. He also provided the reasons why it would end in bloodshed. He was vilified, hated and condemned for telling the truth, and when he was proven right, he was hated even more for being right ... The more one tells an ugly truth the more that person is hated. This is because people want a glittering lie to be true. In this we will ignore facts and instead turn to emotion.

Back to the article:

More transparency and accountability in health IT is good for consumers, physicians, and hospitals,” said National Coordinator Vindell Washington, MD, MHCM, in a press release marking the publication of the oversight rule. “Today’s final rule strengthens the program by ensuring that certified health IT helps clinicians and individuals use and exchange electronic health information safely and reliably.” 

Correction:  transparency and accountability, without the "more"; as currently there is little to none.

The ONC’s actions may go some way towards appeasing the large number of industry stakeholders who have been calling for increased health IT oversight since the start of the physician burnout epidemic, largely blamed on the shortcomings of EHR technology.

"Appeasing" is the wrong word.  You appease dictators who do not have the people's best interests at heart.  I would use the word "meeting the intelligent demands of ..."

“We recognize that certified health IT often does not operate in a vacuum,” wrote Elise Sweeney Anthony, JD, Director of the ONC Office of Policy in an accompanying blog post.  “In order for ONC to properly evaluate certified health IT, we may have to look at whether certified health IT may fail to perform as it should when it interacts with uncertified capabilities within the product or with other technology.”

Way too much emphasis on the "Certified" label, which by definition has little meaning, considering the new measures this article described.

The rule allows the ONC to take “necessary action” when CEHRT tools currently in use pose risks to patient safety, and provides an appeal process for the developers of products that come under scrutiny.  ONC will also authorize and oversee accredited testing laboratories (ONC-ATLs) to respond more rapidly to performance issues. 

It will be interesting to see how this plays out.  Again, in the current political mess in this country, I am not highly optimistic.

The agency is also planning to make the results of their surveillance public in an effort to increase transparency and accountability across the industry.

There's transparency, and then there's "transparency."  Wonder which one will predominate?

... "We certainly are leveraging all the opportunities that we have at ONC and our partners at the Office for Civil Rights and other agencies to see that we're protecting consumers and that data is going to flow," said former National Coordinator Karen DeSalvo to the Subcommittee on Information Technology in March of 2016. “There are areas where we know there may be some opportunity like information blocking where we would need some additional support."

Meanwhile, I understand the OCR denies patients rights to their EHR audit trails, which are, in fact, the only way to independently verify if a fraud or tort is being committed upon them i.e., by record alteration....

... But the ONC’s oversight plans may not go far enough, according to Ben Moscovitch, Manager of the Health Information Technology Initiative at the Pew Charitable Trusts.  Since the rule only focuses on catching flaws in EHRs already being used by providers, the agency is missing an opportunity to engage in some preventative care of their own.

“While it's important to check for safety issues in EHRs that are already in use, there is still more we can do to improve EHR safety,” Moscovitch said in an emailed statement. “For one, we need to test EHRs before they go to market, to detect and address possible flaws ahead of time.  “Electronic health records can have some inadvertent flaws, and some that can cause harm. What this rule does is focus on catching potential issues in EHRs that are already in use, but we should also be working to identify and address these hazards before EHRs hit the market,” he asserted. “That means testing them earlier in the process to catch individual issues

I strongly agree.  That is called pre-market surveillance.

... In addition, we need to create a collaborative for EHR safety, bringing stakeholders together to identify common problems and disseminate best practices.”

In fact, we need robust post-market surveillance and need to disseminate not just best practices, but (as I've written many times over the past ~18 years), disseminate worst practices  - lessons learned - to be avoided.  And not be shy or P.C. about publishing the nasty things that sometimes happen in the HIT ecosystem.

The ONC also points out that non-certified products are not on the review agenda – unless the agency needs to examine whether or not they interfere with the function of CEHRT tools.  For providers using a mixture of certified and non-certified technologies, this limitation may be problematic when attempting to remedy workflow issues or patient safety concerns.

Another wrinkle.

I wish ONC luck.  They'll need it.

I'd offer my help, but as mentioned above, they were spouting industry propaganda at a time when doing otherwise might have prevented a very ugly occurrence involving my late mother.  That's just going to take quite a bit more time to forgive.

