Search

The Driver: Sharecare, a digital health and wellness company, has announced the launch of Unwinding on its platform. Unwinding is an evidence-based mental wellness app designed to help people alleviate stress, demystify the mind’s complexity, and overall build a healthier lifestyle. The app employs evidence-based mindfulness techniques and applies world-renowned neuroscience research. Other offerings of the app include digital therapeutics such as “Eat Right Now”, and a mini-master class on relieving financial stress in partnership with Mint, an Intuit personal finance app. Key Takeaways: According to “Mental Health in America,” about 20% of adults in the U.S. experience mental illness, including 47M with anxiety and 18M with depression. Nearly 2 in 3 adults report that money is a significant source of stress in their life. 62% of missed workdays in the U.S. are due to mental health conditions at a cost of $3,500-$4,600/yr. per employee (National Alliance on Mental Illness). Sharecare will offer Unwinding at $35.99 for one year initially; a discount to its regular annual subscription price of $59.99. The Story: Jeff Arnold (founder/CEO of WebMD, HowStuffWorks) and Dr. Mehmet Oz founded Sharecare in 2012 to fix the U.S fragmented U.S. healthcare system. Sharecare was created to provide a holistic platform where patients can easily connect with health providers and get the needed care or information in good time. Sharecare’s management refers to the platform as a powerful health connector that has linked millions of people across the U.S health system. Through Sharecare’s platform, patients access multiple expert perspectives on health and wellness and are furnished with information to foster health literacy. For Sharecare the goal is to empower patients with relevant and timely information that empowers them to make smart health choices. Unwinding teaches patients simple ways to use mindful awareness in their health journey with access to resources that support that journey. According to the company’s website, these include: “science-based mini-master classes to improve overall well-being to lower stress and gain good habits, [and] exclusive live, monthly events with Dr. Jud Brewer the executive medical director of behavioral health at Sharecare (and the director of research and innovation at the Mindfulness Center and associate professor in psychiatry at the School of Medicine at Brown University). The company also notes that the app gives patients access to “100+ in-the-moment and personalized stress reduction tools such as guided meditations, breathing exercises, and mindfulness practices, as well as a library of exclusive, award-winning videos to promote relaxation and restful sleep.” Research has shown that stress can contribute to headaches, high blood pressure, heart problems, diabetes, skin conditions, asthma, arthritis, depression, and anxiety. Consequently, relieving stress is essential for preventing numerous health issues. For example, a 2020 study examining whether app-based mindfulness training can reduce anxiety in physicians published in JMIR mHealth found that they can help relieve physiological stress and anxiety. However, a separate study found that similar apps may have been used less frequently than developers intended. As a result, the second study recommended more research to help increase user engagement and effectiveness. The Unwinding app in collaboration with Mint provides interactive courses on personal finance and the proper management of money, which is significant considering that finance is a main cause of stress. The app is available on the App Store or Google Play, for a special, limited-time price of $35.99 for one year; the regular price is $59.99 for an annual subscription. The Differentiators: Unlike other mental wellness apps, Unwinding is not a meditation app. Instead, it provides a range of tools and strategies that helps users navigate their mental well-being journey. Recognizing the uniqueness of each users’ mental well-being journey, Unwinding provides a roadmap for the individual user based on clinical research. It uses predictive question functionality based on keywords to guide users in finding answers to their mental health needs on the site. Unwinding also provides patients with useful information for addressing stress triggers like personal finances and other social determinants of health. This is crucial in making the connection between mental and physical stress, as people living with chronic stress have their life expectancy shortened by almost 3 years. Unwinding allows people to manage their mental health and deal with stress all from the touch of their phone. The Big Picture: Mental wellness apps like Unwinding that apply evidence-based tools and strategies are aimed at reducing the mental health stressors that can lead to more severe conditions like anxiety, depression, and even suicide if left unaddressed. With improved healthcare literacy and greater access to relevant information, patients can become more proactive in managing their mental well-being. The data from Unwinding’s technology will furnish health systems with information that will help provide patients with the needed support to take ownership of their health. Improved patient engagement with healthcare services and information could lead to improved patient and health system outcomes. In addition, apps like Unwinding may be able to help provide some coping skills to people with some more serious forms of mental illness helping to avoid negative outcomes such as suicide. Suicide is one of the leading causes of death, and studies have shown an increased risk for people with mental health conditions. Unwinding by Sharecare: Evidence-Based Mental Wellness App to Help Manage Daily Stress, Build Healthier Habits, Sharecare Launches Evidence-Based Mental Wellness App

Our Take: Given the dramatic rise in connected medical devices (the so-called “Internet of Things”) and remote care, especially since the COVID pandemic, increases in digital health have exposed heightened risks in medical device information security. Consequently, investments in healthcare cybersecurity need to be focused more significantly on medical devices. Accompanying the growing demand for data analytics, remote patient monitoring, and remote diagnostics is a notable rise in threats and risks posed by unsecured medical devices. Medical devices require connection to both external and internal networks, exposing them to unauthorized access and many forms of malicious attacks that lead to device failure. ​​Key Takeaways: There are over 500K different types of medical devices and growing according to Deloitte’s report, “Medtech and the Internet of Medical Things”. Connected medical devices using the public Internet are more vulnerable to unauthorized access and data breaches if not properly protected. Many legacy medical devices are used and have hard-coded administrative login information and are infrequently provided software updates More recently, there are regulation guidelines in the US and the EU for medical device manufacturers to provide security design of medical devices. The Problem: Medical devices, such as heart monitors and lab equipment, collect and store sensitive data in healthcare organization systems vulnerable to hacking. Cybersecurity risks such as exposure to hacking open up healthcare organizations to legal and regulatory consequences from breach of data privacy and could potentially expose patients to harm. For instance, unauthorized access to medical devices could lead to the modification of Bluetooth-enabled insulin pumps and defibrillators, both of which could result in severe harm to patients. Notwithstanding the gravity of cybersecurity risk, it is challenging to manage because of the many legacy systems within the healthcare system that still have security vulnerabilities, some of which are so old that they are built on unsecure protocols such as Telnet which uses unencrypted logins and thus are less secure (more modern protocols such as SSH use encrypted logins and are thus more secure). For example, when users login to devices using Telnet, the user’s login information, including authentication data can get picked up through wireless sniffers or so-called man-in-the-middle attacks (where an attacker listens in to gain access to your data or injects malicious code into the stream to gain access to sensitive data and systems). As a result, connecting legacy medical devices to the public Internet increases its vulnerability to cybersecurity risks. According to security research using Shodan, a search engine that allows users to search devices linked to the Internet, case studies show that glucose monitors, fetal monitors, and PACS accessible on the public Internet are particularly vulnerable to numerous security threats. The Backdrop: According to research from MarketsandMarkets, the connected medical devices market segment that helps to diagnose, monitor, and treat patients is expected to rise from $14.9 billion in 2017 to $52.2 billion by 2022. The increased adoption of connected medical devices is driven by increased amounts of care moving outside of hospitals and doctors’ offices, a shift towards data-driven value-based care, and increased demand for remote patient monitoring devices, wearable technology, and at-home diagnostics which can improve the quality of care while lowering costs. There are currently over 500,000 different types of medical devices. These include: 1) wearable external medical devices (skin patches, insulin pumps, and blood glucose monitors), 2) implanted medical devices (pacemakers and implantable cardioverter-defibrillator devices), and 3) stationary medical devices (home monitoring devices, connected imaging devices, and scanning machines). These types of devices can be connected to health systems in different ways and can transfer health data to healthcare systems both internally and externally. Increasingly as devices become more sophisticated and patients connect to hospitals and providers with an increasing number of devices, connected medical devices dramatically increase the number of vulnerabilities/endpoints for providers and increase the risk of cybersecurity issues. In 2016, the FDA released guidance recommending timely software updates to patch security vulnerabilities and documentation for security assessments of existing and new products. However, currently in the US, medical device manufacturers have no legal obligation to address cybersecurity risks, either before or after releasing the medical device into the market. By contrast, in May 2017, European Union instituted Regulation 2017/745 on Medical Devices (MDR) that went into effect this year that provided specific cybersecurity guidelines for medical devices. Among other things, the rule created the position of "Person Responsible for Regulatory Compliance" (PRRC) and increased certain requirements for