-- SS

Tuesday, October 11, 2016

Transparency International Once Again Takes on Health Care Corruption

I am happy to report that Transparency International is making a big new push against health care corruption.

Health Care Corruption as a Taboo Topic

Transparency International (TI) defines corruption as
Abuse of entrusted power for private gain

In 2006, TI published a report on health care corruption, which asserted that corruption is widespread throughout the world, serious, and causes severe harm to patients and society.
the scale of corruption is vast in both rich and poor countries.

Corruption might mean the difference between life and death for those in need of urgent care. It is invariably the poor in society who are affected most by corruption because they often cannot afford bribes or private health care. But corruption in the richest parts of the world also has its costs.

The report did not get much attention.  Since then, health care corruption has been nearly a taboo topic in the US.  When health care corruption is discussed in English speaking developed countries, it is almost always in terms of a problem that affects benighted less developed countries.  On Health Care Renewal, we have repeatedly asserted that health care corruption is a big problem in all countries, including the US, but the topic remains anechoic.

Yet somehow, a substantial minority of US citizens, 43%, seemed to believe that corruption is an important problem in US health care, according to a TI survey published in 2013 (look here).  But that survey was largely ignored in the media and health care and medical scholarly literature in the developed world, and when it was discussed, it was again in terms of results in less developed countries.  Health Care Renewal was practically the only source of coverage in the US of the survey's results.

The Transparency International Pharmaceuticals & Healthcare Programme

In June, 2016, Transparency International showed it was back in the fight against health care corruption.  At that time, it published a report on corruption in the pharmaceutical sector.  We discussed it here.  Unfortunately, that report also got little notice in the media or in the medical or health care literature.

This report was actually one of the first efforts from a new Transparency International initaitive to address health care corruption, entitled the Transparency International Pharmaceuticals & Healthcare Programme.  Its mission statement begins [italics added by me]:

Every day, all around the world, people suffer and die due to corruption in the pharmaceutical and healthcare sector. Our vision is a world where less corruption leads to improved global health and healthcare outcomes, leaving no one behind.

Building on twenty years of experience in this and other sectors, Transparency International’s Pharmaceuticals & Healthcare Programme is taking up the challenge of understanding, identifying and combatting corruption in this vital sector. The Programme wants to achieve genuine change in the pharmaceutical and healthcare sector through reducing corruption and promoting transparency, integrity and accountability.

On its new website is its next major report, Diagnosing Health Care Corruption. Its introduction updates the 2006 report, and begins with:

Every day, all around the world, people suffer and die due to corruption in the healthcare sector. It disproportionally affects vulnerable groups, who do not have the knowledge, money or connections to access the care or products they need. While corruption can occur in every area of a health system, corruption from the highest levels will trickle down to effect healthcare received by patients at local health care facilities.

There are several broad effects of corruption in healthcare. Distorted policy, legislative andclinical priorities; a loss of money from health systems; denied or delayed access to health care services and treatment; and a loss of trust in national health facilities, personnel and to a wider extent national governance as a whole.

However, the specific cost of corruption is almost impossible to measure. Like other forms of white-collar crime corruption is inherently hidden from sight and even when some forms of corruption are discovered it is hard to quantify their impact.

The report was motivated by the finding that:

individuals in the healthcare sector do not always understand what corruption is and how it may undermine their work. Conversely, anti-corruption specialists do not always understand and appreciate the complexity of the health care system. This map – a project that will be kept updated – attempts to bridge that gap by providing for the first time, a comprehensive and accessible guide to a health system and the types of corruption that may occur.

The report discussed how corruption affects eight different aspects of the health care system:
- health system governance
- health system regulation
- research and development
- marketing
- procurement
- product distribution and storage
- financial and workforce management
-delivery of healthcare services

For each aspect, it discusses specific types of corruption, 37 in all.  An interactive map of the eight aspects of the health care system and 37 types of corruption affecting them starts on the main page of the website.

In the future, the Pharmaceuticals & Healthcare Programme

activities will be prioritised around five areas in health systems: research & development; manufacturing; procurement and distribution; marketing; and service delivery. These were identified following extensive stakeholder engagement and the programme’s foundational research.

The Pharmaceuticals & Healthcare Programme will target global, national and local interventions. Ongoing research and the lessons drawn from regional and national projects will be used to influence global policy to produce structural change within the health sector; promote global best practice standards to strengthen transparency and accountability; and support national and local interventions and solutions.