post-market surveillance activities. This is particularly important as a large number of medical devices run on legacy software that is no longer supported. For example, according to a study by VDC reports, there are approximately 1 billion medical devices worldwide that continue to run on unsupported software. Implications: Investment in infrastructure and the traditional security paradigm needs expansion and adaptations to include security vulnerability assessment for medical devices. In particular, prior to the Pandemic, many healthcare providers’ security frameworks were designed on the concept of the “walled garden” when firewalls and other intrusion protection devices were instituted to keep malicious parties off the providers’ network which was conceptually behind several layers of security. However, the pandemic flipped that model on its head as many of the providers’ employees, patients, and contractors were now operating outside of an organization’s physical facilities to keep exposure to a minimum which effectively placed them beyond most institutions’ “walled garden”. Instead, this exposed many institutions to a world where clinicians and patients were now accessing an organization’s network remotely, thereby opening up holes in that organization’s security and exposing it to many more threat vectors. In addition, while next-generation medical devices may be more secure and regulated through new security guidelines, many legacy systems remain vulnerable. These legacy systems require collaboration between the purchaser and manufacturer to implement appropriate security design as security updates may not have been implemented for some time or done on a haphazard basis. Connected medical devices and sensors hold the potential for improving operational efficiency for providers and outcomes for patients. However, as device manufacturers look to make legacy devices more secure they also face the dilemma of destabilizing devices on the market as well as exposing themselves to (or potentially admitting liability for) devices already on the market. This may account for device manufacturers' hesitancy to install new patches on stable legacy systems, notwithstanding the risk of potential device issues and interruption in workflows. While balancing risk and productivity is a challenge for healthcare technology management teams, incorporating medical devices in existing security design for risk mitigation should be prioritized. To this end, the actionable steps recommended by the National Institute of Standards and Technology (NIST) and security researchers for implementing better security practices for medical devices are worth considering. These include: Identifying vulnerable connected medical devices and processes that can lead to unauthorized access and device failure. Incorporating security testing and design before choosing a specific product and/or vendor. Protecting existing medical devices by updating the firmware (software that contains operational instructions for hardware devices) and limiting administrative privileges, when possible with support from the vendor. This is necessary to mitigate against potential risks for device issues and workflow interruption caused by software updates. Reporting and monitoring systems are needed to develop audit trails for detecting unauthorized access and configuration changes. Having reporting and monitoring systems is needed for implementing appropriate security compliance for medical devices. Conducting internal and external security audits to allow thorough vulnerability assessments. Audits should include medical devices as a focus requiring collaboration with medical device specialists and researchers. Related Reading: Mayo Clinic's Strategies for Securing Medical Devices It's Insanely Easy to Hack Hospital Equipment Report: Hospitals are Flooded with Vulnerable IoT Devices Medtech and the Internet of Medical Things

The Driver: Oshi Health, a digital gastrointestinal care startup, recently raised $23M in Series A funding from corporate investors including Flare Capital Partners, Bessemer Venture Partners, Frist Cressey Ventures, CVS Health Ventures, and Takeda Digital Ventures. In addition to the institutional investors, individual investors who joined the round included Jonathan Bush, founder and CEO of Zus Health, (and cofounder of Athenahealth), and Russell Glass, CEO of Headspace Health. The funding has been mapped out for expanding Oshi Health’s digital care platform. Key Takeaways: According to Vivante Health, $136B per year is spent on GI conditions in the US, that is more than heart disease ($113B), trauma ($103B), or mental health ($99B). 90% of Oshi Health members gain control over GI symptoms within 10 weeks. Direct costs for IBS alone are as high as $10 billion and indirect costs can total almost $20 billion. 1 in 5 people who suffer from diagnosed GI conditions also suffer from undiagnosed chronic symptoms. The Story: CEO and founder Sam Holliday dealt with GI while observing his mother and sister’s ordeal when managing their own IBS care. Holliday’s experience watching his family deal with the difficulties of managing IBS without clinical assistance prompted his interest in companies like Virta Health that use food as medicine for treating diabetes. Holliday saw the contrast between his family’s experience and Virta’s approach of supporting people in reversing the impact of diabetes on their daily lives. Holliday was fascinated with Virta’s holistic approach of care that prioritized the user's experience while saving cost and providing easy access to virtual care that leveraged technology and was data-driven. The possibilities that Virta’s virtual model presented for GI spurred the idea of creating Oshi Health. Oshi Health’s encompassing platform supports patients by granting them access to GI specialists, prescriptions, and lab work from the comforts of their homes. Oshi Health provides comprehensive and patient-focused care to patients with GI conditions such as Irritable Bowel Syndrome (IBS), Crohn’s disease, Inflammatory Bowel Disease (IBD), and Gastroesophageal Reflux Disease (GERD). Oshi Health works is by connecting patients with an Oshi Health clinician that assesses symptoms and orders lab tests and diagnostics if needed. Following which the patient has an option of speaking to either a registered dietitian or GI-specialized psychologists that will help in forming a customized plan as many of these conditions often involve a mental health component as well. The customized plan attempts to capture the patient’s needs regarding anxiety, nutrition, or stress. The Oshi Health service extends beyond testing and planning by providing stand-by health coaches and care teams to support patients and help them stay on track. Oshi Health’s platform also offers an app designed to help patients take action and stay organized through their GI care journey. With the app, patients can record their symptoms, quality of life measurements, and other factors known to impact their diet, sleep, or exercise. The app also features useful educational materials and recipes to help patients learn more about their condition. Oshi Health is currently available in 3 states and works through individual and employer-based health plans. Holliday hopes to use the series A funding to expand Oshi Health and expand coverage throughout the U.S. The Differentiators: About 1 in 5 people suffer from diagnosed GI conditions and many more suffer from chronic undiagnosed symptoms. “GI conditions are really stigmatized”. says Holliday. Integrated GI care is a missing piece of the healthcare infrastructure. There’s a huge group of people who don’t have anywhere to go to access care that’s proven to work.” By using this virtual-first model and increasing access to care at a lower cost for patients, Oshi Health is attempting to revolutionize GI care. Oshi Health plans to use a community of IBD patients for disease research, personalized insights, and a new digital therapeutic. Oshi Health is one of the first companies to address GI disorders and is easily accessible for patients through a virtual approach. It is the only virtual platform exclusively for GI patients. Being virtual helps patients receive treatment from the convenience of their home, saving them time and hassle of commuting for GI treatment which can involve extensive and costly testing. Patients are in control of their care and have access to a team of medical professionals at their fingertips The Big Picture: Oshi Health’s commitment to making GI care accessible, convenient, and affordable is more likely to lower the costs of treatments such as cognitive-behavioral therapy, colonoscopies, X-rays, sonograms, and more in healthcare centers. Oshi Health helps avoid preventable and expensive ER visits as well as unnecessary colonoscopies and endoscopies. By incorporating access to psychologists in the membership plan rather than requiring it to be paid out of pocket it allows patients to access the services of mental health professionals. Patients can schedule appointments within 3 days and there is always support between visits with care plan implementation. By incorporating both physical and mental health Oshi Health is attempting to treat not just the symptoms but the causes as well, helping to lower the costs versus receiving in-person which can lower the incidence of GI conditions and increase the quality of care they receive. Billions of dollars are saved annually on avoidable treatments and expenses because these patients are receiving the treatment they need rather than physicians ordering expensive tests without knowing the root cause of their problems. Due to the comprehensiveness of the virtual-first care model, physicians, dieticians, health coaches, care coordinators, psychologists are all involved in the patient's journey. Under traditional models, generally, patients with GI issues see just a gastroenterologist. By contrast, in Oshi’s model, a holistic team is involved every step of the way that is customized for each patient’s lifestyle that creates a personalized care plan for their lifestyle. Oshi Health Targets Costly GI Conditions with Virtual Care, Raises $23M; Healthtech Leader of the Month: Sam Holliday, CEO, Oshi Health