Transparency International's re-engagement with the problem of health care corruption argues for the importance and magnitude of this problem.  I hope its new report is not as anechoic as Transparency International's previous efforts were, that it helps to end the taboo on even discussing health care corruption, much less addressing it.  I dare to hope that the new initiative might actually lead to some action to reduce health care corruption. 

As I have said before, and now once more with feeling... if we really want to reform health care, in the little time we may have before our health care bubble bursts, we will need to take strong action against health care corruption.  Such action will really disturb the insiders within large health care organizations who have gotten rich from their organizations' misbehavior, and thus taking such action will require some courage.  Yet such action cannot begin until we acknowledge and freely discuss the problem.  The first step against health care corruption is to be able to say or write the words, health care corruption.

Monday, October 10, 2016

Ransomware and incompetence in backups leads to medical data loss...but the thieves were honest thieves!

"An honest thief!" said Caledon Hockley of Jack Dawson, after planting the Heart of the Ocean diamond necklace in Jack's pocket.

The headline of this posting may sound absolutely insane, but it is factual.

But don't worry, your precious medical data is far safer than it ever was on that 5,000-year-old invention, papyrus.

Marin patients’ medical data lost after cyber attack
By Richard Halstead, Marin Independent Journal   
September 30, 2016

The Marin Healthcare District and Prima Medical Foundation are notifying more than 5,000 patients that some of their medical data was lost due to a glitch that followed a ransomware attack in August.

There's that all-purpose euphemism again, "glitch", which in this case is a euphemism for negligence.  See blog query link for more on "glitches."

Prima Medical Foundation supports the Prima Medical Group, many of whose doctors work closely with Marin General Hospital.

I covered the wondrous EHR at Marin General Hospital at my May 17, 2013 post "Marin General Hospital nurses warn that new computer system is causing errors, call for time out" at, and my May 20, 2013 post "Marin General Hospital's Nurses are Afraid a Defective EMR Implementation Will Harm or Kill Patients .. CEO Cites Defective HHS Paper and Red Herrings As Excuse Why He Knowingly Allows This To Continue" at

The computer records of Marin Medical Practice Concepts, a Novato company that provides medical billing and electronic medical records services to many Marin physicians, were hacked on July 26. As a result, some Marin doctors were unable to access their patients’ medical records for more than a week.

More than a week with no records is, needless to say, putting patients at great risk.

Responding to questions from the Independent Journal on Aug. 4, Lynn Mitchell, CEO of Marin Medical Practice Concepts, confirmed the malware attack. In her email, Mitchell wrote, “Ransom was paid. For security reasons we will not be releasing the amount or denomination paid.”

That really inspires confidence.

Typically in such ransomware attacks, a sophisticated computer virus finds its way into a victim’s system when an unsuspecting employee opens an email attachment. The virus encrypts the system’s data and attackers essentially hold the data hostage until the owners of the information pay a ransom, typically in an untraceable digital currency such as Bitcoin.

A virus "finds its way" into a victim's system?

Let me rephrase into the politically incorrect, but factually correct, "due to incompetence in computer security. evil people are able to infiltrate the virus into a life-critical EHR system."

The Marin Healthcare District and Prima Medical Foundation issued nearly identical press releases on Wednesday, stating, “The third-party forensic firm hired to investigate this incident found no evidence that patient personal, financial, or health information was accessed, viewed, or transferred.

I guess they never considered that such evidence could have been removed by the hackers, who obviously had just a bot more IT expertise than the average high schooler.

But, of course, the thieves were honest thieves who would NEVER steal valuable medical charts for profit on the black market...

Here's what I consider the very worst part of this incident:

“However, during the restoration process, one of MMPC’s backup systems failed, causing information to be lost that was collected at the district’s nine medical care centers between July 11, 2016 and July 26, 2016.”

I note that a "backup system failing" causing data loss is a "never" event.  Incompetence...

The release went on to say: “This information includes vital signs, limited clinical history, documentation of physical examinations, and any record of the communication between patients and their physician during a visit in that 15 day period. Results of diagnostic tests were not lost and patients do not need to be re-tested.”

But patient safety was not compromised...