Our Take: The constant advancement in technology and mobile health (mHealth) apps help improve care and patient experience but they give rise to questions around ownership (both beneficial and nominal) of patient data, as well as informed consent for data usage and security of that data. The questions and ethical dilemmas around data are numerous: will the data be kept confidential?, will the developer and user of the app properly safeguard and protect personal health information?, who actually is the rightful owner of healthcare data for clinical/research purposes or the commercialization of the data?, will the patient have the right to access the data and determine the method and length of time for which it will be stored. These are just a few of the questions that surround a patient’s right to know and understand what might become of their healthcare data. However, it is the individuals’ right to consent and make sure to understand the security of their data storage, transmission, access, and ownership that will allow individuals to make informed decisions. Key Takeaways: According to Visual Capitalist, the average American would need almost 250 hours to properly read all the digital contracts they accept for online services. There are many mHealth apps on the market that lack appropriate privacy and security measures and which also fail to inform users as to how their data will be used. One study found that of 79 apps certified as being clinically safe and trustworthy, 89% were found to transfer information online, 66% of which were not-encrypted. Continuing advances in technology and mHealth apps have made it increasingly difficult to protect user data highlighted the issues around patient access to data The Problem: The Health Insurance Portability and Accountability Act (HIPAA) addresses the need for privacy of medical records while acknowledging the need for and importance of individuals being able to access their own health information. To address the need for secure and private patient data, many mobile health apps develop lengthy “terms of use” documentation detailing exactly how their healthcare information will be used. However, the sheer length of the documents and the patient’s lack of healthcare/legal literacy often results in the individual skipping this step, assuming no harm will be done in the long run. In fact, in 2014 six Britons agreed to give up their first born in return for free wifi in a very brief experiment by an internet security company before it was shut down. Although commonly ignored, these privacy policies often lead to patients losing control of what and how much information will be tracked, used, and shared. Moreover, even in the rare instances when these policies clearly and succinctly disclose what information will be allowed to be shared with and used by the apps, these apps often ask for much more information than they need to actually perform their tasks. The Backdrop: The Health Insurance Portability and Accountability Act (HIPAA) passed in 1996 was among the first regulations to directly address the privacy of medical records. HIPAA acknowledges the need for, and importance of individuals accessing their health information to trust their information will be used and disclosed according to their expectations and with full transparency. Patient data confidentiality, privacy, and data security have an important place within the healthcare industry. The continuing advances in technology, which now include GPS enabled tracking technology and social media cookies to track consumption patterns, when combined with mobile health apps, have made it even more difficult to protect (or de-identify) health data and protect patients. For example, as was pointed out in an article in Health Affairs entitled, ”Why Aren’t More Patients Electronically Accessing Their Medical Records (Yet)?,” HIPAA, the predominant legal framework for health data, is already wildly insufficient for protecting health data, both because the re-identification of de-identified data becomes increasingly easy as the volume of data about individuals grows and because HIPAA applies only to a set of “covered entities,” which do not always include many of the parties developing and using new health apps and services. The latest studies indicate that research participants can be identified by their MRI scans alone, even after they have been stripped of all identifying information including the 13 identifiers that HIPAA uses to define “legally protected health information.” In addition, even when patients want to be able to access and understand what data they may have given to providers and payers, current system controls make it incredibly difficult for them to gain access to their own data. For example, while the recently implemented CMS and ONC data interoperability rules should provide patients with greater access to their own data, the rules are still in the implementation phase and it remains to be seen whether they will eventually provide patients with more timely, easier access to their data on a device of their choice. Similar issues arise with mHealth apps where both data privacy and ownership issues arise for patients. For example in an article entitled, “Developments in Privacy and Data Ownership in Mobile Health Technologies, 2016-2019”, the authors concluded that many mHealth apps on the market lack appropriate privacy and security measures. They noted that of 79 apps certified as being clinically safe and trustworthy, 89% were found to transfer information online, 66% of which were non-encrypted. In another study of 137 mHealth apps, more than 60% allowed transmission of health information via insecure methods and the same study showed 40% of apps failed to protect the integrity of the data they displayed. In addition, with various health applications, there are pages of legal descriptions and disclosures prior to a user gaining access which does not explicitly say with whom, why, and when their personal data/information will be shared. Moreover, users are typically confronted with privacy policies that are lengthy, not written in user-friendly language and end up unclear on what they are actually consenting to. As noted earlier, often out of frustration and a sense of powerlessness (ex: I have no choice), users often “agree” and continue without clearly understanding the depth of the privacy policies and they assume there is minimal risk while using the application. Finally, apps often end up inadvertently or indirectly obtaining data through inappropriate or overly broad permissioning. For example in an article entitled, “A Privacy and Security Analysis of Early-deployed COVID-19 Contract Tracing Android Apps,” the authors examined certain COVID contract tracing apps which operated on low energy Bluetooth technology and that did not require software permissions to be granted for such things as access to location data, ability to access the microphone, or access to a users contact details. This is particularly important in software because as noted in Wikipedia, software permissions are a means of controlling and regulating access to specific system-and device-level functions by software. Generally, permissions cover functions that may have privacy implications, such as the ability to access a device's hardware features (including the camera and microphone), and personal data (such as device storage, the contacts list, and the user's present geographical location). For example, in the COVID contact tracing apps, the authors found the only permission requirement that existed was to agree to basic software permissions, and survey results showed the app did not require access to sensitive information. However, upon further examination the authors found that when it came to the contract tracing apps run-time permission accesses, they were actively accessing such permissions (effectively meaning the apps were gaining access to private data without a user’s consent). The authors also noted these apps weren’t transparent regarding the data collection, processing, sharing, and transfer practices, which lead to concerns about whether or not they are compliant with the existing privacy laws. Implications: Providing patients with the ability to determine what data they are giving up when they access certain systems is challenging and complex caused, in no small part by the intricate set of rules surrounding data privacy and security. This task is made even more difficult when one takes into account the numerous vendors, institutions, and third parties that need or have access to private patient information in order to make the healthcare ecosystem function. In the end, users may find themselves in situations where their information is easily identifiable and traceable. In some cases, different parties have attempted to overcome some of these concerns by sell de-identified data sets to data brokers who will use this patient data for research of commercial purposes, yet it is often easily reidentified. In addition, given the application of healthcare data for marketing purposes, this data if often resold or shared with third parties for such purposes. For example it shouldn’t be surprising that Reuters recently reported that if a mental health or smoking cessation app is downloaded, there is a likely chance it will share marketing, advertising, or usage tracking data with either Facebook or Google. In addition, a recent article in Forbes highlighted similar issues in the privacy policies of 25 of the 36 mental health apps Forbes examined, noting that the privacy policies of the apps in question did not note how the data collected by the app would be used. Given the growth of the digital healthcare industry it is imperative that users/patients are informed how their data will be used, potentially monetized and what specifically they are consenting to in easier to understand terms. While some will argue that it is not possible to simplify all terms and conditions, at a minimum it would seem they could be summarized upfront and then explained in more detail. For example, perhaps, the first 5 sentences could very clearly and plainly state what and how their data will be used, in language that is easy to understand since most users lack adequate healthcare and legal literacy. Where possible, terms should be targeted at the so-called average reader (generally assumed to be the 5th grade reading level) and use short sentences that either avoid or explain legal and contractual terms. Similar to privacy disclosures, data ownership disclosures should follow several rules like those suggested by the Dartmouth Institute. They recommend for the sake of privacy and security that mobile health app developers keep in mind: Complying with all relevant federal policies, regulations, and laws. Providing patients with the choice to opt-out of providing sensitive data. Providing patients with the choice to block the transfer of data to health care teams. Providing patients with the ability to block use of data for research purposes. In addition to fully informing and ensuring they understand how their data will be used, patients also have to make sure they have adequate knowledge and power over commercial discoveries that may emanate from their data. For example, in an article entitled, “If Your Medical Information Becomes a Moneymaker, Could You Get a Cut” the authors review the case of a patient being treated for testicular cancer at Memorial Sloan Kettering Cancer Center (MSK) in New York City, whose lymph nodes and other body parts were removed and used for profit-based, private research. He never paid attention to where these removed parts went but questioned who they actually belonged to - did it belong to him or MSK? Furthermore, were his body parts being used to advance medical research and not compensating him for it? The rules are under circumstances such as these are addressed under Federal HIPAA privacy rules. According to HIPAA, doctors can use patient data for research or to improve health care operations. However, if doctors are using information to develop a product they can sell or make a large monetary profit from, then it might fall outside the definition of “health care operations.” Being transparent is essential to meeting the standard of informed consent and fostering an open and honest relationship with patients, as is informing them when using their personal health information for healthcare research. Patients (and researchers) should also be aware that there is a difference in how patient data is approached in the U.S. and in Europe. For example, in “Developments in Privacy and Data Ownership in Mobile Health Technologies 2016-2019” the authors note that in the European Union, users have the right to be informed on what data will be collected as long as they are told how it will be used. By contrast, to the EU, the U.S. hardly informs what and how patient data will be used. Perhaps the U.S. should look to Europe and other countries' models and consider how they handle patient data privacy as a model for moving forward. Related Reading: Visualizing the Length of the Fine Print, for 14 Popular Apps Developments in Privacy and Data Ownership in Mobile Health Technologies, 2016-2019 A Privacy and Security Analysis of Early-Deployed COVID-19 Contact Tracing Android Apps Britons Sign Away First-Born Children for Free Wifi

Our Take: Put quite simply, the recent dismantling of Google’s Google Health unit brings into question whether tech companies such as Google, Amazon, Apple, etc. will meaningfully be able to penetrate the healthcare industry in the ways they have disrupted other industries such as retail and media. In part this is due to the failure to acknowledge and adapt to the fact that healthcare is dramatically different from technology in structure, degree of regulatory oversight, policies, and financial resources. Designing, building and implementing solutions in the tech industry is dramatically different than selling products and services into the healthcare industry. As we noted in our piece back in March (please see “Big Tech & Retail Disruptors Continue to Run Into Same Challenges in Healthcare”, 3/22/21), “the varied nature of healthcare data, the intricate nature of data privacy and security rules such as HIPAA and CCPA, and the often complicated relationships between patients, providers, and payers can make navigating the space difficult at best.” Tech companies should expect and be prepared to adapt their solutions to a continual learning process thorough from the inception through iterative rounds of implementation and execution to the necessary follow-up changes post-mortem. Key Takeaways: According to CB Insights, Big tech has invested in deals worth a cumulative $6.8B since the start of 2020. Tech companies have promised to transform, disrupt, and revolutionize the current system, yet still struggle. On average the healthcare industry spent 5% of revenues on IT in 2020 compared to an overall industry average of 8.2% and 24.7% for the software industry. The U.S. healthcare industry is an $8.3T industry growing approximately 4% per year. The Problem: Big Tech (exemplified by Google, Amazon, IBM, Apple, etc.) in one way or another have all expressed the goal to “change the face of healthcare as we know it.” However, not only is that goal incredibly broad and far reaching, as anyone who has ever worked in healthcare can tell you, it is much easier said than done. Virtually all of these organizations have experienced setbacks of varying degrees and have not had the degree of success many would expect given their level of investment. In addition, while Google stated that shutting Google Health would move “teams closer to the work or some of our core areas” and “will be good for execution”, departing CEO, David Feinberg was hired less than three years ago with the goal of “figuring out how to organize Google’s fragmented health initiatives, which overlap among many different business groups.”, according to a CNBC report at the time. Had Google’s investment actually been paying off or at least showing signs of paying off, one doubts this would have happened. While each case is different, we believe there are some common issues behind big tech (and many retailer’s) struggles in gaining traction in the healthcare industry. These include, too ambitious and unfocused, goals which lack a centralized long-term vision, inability to understand the nuances of how the sub-sectors of the healthcare market differ from each other, and how the tech industry differs from healthcare as well as the need to take different approaches to make progress in the healthcare market. As we noted in our March blog, achieving change in healthcare can be methodical, require broad consensus, and involve cross-collaboration support from broad swaths of an organization or parts of the industry. The Backdrop: Big Tech companies like Amazon, Google, and Apple as well as retail giants like Walmart, have been attempting to gain a solid foothold in portions of the healthcare industry since the early 2000’s. As noted by CB Insights, drivers of big tech’s investment in the healthcare industry include: 1) enterprise interest in smart devices, 2) the so-called consumerization-where consumers take greater control of their own care, 3) The explosion of health data, 4) Demand and application of AI and automation to streamline care and improve accuracy, and 5) Healthcare’s disproportionate cost burden in this country. With this in mind, Amazon, J.P. Morgan and Berkshire Hathaway partnered to form Haven in 2018, with a stated goal of finding ways to reduce healthcare costs for employees and improve patient satisfaction. In addition, while Amazon has been directly involved in healthcare since its acquisition of Pill Pack in 2018, in the last several years Amazon has added Amazon Pharmacy, Amazon PrimeRx and earlier this year Amazon Care. While Amazon is among the first of big tech companies to become directly engaged in care delivery and appear to be having some success, it remains too early to tell. Similarly, Apple has been involved in Health primarily through the iWatch and the Apple Fitness program but has also been developing services for its iOS ecosystem via the Apple HealthKit/CareKit. However, press reports recently noted that Apple would be scaling back a key health initiative, the Apple HealthHabit which many viewed as an attempt to eventually commercialize learnings from Apple’s internal health clinics. Along those same lines, while Google will be dismantling Google Health, Google’s investments in nine separate health initiatives will continue including Care Studio, Cloud healthcare Products, YouTube Health Initiatives, as well as AI research centering on chest X-rays and mammography. As noted by CB Insights, big tech invested over $3.7B in 2020 and has invested over $3.1B in healthcare year-to-date in 2021. While big-tech is attempting to capture a portion of the almost $4.0 billion in healthcare spending, the question remains whether they will figure the best way to penetrate the complex and intricate healthcare market. Implications: While healthtechs growth and underlying industry drivers have been propelled by the COVID pandemic, healthcare remains stubbornly difficult for big tech to penetrate. While over the years big tech has promised to transform, disrupt, and revolutionize the current system, gains have been far more modest. Compared to technology (and many other industries), healthcare is a risk-averse, lethargic, bureaucratic colossus. While the tech industry’s mantra has often been celebrated as “move fast and break things”, healthcare proudly points to Hippocrates and his oath to “do no harm.” While tech companies have often had the luxury of resources and the ability to “throw bodies” at problems, healthcare has consistently been underresourced and has historically underinvested in its information technology infrastructure. For example, according to Flexera, on average the healthcare industry spent 5% of revenues on IT compared to an overall industry average of 8.2% and an average of 24.7% for the software industry. In addition, as noted earlier, tech companies differ from healthcare in terms of information security and data privacy rules as well as in the amount, integrity and availability of data. Consequently, tech companies looking to make greater inroads in healthcare need to learn to take a more nuanced and less blunt approach to change. In particular, tech companies need to understand the capabilities and limits of each unique organization they are dealing with in terms of quantity and quality of data as well as the ability to produce it in a timely fashion. In addition, they need to realize any system change in healthcare requires broad consensus from both clinical and technological stakeholders. Those looking to transform the system need to know how to implement cross-platform collaboration, as well as the ability to create and grow a base of support for a project from within the organization in order to create or overcome resistance to change. The healthcare industry’s approval process is time-consuming and not only slows down the pace but consistently brings opportunities for greater complexities and inertia to enter into the process. While tech companies have often reflected the personality of a dominant founder or founders (ex: Jeff Bezos, Steve Jobs, Bill Gates, Larry Page and Sergei Brin) most hospital systems are the products of years of development, rarely a single individual (perhaps with the exception of HCA and the Frist family). This difference in culture also drives a much greater need for consensus and garnering the support of numerous stakeholders. As STAT news pointed out in reporting on the break up of Google Health, “rather than using a single business unit to overhaul healthcare, tech companies including Apple, Amazon, and Google might be better equipped to aim a series of decentralized health efforts on one or two problem areas of the industry.” Lastly, one of the considerations tech companies should remember is, tech companies see themselves as the solutions rather than contributors to the solution. This attitude of the industry works well within the competitive fast-paced tech industry but in healthcare, it would only cause setbacks. Related Reading: Will Breaking Apart Google's Health bets give them a Better Shot at Success? Big Tech in Healthcare: Here's Who Wins and Loses as Alphabet, Amazon, Apple, and Microsoft Target Niche Sectors of Healthcare Is Healthcare too Hard for Big Tech Firms? Google Dismantles Health Division in Strategy Overhaul Google says Health Projects will Continue even as it Unwinds Dedicated Health Division