Jamie Maites, a spokeswoman for Marin General Hospital, said, “The ransom unlocked the data; however, at the time of the incident, we were in the middle of a system upgrade. The data loss occurred at the time of the system restore due to a faulty backup system — not due to the malware.”

Well, that's certainly reassuring.

Maites said Marin General’s systems were unaffected by either the ransomware or the failed backup systems. The patients being notified are patients of physician practices that are part of the Marin Healthcare District Medical Care Centers and Prima Medical Foundation.

The hackers were generous in sparing the hospital.

In a statement, Lee Domanico, chief executive of the Marin Healthcare District, said, “Our community can rest assured that the Marin Healthcare District will continue to work side by side with our vendors to ensure that all of our data is protected with today’s most advanced technology to reinforce their security systems against the most aggressive threats.”

Lee Domanico is the same CEO who I cited in my aforementioned posts who in 2013, after dire nurse warnings, brilliantly assured the board that the hospital was safe, despite "glitches" in the new system and that "I'm confident that in spite of the implementation issues, we have a system today that is safer for patients than our old paper system, and it will get even safer as we gain experience with it and work to fix some of the glitches we've experienced."

In a similar statement, Dr. Robert Newbury, chief executive of the Prima Medical Foundation, said, “It is unfortunate that these types of cyber-attacks have become so common.”

I would more precisely state that it is unfortunate that health IT leaders are so incompetent that they cannot secure their own life-critical systems.

... According to a report issued by the Attorney General’s Office in February, in the past four years the attorney general has received reports on 657 data breaches affecting a total of more than 49 million records of Californians.  The report said that malware and hacking present the greatest threat, accounting for 54 percent of the breaches. The report added that health care, which accounted for 16 percent of breaches, is starting to see an increase in hacking breaches as the sector transitions to electronic medical records. And it said that the “most vulnerable information in health care was medical information, such as patient records, and Social Security numbers.”

I really have to ask if the (increasingly elusive) benefits of EHRs warrant this level of security risk - let alone the known risks of bad health IT aside from security issues.

-- SS

Thursday, October 06, 2016

From my totally nonprofessional viewpoint, it looks like at least the first two of these hospital deaths were directly related to bad health IT

The Connecticut "Health I-Team" site ( provides access to a database sourced from the Connecticut Department of Public Health that includes reports of violations at Connecticut hospitals found during inspections, as well as corrective actions taken to prevent similar future violations.

Their Mission Statement is as follows at

Mission Statement
The non-profit Connecticut Health Investigative Team [C-HIT] is dedicated to producing original, responsible, in-depth journalism on issues of health and safety, in Connecticut and the surrounding region.

Who We Are
A team of award-winning journalists, based in Connecticut, who have come together to provide the public with informative stories about health, safety and medical issues.

They've reported the following at, dated Oct. 5, 2016:

Several patient deaths, including the death of a newborn who was given an overdose of medication, were among various violations found at Connecticut hospitals, according to newly released inspection reports from state health officials.

The reports, which can be found in C-HIT’s Data Mine section, cover inspections that took place at hospitals statewide in late 2015 and the first four months of this year. Some of the violations detailed in the reports resulted in death and injuries to patients.

Department of Public Health (DPH) inspectors regularly make unannounced visits to all hospitals, during which they tour facilities, observe staff and examine documents. Though the most recently released reports document inspections that took place this year and last, some of the violations they include happened several years ago.

All hospitals where violations were found submitted corrective action plans that the DPH has accepted.

Several violations occurred at Yale-New Haven Hospital. A newborn admitted to the New Haven hospital’s Neonatal Intensive Care Unit from another hospital on July 8, 2015, died after being given too much amiodarone, according to DPH. The newborn had an irregular heartbeat and had failed the Critical Congenital Heart Defect screening soon after birth; the medication is used to treat irregular heart rhythms.

A physician assistant said the newborn may have been given too much of the medication because of a default frequency that was automatically entered in a computer system, according to the inspection report.

Also at Yale-New Haven Hospital, a patient having eye surgery on Jan. 16, 2015, died after having a heart attack during the procedure. DPH found the hospital did not document the patient’s vital signs or CPR efforts properly.

From my "totally nonprofessional" viewpoint (that's sarcasm, of course), it looks like at least the first two of these hospital deaths were directly related to bad health IT.