The Driver: New York-based Cleerly secured $43 million in series B funding providing a cutting-edge digital health platform with machine learning capabilities for early detection and treatment of coronary disease and heart attacks. The Series B funding was led by Vensana Capital, with additional backing from LRVHealth, New Leaf Venture Partners, DigiTx Partners, the American College of Cardiology, and Cigna Ventures. Founded in 2017 by Dr. James K. Min, a cardiologist and director of the Dalio Institute for Cardiac Imaging at New York Presbyterian Hospital/Weill Cornell Medical College, Cleerly has raised $54M in total funding. Cleerly has two FDA approvals and will use the funding to commercially scale their company, obtain more FDA approvals, and invest in Research and Development (R&D) for their “precision prevention” technology. The Takeaways: Cleerly has spent five years building out its data science teams, perfecting its algorithms, and obtaining some approvals from the Food and Drug Administration in order to have recently emerged from “stealth” mode. Cleerly believes that by applying their AI-based technology to analyze heart scans they could reduce costs of cardiovascular care by 60% including a 75% reduction in invasive cardiac catheterization tests. Heart disease is largely asymptomatic and the first sign of heart disease is often a heart attack. 60% of those who have a heart attack have no prior symptoms. The causes of heart disease are not thoroughly understood and healthcare providers rely on risk indicators that are insufficient to prevent heart attacks. The Story: James K. Min, MD FACC, founder, and CEO of Cleerly is attempting to revolutionize the diagnosis and prevention of heart diseases by empowering primary care providers to “reach patients earlier [prior to hospitalization] where costs spiral out of control.” Cleerly is meant to allow for intervention by primary care providers by helping them to understand and interpret its advanced imaging without the need for a specialist. This will allow earlier diagnosis and treatment, before the patient complains of chest pain which is the “end-stage phenomenon” reflecting arteries that are already compromised with plaque or fatty deposits. For example, while risk factors such as cholesterol levels are currently used to determine the patient’s cardiac health, there is an 80% overlap “of cholesterol levels for people who do and don’t have heart attacks” according to Dr. Min in a recent Forbes article. In other words, risk factors are not enough to prevent heart attacks. Indeed, Dr. Min noted that often the first symptom of coronary artery disease can be a patient actually experiencing a heart attack itself, indicating a need for earlier diagnostics and preventative care plans. The Differentiators: According to the company, Cleerly has a database of 50,000 CT scans that Dr. Min and his team have cataloged and labeled to highlight certain characteristics. He and his team used AI and machine learning to train the algorithms to identify common patterns which characterize cardiovascular disease including the “presence, extent, severity and type” of disease. Unlike an invasive cardiac catheterization test, which is expensive, requires sedation and several hours in the hospital for recovery, Cleerly offers non-invasive medical interventions to conduct “comprehensive coronary artery phenotyping” which will help healthcare professionals to formulate a preventative healthcare plan. In addition, Cleerly’s platform is based upon analysis of what are called Cardiac Computer Tomography Angiogram (CTA) images, which are non-invasive but can still take detailed images of the heart illuminated by a dye injected into the patient. Although CTA is not yet first line therapy in the U.S., the American College of Cardiology has noted that the technology holds great promise and United Healthcare does reimburse for the procedure for lower risk patients with chest pain. CTA became first line therapy for those with chest pain in 2016. In addition, while Min initially theorized that “the more narrow and blocked a person’s arteries were, the more likely they would be to experience a heart attack”, however his team found it was not the amount of plaque but the thickness of the plaque that mattered. Patients who had so called fibrofatty or necrotic core plaque in their hearts, which was more likely to be softer and made of fat, cholesterol and other fatty compounds. According to the National Institutes of Health, understanding how the necrotic core develops is an urgent goal in heart-disease research. While the company is not positioning its product to replace trained doctors who can interpret scans, a June 2021 study commissioned by the company noted that the AI had a diagnostic accuracy of about 99.7 when assessing scans of patients whose tests indicated they had severe narrowing in their arteries. The Big Picture: According to the U.S. Centers for Disease Control (CDC) approximately 650,00 people will die from heart disease this year and heart disease will cost the healthcare system approximately $219 billion annually. As noted above, often the first indication of disease is severe chest pain or a heart attack, with about 60% of those who have heart attacks never having any prior symptoms of disease. Cleerly intends to change this dynamic by reaching patients earlier in the process and through their primary care providers instead of the ER when it can be too late to intervene. Considering the nature of heart disease, silent and asymptomatic, Cleerly will allow various healthcare professionals (PCPs, specialists, radiologists) to quickly identify the presence and nature of the heart disease without the need for invasive procedures like cardiac catheterization. As a result the company believes it can reduce expensive, invasive procedures by 75% and lower costs of cardiovascular treatment by 60%. By taking advantage of AI, Cleerly’s technology can analyze CT scans within minutes, compared to the 8 hours it would take humans to manually analyze the CT scans which makes the analysis feasible and cost effective. By deploying a non-invasive test such as this, Cleery’s technology would likely allow for broader scanning of the approximately one-half of Americans who currently display one of the three highest risk factors for the nation’s number one killer; high blood pressure, high cholesterol or smoking. As such it may be a more effective and efficient way to find some of the almost 20M people the CDC estimates currently have heart disease in the U.S. As Clinical Guidelines Shift, Heart Disease Screening Startup Pulls in $43M Series B & This AI Startup Raised $43 Million To Save Lives (And Money) By Treating Heart Disease Earlier

The Driver: On July 30th, Juno Medical raised $5.4 million in seed funding led by Vast Ventures and joined by Atento Capital, Company Ventures, humbition, RareBreed Ventures, and Lafayette Square. The membership-only New York-based startup is bringing modern whole family healthcare (adult primary care, women’s health, and same-day care) to underserved populations by ensuring price transparency for its consumers. Juno Medical will use the funding to expand to Brooklyn, New York, offer pediatric services, and has plans to expand across the U.S. by 2022. Key Takeaways: Juno works with all major health insurance (Anthem, Aetna, United Healthcare, Cigna, and Medicare) and offers but does not require a membership to get care. According to a study by the Health Resources and Services Administration (HRSA) medically, underserved populations have fewer practitioners, facilities, and higher infant mortality rates. Juno offers (but does not require) membership packages that are priced from $20/month for individual membership to $50/month for families for which members are provided access to “Convenience, Savings, Events, and Programs.” A 2017 survey showed that 96% of Americans overestimate how much they know about their health insurance coverage. The Story: Juno Medical, a tech-enabled primary care provider, was founded in April 2020 amidst the pandemic with its first flagship location in Harlem, New York, and has provided care to thousands of New Yorkers through their platform. Derived from Latin, the word Juno means to give aid and the company has incorporated that goal into its mission statement; providing care seven days a week across specialties in real-time. Juno’s platform displays transparent pricing on their website for both in-network and out of network costs for services including preventative care, follow-up care, same-day care, specialty care, and lab services. Juno works with all major health insurance providers including Anthem, Aetna, United Healthcare, Cigna, and Medicare, and does not require a membership to get access to quality care. Should a patient choose to become a Juno member, the membership packages are priced affordably at $20/month for individual membership (or $200 one-time payment) or $50/month for family membership (or $500 one-time payment). According to the company, membership in Juno Medical allows patients access to “Convenience, Savings, Events and Programs” which are not typically included in the health insurance offerings. For example, this includes discounts with local and national partners on things such as rock climbing, Pilates and, birth control services. In addition to evening and weekend appointment offerings, Juno members get exclusive discounts with their local and national partners. Members will also have access to virtual and live events aimed towards health, wellness, community, and lifestyle. The Differentiators: Identifying themselves as a “team of physicians, designers, engineers, and parents”, Juno is committed to bringing holistic, accessible, and affordable care to everyone. Since prices for healthcare services vary significantly and are often incredibly difficult to figure out, Juno’s price transparency allows consumers to make better-informed, real-time, decisions about when and how to choose the care they receive. Juno also works directly with the health insurance provider on behalf of the patient for out-of-network reimbursements easing the financial and time burden for those who may not have experience with the system. Similarly, patients can easily begin the process of managing their own care by booking their appointment with their preferred doctor more easily than with traditional insurance. Since Juno has relationships with all national health insurance providers, patients are spared the hassle of searching for providers on network directories which are often out of date. With Juno, patients simply fill out their insurance information with their preferred provider and they are ready to go. Juno even helps with such issues as transportation by providing discounts on rides to and from in-person appointments, By removing uncertainty around cost, enabling same-day service, and helping underserved patients Juno is effectively becoming a one-stop healthcare provider platform. Juno’s platform simplifies and streamlines the delivery process by giving its patients access to services such as virtual care, on-site labs, imaging, and diagnostics. The Big Picture: While for decades there have been numerous State and Federal efforts to enhance primary care for underserved populations, the most notable being the Affordable Care Act itself, health disparities and inequities remain a stubborn problem in U.S. healthcare delivery. While digital tools like telemedicine can help mitigate the barriers, they often remain inaccessible due to broadband connectivity issues. Conversely, Juno Medical is helping to simplify the health insurance process and portions of the physical delivery of care by ensuring price transparency and increasing the transparency around pricing. In addition, Juno’s focus of bringing high-quality care to underserved populations can even reduce health disparities and improve overall population health. For example as a report entitled “Understanding the Impact of Health IT in Underserved Communities and Those With Health Disparities”, “chronic diseases are a key driver of health care costs. They account for an estimated 75 percent of health care expenditures and disproportionately affect underserved groups.” Sadly, while that report was written in 2013, as laid bare by the Coronavirus pandemic, the situation is meaningfully unchanged. In addition, as noted in “Disparities in Multiple Chronic Conditions Within Populations” the underserved have a higher incidence of risk factors contributing to poorer quality of life. These costs can be substantial and have a meaningful economic impact on growth and productivity. For example, according to a recent study by the Episcopal Health Foundation, the state of Texas is incurring $2.7 billion in excess medical care spending annually as well as $5 billion in lost productivity due to preventable conditions. This lack of care leads to 452,000 life years lost due to premature deaths valued at $22.6 billion. Consequently, services like Juno’s which provide easy, affordable, and efficient access to care can help reduce disparities for what appears to be a fraction of the cost. Juno Medical Raises $5.4M in Seed Financing to Reimagine Primary Care for the 99% & Juno Medical Raises $5.4M in Seed Financing to Reimagine Primary Care for the 99%

The Driver: Recently, Vera Whole Health raised $50M from Morgan Health, the new healthcare-focused firm founded by JP Morgan Chase following the closure of the Haven joint venture. Founded in 2008, Vera Whole Health provides comprehensive coordinated healthcare services that are working to move employers towards value-based care and away from traditional fee-for-service models. Through employer-funded worksite clinics in 11 states, Vera provides care at a cost-efficient price point measured via optimal health outcomes to for employees. Vera Whole Health has raised over $95.5M and is backed by CD&R with other investors including Transformation Capital, Archimedes Health Investors, Leerink Transformation Partners, and Puget Sound Venture Club. With the closing of this new funding, Vera Whole Health has fostered a partnership with Central Ohio Primary Care Physicians Inc. to expand its services in Columbus. The Takeaways: Subscription services are more efficient, it costs physicians almost $100K/year just to bill for their services (JAMA). According to STAT health, 8% of each U.S. health care dollar goes to administration, compared to 3% among comparable nations. While value-based care has been around for a generation, a 2020 survey found almost ¾ of physician practices report over ¾ of revenue comes from FFS. Employer-based coverage can be a retention tool with a 2018 AHIP survey finding “46 percent said health insurance was either the deciding factor or a positive influence in choosing their current job”. The Story: Seattle-based Vera Whole Health provides value-based care that attempts to holistically treat patients and not just isolated symptoms by offering employers a fixed-fee model to enhance employee’s productivity. Vera operates their clinics either at or near an employer’s location providing primary care services extending beyond preventive care to include behavioral health services, occupational health services, pediatrics, physical therapy, and more. Driven to improve population health cost management and health outcomes, Vera Whole Health conceptualized an Advanced Primary Care (APC) model in 2012. The company states that the APC model contrasts against the traditional fee-for-service model by “delivering the essential 1:1 patient-provider relationship through informatics, referral management and care coordination, and integrated health coaching”. Applying robust informatics helps optimize care by empowering physicians to identify care gaps and quickly assess who “is in need of screenings or other preventive services” improving patient’s long-term health outcomes. Using the active care coordination aspect of Vera’s APC assures that the provider is able to guide patients through their treatment plan and refer to specialists which improves adherence and compliance to their care plan. Vera also deploys integrated behavior change coaches who help empower patients to commit to their health goals. The company has stated that “employers under contract with Vera have seen an average patient Net Promoter Score of 90, and improved health outcomes and utilization”. The Differentiators: As noted above, Vera is attempting to offer holistic value-based care which is seeking to help patients achieve their optimal social, behavioral, and physical health in a cost-efficient manner. By using a subscription-based model instead of a fee-for-service one, which operates on a fixed fee that is paid in advance, providers are incentivized to maintain and improve patient’s health by anticipating and preventing disease instead of being paid based on the volume of service. Vera claims they can reduce the employer’s healthcare costs by 21% and have over a 1.4:1 ROI in the first year their solution is deployed. Vera’s APC model also allows providers to improve care by connecting financial incentives to the quality of care and not to the volume of care or just the cost of services rendered. This enables providers to see fewer patients relative to a traditional provider and schedule what Vera refers to as “time rich appointments” since clinician’s schedules don’t have to be as tightly packed. Additionally, Vera’s APC model employs a broad care team that is made up of an allied staff including nurses, health coaches, and behavioral health experts. As a result of the increased employee engagement Vera is able to achieve by centralizing primary care, Vera has been awarded a Certification of Validation by the Care Innovations Validation Institute, an independent organization that evaluates health plans. The Big Picture: For approximately the last ten years since the passage of the Affordable Care Act (and many would argue, even before) the U.S. healthcare system has been shifting from one based on reimbursement for procedures volumes (fee-for-service) to one based on quality, outcomes, and satisfaction (value-based care). This is due as much as anything to the large amount of waste, inefficiency, and simple lack of results in proportion to over healthcare spending in the U.S. According to the American Medical Association, the U.S. spends over $3 trillion annually on healthcare, yet over half of American’s have one or more chronic conditions including heart disease and diabetes. Clearly, the system is unsustainable as it doesn’t prioritize preventative care measures since it’s more advantageous to practice defensive medicine, and patients and doctors are not incentivized to be proactive in their care. Programs like Vera Whole Health which are subscription-based can not only encourage more holistic care of patients but help reduce administrative costs which could account for 25-30% savings. In addition, by attempting to reach patients through the employer-sponsored insurance market (ESI) Vera can engage them early enough in their helathcare lifecycle to help prevent and effectively treat many of these conditions. Moreover, by working through employers, Vera is enabling employers to attract and retain new and existing employees in what is a very tight labor market effectively turning healthcare into a competitive advantage. Vera Whole Health Grabs Morgan Health’s Interest—and a $50M Investment; Central Ohio Primary Care Bringing PE-Backed West Coast Startup to Columbus Employers; Fee for Service is a Terrible Way to Pay for Health Care. Try a Subscription Model Instead

The Driver: Earlier this month Covera Health raised $25 million in a Series C financing led by Insight Partners with participation from existing investors including Equity Group Investments. The company plans to use this funding to help expand its first product, Centers of Excellence Radiology, which is deployed by both employers and health insurance plans to guide patients toward the highest-quality radiology providers based on their requirements. As noted by MobiHealthnews, Covera Health “partners with providers to give them insight on reducing errors, and it works with payers to avoid unnecessary care and promote value-based payment.” Key Takeaways: The error rate in diagnostic imaging is on average 3 to 5 % and there are as many as 40M diagnostic imaging errors annually. Covera claims to be able to boost delivery of more accurate care, while “reducing downstream care costs by as much as 30%” The company states that they cover over 1 million patient’s lives and the project will be able to scale its radiology platform to cover over 20 million patients by 2021. At least 12 million Americans will receive a misdiagnosis every year. 40-80,000 people die from complications due to misdiagnosis annually. The Story: Covera Health an AI-powered quality analytics platform was founded in 2017 in New York and has raised $57 million to date. According to the company’s website, their platform “generates robust measures of diagnostic accuracy across pathologies and patient types which are then used to validate accuracy relative to their peers.” This “allows them to pair patients with radiologists who excel at diagnosing their specific issue.” The company states that they cover over 1 million patient’s lives and the project will be able to scale its radiology platform to cover over 20 million patients by 2021. Covera believes its quality assessing platform allows employers and health plans to choose their preferred radiology providers according to their needs while allowing payers to choose value-based care and cutting costs by saving on unnecessary care. By reducing medical errors