Yale is a relatively recent adopter of the EPIC EHR.

The true rate of near-misses and actual patient harms less than or equal to death is unknown, as random inspections and voluntary reporting are generally unreliable towards complete numbers.

However, based on voluntary evidence such as the ECRI Deep Dive Study (see, the rate is likely far higher than the simple stats reported above show.

The myths around electronic medical record systems have caused the expenditure of billions of dollars and the enrichment of the IT industry at the expense of healthcare.  Benefits are still dubious.  This money could likely have been better spent on healthcare provision itself, especially to the disadvantaged.

The patients mentioned above might be considered sacrifices to the narcissism of the cybernetic hyper-enthusiasts.

-- SS

Another observation.  Through my legal work I have now reviewed the current technical and user manuals to a number of EHR systems in both general and medical subspecialty areas. The nuances, complexity, arbitrary rules, "gotchas", workarounds, etc. of the software that needs to be learned and supported by clinicians (not to mention the technical support personnel) is staggering.  That is not even considering frequent changes.  This is increasingly frightening to me, a Medical Informatics specialist, considering clinicians have far more important matters to attend to, have little free time, and may need to learn multiple systems - sometimes in several hospitals.  These manuals make manuals to the most complex appliances (e.g., advanced professional digital cameras, or car repair manuals) seem like child's play.

Hospitals seem to be becoming a computer laboratory for cybernetic experimentation and a billing mill, rather than a patient care facility.  Clinicians are becoming "software buccaneers" for bad and overly complex health IT. 

All to replace a pen and paper forms.

This is not what the EHR pioneers who taught me Medical Informatics  intended.

-- SS

Not So Wondrous Drugs? - New Warnings about Severe Adverse Effects of New, Heavily Marketed Drugs for Hepatits C,

Background - Wonder Drugs for Hepatitis C

In our April, 2014, post we noted how Sovaldi (sofosbuvir), the new antiviral drug made by Gilead for hepatitis C was touted as a "triumph of of medical technology."  In that, and subsequent posts we discussed how such claims were not buttressed by much good data from clinical research.

We could find only one published randomized clinical trial of sofosbuvir (and ribavirin), which compared it to the older drug used to treat hepatitis C, peg-interferon (and ribavirin).  At best, the new drug showed about the same ability to eliminate detectable virus from the patients' blood in the short-term as did the older drug.  The new drug also produced fewer unpleasant side effects, but possibly more severe adverse effects.  Just like all previous known published trials of hepatitis C treatments, this trial of sofosbuvir did not follow patients long enough to determine if the drug had any effect on the serious, but not inevitable long-term complications of hepatitis C infection, severe hepatitis, cirrhosis, liver failure, liver cancer, and premature death.

I could find no other published trials of sofosbuvir versus either older drugs or placebo.  Most of the subsequently published, and loudly hyped studies of the drug were of highly selected patients, and did not include control groups which did not receive sofosbuvir.  So the very high short term "cure" rates - which were really rates of elimination of detectable virus from the blood, could have been mainly a function of these studies' highly selected patient populations.

Yet the lack of strong evidence that sofosbuvir, and subsequent competing drugs actually made patients better, i.e., feel better, function better, avoid serious subsequent medical problems, or live longer, did not stop tremendous enthusiasm in the media for the new drug.  Much of it doubtless stemmed from huge marketing and public relations expenditures.  Nor did did the lack of evidence stop Gilead and other drug makers from pricing the new drugs in the stratosphere.  Initially a 12 week course of of Sovaldi cost $84,000.

Since then, there has been tremendous buzz about the price of these new antiviral drugs for hepatitis C, and tremendous anxiety about the consequent difficult access to these presumptively "life saving" therapies.  However, my and others' questions about whether these drugs actually benefit patients, and whether any benefits might be worth their harms, remained anechoic (See appendix below.)

The Harms of the "Wonder Drugs" Begin to Appear

Nowadays new drugs, devices, and other health care technologies are often touted based on little evidence.  What evidence is produced mainly comes from commercially sponsored clinical trials.  Commercial sponsors may manipulate the design, implementation, analysis and dissemination of these studies to increase the likelihood that they will make their products look good.