and preventing misdiagnosis the platform can improve health outcomes and quality of care. It has gained the trust and interest of stakeholders who are motivated to improve health outcomes and improve patient’s quality of care. Covera Health has a team of clinical and strategic advisors onboard. The Differentiators: Covera has designed an analytics platform that leverages advanced data science and artificial intelligence to help reduce and eliminate systematic medical errors, initially focusing on diagnostic imaging. This area is particularly ripe for research as the company notes, “though radiologists have an average operational error rate of only 3% to 5%, retrospective studies of more advanced imaging technologies such as MRIs and CT scans have found error rates of 30% or more for complex diagnoses.” In diagnostic radiology systematic error rates are due to a number of potential factors including increased workload, understaffing, distractions and interruptions, technical errors, and mental fatigue. Covera selects top radiologists for their Radiology Centers of Excellence program based on a detailed assessment of 10 years of medical records and radiology scans involving millions of data points. According to the company, this is made possible by “a unique data-sharing arrangement with radiology providers, (which grants direct access to records to a quality-review panel comprised of experienced, subspecialized radiologists), together with its proprietary artificial intelligence algorithms.” This process has allowed Covera to identify more than 1,000 top-performing imaging centers nationwide while simultaneously providing radiologists participating in the program with valuable insights that can help them improve their practices. Covera claims to be able to boost delivery of more accurate care, while “reducing downstream care costs by as much as 30% in a study of 80,000 employees in a blinded statewide trial”. The Big Picture: According to a 2018 article in RadioGraphics, there are approximately 40 million diagnostic errors involving imaging annually worldwide and approximately 75% of malpractice suits filed against radiologists relate to diagnostic errors. As noted above there are systematic circumstances that can lead to diagnostic errors (workloads, distractions, fatigue) as well as issues with interpretation of scans that can be attributed at least in part to sub-specialization differences. However, medical errors in diagnostics can also be attributed to systemic issues deriving from biases and underrepresentation within the sheer number of imaging data points which can lead to a faulty diagnosis. For example, according to a recent article in Healthline, women, and people of color are likely to face misdiagnosis 20-30% times more than their white or male counterparts. As a result, the burden of acquiring proper care is shifted to the patient instead of to the provider, where it should reside. AI-powered patient analytics platforms like Covera Health rely on machine learning algorithms to sort through patient-centered data and reduce the rate of misdiagnosis emanating from the imaging department. Catching and preventing misdiagnosis early can mean that patients may forego unnecessary procedures, resulting in lowering costs and improving care. As noted in Healthline, “whether it’s AI analyzing mass amounts of patient data to help doctors better understand where they might go wrong to changing the way medicine is taught, the medical community must be receptive to critiques and suggestions about how to ensure that the level of misdiagnoses are reduced over time as are actual rates of error.” References: Health Data Analytics Platform Covera Health Lands $25M in Series C Funding, Covera Health Raises $25M in Series C Financing to Fuel Growth of Its Healthcare Quality Analytics Platform, Fundamentals of Diagnostic Error in Imaging

The Driver: On July 31, Truveta raised an additional $95M in a Series A round funded by its 17 health system partners all of whom contributed the same amount. Since we last wrote about Truveta back in February (please see Backed by Big Hospitals, a Former Microsoft Executive Wades into the Messy Business of Selling Patient Data, The HSB Blog 2/22/21) Truveta has added an additional three health system partners and increased the number of medical records which will be used to identify optimal health interventions. Truveta’s goal is to use this data across sub-populations to improve patient care and promote health equity. The company stated that funding will be used to grow the Truveta team and strengthen the company’s cloud infrastructure. Key Takeaways: Truveta’s health systems partners give it access to data that represent approximately 15% of the medical records in the U.S. and patients in 40 states. Truveta’s platform allows researchers to account for biases where different groups receive different medical recommendations due to clinician bias. Truveta believes the sheer volume of their data set will be an advantage, given there are nearly 7,000 rare diseases affecting 30 million people in the U.S. alone. Truveta’s platform has the ability to improve medical education amongst future healthcare providers as it delivers insights for underrepresented populations. The Story: Founded by former Microsoft executive, Terry Myerson who led the Window’s and Devices Group, Truveta emerged from stealth mode last Fall by partnering with 14 health systems (now totaling 17). According to the company’s website, its partnership with the 17 health systems provides them with “an unprecedented data platform” given that their partners represent approximately 15% of the medical records in the U.S. and patients in 40 states. In addition, given the concerns about privacy and security of data in its models Truveta has committed to transparency and privacy agreeing to allow third-party audits of their “security and anonymization technology”. Truveta collaborates with leading clinical researchers, allowing their input on its data analytics platform. Along those same lines, Truveta recognizes the concerns about transparency and explainability in AI models and has also committed to closely collaborating with the health systems and health systems’ leaders who hold voting seats on the board of directors to ensure their models are fair and equitable. As the company states on its website, “health providers own Truveta, reinvesting any earnings they receive from Truveta back into the communities they serve”. The company is growing rapidly going from less than 20 employees in October to over 100 today. According to Geekwire, researchers at Truveta’s health system partners are just starting to access the company’s datasets and it is anticipated that outside entities will be able to access data by the end of the year. The Differentiators: Truveta has trained machine learning models to aggregate patient data from partnered health systems and insurance claims to better clinicians’ datasets and allow for early health interventions. Although a common criticism of some machine learning models is that they may have been trained on data sets that inadequately represent minority populations, and are unable to detect racial biases in healthcare, the geographic and ethnic diversity of Truveta’s health system partners allow for substantial patient diversity. For example, while there are similar efforts by other systems, such as Duke and Partners, and commercial competitors, Truveta believes they have an advantage given the breadth of their health system partners and amount of coordination. In addition, as noted by Geekwire, Truveta believes that the strong heavy data consolidation between Truveta and its partners will allow it to get more rapid answers to which treatments can be more effective as well as which patient populations may be most at risk for certain diseases or conditions. As highlighted on the company’s website, Truveta believes the sheer volume of their data set will be an advantage, given “there are limitations to how much information a provider can retain as there are nearly 7,000 rare diseases affecting 30 million people in the U.S.” The Big Picture: As we noted in our article back in February, while many “stakeholders consider patient data as something owned by the individual...loss of control over patient data is dangerous and can lead to a loss of privacy, discrimination, and many other problems. Although Truveta is using de-identified data, pieces of information could be used to re-identify patients by those who have malicious motives. The most ethical way to utilize patient data to improve outcomes is to be transparent with patients and ask for their consent in sharing the data.” Patient anonymity should be prioritized. Given the rise of ransomware attacks, cybersecurity protocols have to be of the utmost importance and audited and tested frequently to ensure patient privacy and security of data. In addition, as noted in a Forbes article entitled “Truveta Wants To Save Lives With Data But That’s A Tall Order”, the company needs to be clear about how much data can improve health equity. As the article points out, our knowledge of health inequities has dated to at least as far back as the Surgeon General’s report in 2000 yet little has changed. In part, this is because existing data collection mechanisms are not designed to document [social determinants of health] variables either because they are intangible, as in the presence of a welcoming environment within a health system, or not collected in a manner granular enough to be meaningful.” As such, as the article concludes, “solving our health system challenges and making healthcare equitable for all must extend well beyond the data.” Seattle Data Platform Truveta Raises $95M, Adds 3 Health Systems to Network, Seattle Startup Truveta Raises $95M for Ambitious Vision to Aggregate Data Across Healthcare Systems, Truveta Wants To Save Lives With Data But That’s A Tall Order