In particular, such trials may fail to detect adverse effects of the new products to be hyped.  The trials  often enroll only small numbers of patients, decreasing the likelihood of finding rare but serious problems.  Often patients who have any health problems other than the disease of interest are excluded from trials, decreasing the likelihood of detecting adverse events that might affect patients with multiple morbidities or on other treatments.  Trials may fail to follow patients long-term, so they may fail to detect adverse effects that appear only after prolonged therapy.  These sorts of problems certainly afflicted the very few real clinical trials of sofosbuvir, and other new antiviral drugs for hepatitis C.   

So it should not have been surprising that sofosbuvir has now been found to produce two kinds of severe adverse events that were undetected, or at least undisclosed when it was launched.  The second kind of adverse event was just announced, and also seems to occur after administration of other new anti-hepatitis C drugs.

Severe Heart Rhythm Abnormalities

In March, 2015, as discussed by Dr John Mandrola in Medscape,

As reported by heartwire , the US FDA recently announced a change in labeling for the hepatitis-C antivirals ledipasvir/sofosbuvir (Harvoni, Gilead Sciences) and sofosbuvir (Sovaldi, Gilead Sciences) after their manufacturers reported bradycardia, pacemaker intervention, and even death in patients who took the medications along with amiodarone. Notably, six of these nine cases occurred within 24 hours of sofosbuvir dosing.

While Dr Mandrola was concerned about this adverse effect, the news media put more emphasis on the Wall Street analysts who thought the problem would have "zero impact" on sales of the fabulously expensive antiviral drugs. (See this post by Ed Silverman on PharmaLot.)

So all remained serene, until this week.

Reactivation of Hepatitis B Infection

On October 4, 2016, Medscape reported

Patients with a past or current hepatitis B virus (HBV) infection can experience sometimes fatal HBV reactivation if they take any of nine direct-acting antivirals for hepatitis virus C (HCV) infection, the US Food and Drug Administration (FDA) announced today.

The agency will require a boxed warning for the drugs advising clinicians to screen patients for evidence of a past or current HBV infection before ordering antiviral treatment for HCV.


The FDA said in a news release that it had identified 24 cases of HBV reactivation in coinfected patients treated with these antivirals from November 22, 2013, to July 18, 2016, in reports to the agency and published literature. Two patients died, and one needed a liver transplant.

Why were we not made aware of this before?  Failure to detect this adverse effect was apparently due to the exclusion of patients with a history of hepatitis B from previous studies of the new drugs.  As we mentioned above, commercially sponsored trials often exclude patients with nearly any medical conditions other than the one of interest.  Yet hepatitis C patients often have comorbidities.  I

clinical trials for the HCV drugs in question did not report HBV reactivation because they excluded patients infected with HBV.

Will this prompt a reexamination of our enthusiasm for new antiviral hepatitis C treatments? I suspect not. Even FDA officials suggested we should not be too alarmed. In particular, Dr. John Farley, deputy director of FDA's Office of Antimicrobial Products, said according to NBC News,

I think it is important to recognize that these hepatitis C drugs are lifesaving medications. What we don't want to do is discourage patients with hepatitis C from getting treatment,...

But remember, there has never been a controlled trial that showed that treatment of hepatitis C with anything actually reduced the risk of later severe hepatitis, cirrhosis, liver failure, liver cancer, or premature death. And there may be other adverse effects of this new treatment that remain unknown.

Even government regulators, who are supposed to put the public health ahead of the profits of the pharmaceutical industry, seem to have fallen for the life saving miracle drug meme in this case.


The ongoing story of hepatitis C treatment demonstrates how hype and buzz, largely generated by marketing and public relations, and likely fueled by financial relationships among commercial health care firms and health care professionals and academics, has triumphed over rigorous skeptical evaluation of the best available evidence from clinical research.

There has never been good evidence that hepatits C treatments prolong life, or prevent severe liver disease in the long run.  There has never been good evidence that these drugs' clinical benefits outweigh their harms.  Yet they have been relentlessly promoted as game changers, miraculous, triumphant lifesaving medicines.

One obvious lesson is that health care professionals, policy makers, and the public at large have to be much more skeptical about commercial claims for drugs, devices, tests, etc.  We need to figure out when claims are coming from marketing departments and public relations hacks.  We need to figure out when researchers and professionals who are supporting these claims could be influenced by financial relationships with the firms benefiting from the claims.

Furthermore, it is high time to revisit all the regulatory and policy changes over the last 30 years that have put manufacturers in charge of the research meant to test their own health care products.

In conclusion, evidence-based medicine rigorously applied suggests that individual health care and health policy decisions should be driven by the best available evidence, mostly from clinical research, about the benefits and harms of tests, treatments, programs, and so on, in the context of what outcomes matter to patients.  The skepticism EBM should engender could lead to health care that is more about patients and their outcomes, and less about ideology, hype, and hucksterism. If only such skepticism were easier to find.

APPENDIX - Clinical Research about Hepatitis C Treatments

Starting in March, 2014, we have posted about the lack of good evidence from clinical research suggesting these drugs are in fact so wondrous.  The drugs are now touted as "cures," at least by the drug companies, (look here), and physicians are urged to do widespread screening to find patients with asymptomatic hepatitis C so they can benefit from early, albeit expensive treatment.

However, as we pointed out (e.g., here and here)
-  The best evidence available suggests that most patients with hepatitis C will not go on to have severe complications of the disease (cirrhosis, liver failure, liver cancer), and hence could not benefit much from treatment.
-  There is no evidence from randomized controlled trials that treatment prevents most of these severe complications
-  There is no clear evidence that "sustained virologic response," (SVR), the surrogate outcome measure promoted by the pharmaceutical industry, means cure. 
-  While the new drugs are advertised as having fewer adverse effects than older drugs, it is not clear that their benefits, whatever they may be, outweigh their harms.

Furthermore, health care professionals and researchers with heftier credentials in clinical epidemiology and evidence based medicine than mine have since published similar concerns.  These included
- a report from the German Institute for Quality and Efficiency in Health Care (the English summary is here)
- an article in JAMA Internal Medicine from the Institute for Clinical and Economic Review (1)
- a report from the Center for Evidence-Based Policy (link here)
- an article in Prescrire International (2)

These publications and your humble scribe noted that the clinical trials or other types of clinical research about new hepatitis C treatment published in the most prominent journals had numerous methodologic problems that all seemed likely to make the new drugs look better, perhaps intentionally.  (See posts herehere, and here.)


 1. Ollendorf DA, Tice JA et al. The comparative clinical effectiveness and value of simeprevir and sofosbuvir in chronic hepatitis C viral infection. JAMA Intern Med 2014;174(7):1170-1171. Link here.
2. Sofosbuvir (Sovaldi), active against hepatitis C virus, but evaluation is incomplete. Prescrire Int 2015; 24: 5- 10. Link here.

ADDENDUM (11 October, 2016) - This post was republished on the Naked Capitalism blog

Saturday, October 01, 2016

Our ED wait times wil be longer than usual this weekend (and beyond) so we can attend to the computer.

A hospital system, Pinnacle Health, not all that far from me in the Harrisburg, PA area is rolling out EPIC this weekend.

The following banner is at the top of their homepage at

ALERT: Due to our transitioning of a new computer system this weekend, ER wait times may be longer than normal.  Click to enlarge.

! ALERT: Due to our transitioning of a new computer system this weekend, ER wait times may be longer than normal. If you have a minor illness that doesn’t require a trip to the ER, you can visit one of our Express or FastCare clinics or if unsure where to go, contact our free 24/7 Nurse Advice Line at (717) 988-0074

So, besides delaying affairs in a critical care environment, in order to take care of the computer's needs, they're asking patients to decide if they have "a minor illness that doesn't require a trip to the ER" and, in so doing, redirecting patients with possibly serious problems to a doc-in-the-box urgicare center.

These two matters raise risk on its face.  If patients are harmed or die, then, are their injuries or death considered a worthy sacrifice in the name of achieving cybernetic utopia?

It would seem far more logical - and safe - to roll out a "new computer system" gradually, in a manner that does not require crazy workarounds (e.g., asking patients to decide if they need the ER or not) and causing delays and confusion that, in an ED environment, can and do lead to missed findings, lost information, harm, and death.

This mayhem will go on for far longer than a weekend.

It's stunning how the naive public has been sold the myth/fantasy that computers are a really great thing in medicine, and worth the risks of a massive rollout and the disruptions that causes, when increasingly - as posted in numerous essays on this website and others - the data does not support such declarations, and computers serve as more of a distraction than a boon to busy clinicians.

-- SS