The Driver: 9am.health launched a virtual diabetes platform with $3.7M seed funding from investors, including Founders Fund, Define Ventures, Speedinvest, and iSeed ventures. The digital platform provides a holistic virtual package for diabetes care that is personalized, affordable, and convenient. The company aims to alleviate the financial burden for over 34 million diabetes patients in the U.S. who pay close to $10,000 ($8,400-$9,600) for their care, by providing safe and accessible virtual diabetes care and treatment plans. With a digital diabetes market projected to grow by 18.8% through 2027, 9am.health plans to use the seed funding to capture part of the market by investing in growth, virtual screening ability, and expanding the range of medications offered on the platform. Key Takeaways: The average medical expenditure for people with diabetes in the U.S. is approximately $16,000 (of which 57% is attributed to diabetes). The digital diabetes market was valued at $13 billion in 2020 and is projected to grow by 18.8% through 2027. 98% of Americans that live with diabetes also have comorbidities and approximately 88M Americans have prediabetes, defined as higher than normal blood sugar levels but not high enough to be Type 2 diabetes. Indirect costs of diabetes include: $3.3B for increased absenteeism from work, $26.9B from reduced productivity while at work. The Story: Frank Westermann and Anton Kittelberger, the founders of 9am.health, bonded as Type 1 diabetes patients, and in April 2021 created 9am.health targeted at those with the highest risk of developing Type 1 diabetes, pre-diabetes and those with Type 2 diabetes. Their vision is to provide people living with prediabetes and Type 2 diabetes better access to diabetes care. They began with a goal of creating a virtual diabetes clinic with affordable medications, personalized care plans, and at-home lab tests monthly. From their own experience, the founders saw the challenges in access to diabetes care faced by prediabetes and Type 2 diabetes patients. This led them to develop a virtual clinic providing personalized diabetes care while eliminating the hassles patients face in managing diabetes every day. The virtual clinic provides a holistic care package that eliminates doctor waiting time by providing online prescriptions, at-home lab tests, personal medical care, and medication delivery, all from the comfort of the patient’s home. After subscribing patients fill out a brief medical questionnaire, they are connected to a licensed medical provider that prescribes the appropriate medications. A team of licensed providers, pharmacists, diabetes care, and education specialists are available on-demand on patients' schedules. Also, the virtual clinic platform equally provides care for conditions like hypertension or high cholesterol in recognition of the comorbidities that diabetic patients often face. While 9am.health doesn’t currently support insulin prescriptions, they have plans to include them in the future. The service is currently available in 33 states with subscriptions starting at $25 a month for a package including the first medication prescription, home delivery, and support from the care team via chat. Additional charges accrue for each added medication starting from $5 per month, and at-home testing for A1C or lipid screening, including delivery and lab analysis, is available for $15 or more per month. The Differentiators: Even with insurance, the average person living with diabetes spends about “$16,750 per year on medical expenses and has approximately 2.3 times higher the costs than if they didn’t have the disease.” Patients subscribed to 9am.health spend from $25 per month to get a holistic package including online prescription shipping and unlimited personal medical care. 9am.health’s uniqueness lies in its provision of “a digital front door for entire diabetes care,” that is personalized to meet the patients’ needs. As co-founder Westermann, explained to TechCrunch 9am.health wants "to tear down the barriers and make care as easy as possible and managing diabetes part of life”. Furthermore, the service captures other comorbidities like high blood pressure, high cholesterol, and mental health issues associated with 98% of Americans with diabetes. The Big Picture: 9 am. health’s commitment to making diabetic care accessible, more convenient, and affordable is more likely to lower the costs of other treatments such as kidney dialysis, insulin testing, and routine check-ups in healthcare facilities. It also addresses social determinants of health gaps that prevent patients from accessing diabetes care in an easy and convenient fashion. By addressing the barriers associated with accessing diabetes in-person care, the number of people that receive diabetes care could be increased over time thus helping to lower the overall diabetes rate in the U.S. Furthermore, the holistic service provided by 9am.health could potentially reduce the over-utilization of the ED by helping to reduce delayed care or non-adoption of preventive care measures leading to improved adherence, better outcomes, and lower costs. In addition to the direct costs of the disease itself, the American Diabetes Association estimates that the indirect costs of diabetes include: $3.3B for increased absenteeism from work and $26.9B for reduced productivity while at work. Solutions like 9 am.health and others should help dramatically reduce this. As healthcare increasingly moves towards greater self-care, empowering patients to exercise more control over healthcare decisions and management, retail, consumer-friendly solutions like 9 am.health will change the nature of care delivery. 9am.health Launches Virtual Diabetes Clinic, Raises $3.7M, Virtual Clinic 9 am.health Launches with $3.7M to Address Prediabetes, Type 2 Diabetes, 9am.health Launches with $3.7M to Tackle Virtual Diabetes Care

The Driver: In early September, Invitae, a medical genetics company, acquired Ciitizen for approximately $325M with a deal consisting of almost $125M in cash and approximately 7M shares of Invitae common stock. Ciitizen, a patient-centric tech company, offers a global platform for digitally collecting, organizing, storing, and sharing patient medical records digitally. By leveraging Ciitizen’s existing technologies, Invitae's acquisition broadens ts plans of combining results from genetic tests globally into a single, easy-to-use service to make genetic information accessible to everyone. Key Takeaways: Invitae will acquire Ciitizen for $325 million $125M in cash and 7M shares of common stock based on the average closing price before the agreement date. Ciitizen had raised a total of $20M in two rounds of funding prior to the acquisition. Most states do not require hospitals to retain patients’ records beyond 7-10 years. Invitae has raised more than $1.4B in 2021 and this is its 13th acquisition in five years. The Story: Ciitizen was established in 2017 after the founder, Anil Sethi, lost his sister to metastatic cancer. While battling to save his sister’s life, Anil consulted over 23 different specialists across 17 institutions, and none of them had access to her complete medical history with life-saving data. When Sethi attempted to access his sister’s medical records, the clinical data were disorganized and not even digitized (ex: PDFs that had been scanned in). This experience with the difficulty accessing useful information inspired him to leave his job as a Director of Records with Apple to set up Ciitizen. “It’s tragic that in the most advanced healthcare system, because of a lack of connectivity, standards and even personal access, there’s no way for patients to fully arm themselves against cancer and other serious conditions,” Sethi said. The Ciitizen platform is designed to transfer the control of health data to patients by collating patients' medical records in a convenient and easily accessible manner. Following registration with Ciitizen, a patient can request health records after providing a photo ID and details of the healthcare providers. Over the next 2-4 weeks from the requested date, Ciitizen then acquires the patient's medical records, provides a personalized disease summary generated from the health data, and gives the patient access to use or share as they choose; empowering them to take charge of their own medical care. Invitae’s acquisition of the Ciitizen platform will grant its users access to all their clinical and genomic information in a centralized location and streamline the process of collecting and organizing health data. While Ciitizen's services are completely free to the consumer, revenue comes from connecting pharmaceutical companies and advocacy groups with health data, contingent upon obtaining patients’ explicit consent. In addition to Ciitizen, there are a number of other companies attempting to give patients improved access to their records including PicnicHealth, Medicalchain, and OneRecord. PicnicHealth is also a digital medical records system where you sign up, fill out some forms about your medical history and doctors’ information, then the PicnicHealth team will retrieve your records and store them in one area. You can access your records anywhere you have internet access. It costs $300 to enroll and then a $39 monthly subscription. You can even choose to de-identify your records and submit them for research. If a patient chooses this option, they will not have to pay any enrollment or subscription fees. Medicalchain a U.K.-based company has a very similar process, however, Medicalchain will place health records on a blockchain and use “medtokens” as a form of currency. “Patients will use the tokens to pay doctors for telemedicine consultations, and these doctors can then exchange them for fiat currency, or use them to pay their own or their family members' doctors.” Finally, Becker’s describes OneRecord as a digital platform used to access and share healthcare data through an app. The Differentiators: Patients diagnosed with terminal diseases often end up consulting multiple different specialists across the country in desperate search of a cure. In the absence of easy and convenient access to their complete medical history, generally including genetic testing results, previous treatment, and medical treatment, the health provider could miss out on vital life-saving information. Ciitizen enables patients to exercise their right to access complete health records by using its technology to obtain patient records from different health providers and translating the data into a comprehensive and understandable summary. Ciitizen’s technology provides an easier, more convenient, and timely alternative for patients to access their complete medical records. Accessing complete medical records promptly increases the chances of survival, especially for patients with advanced diseases like cancer. Furthermore, Ciitizen uniqueness lies in its patient-centric orientation that ensures that patients' control who gains access to their health data. Ciitizen can only grant third parties access to a patient's health record after obtaining express consent. The Big Picture: When patients' have a convenient and timely means of accessing their complete medical history, it makes finding doctors easier and expands affordable and life-saving treatment options. For healthcare providers, accessing a patient's complete health history enhances continuity of care and reduces data entry errors and omissions. Consequently, adopting technological solutions like Ciitizens' platform could reduce or eliminate medical errors costing approximately $20 billion annually. The NIH estimates that there are as many as 7,000 rare diseases and an estimated 20-30M Americans living with a rare disease. Furthermore, the synthesized data created from collating patients' medical history will improve the biopharma industry’s ability to collect and analyze research potentially creating improving treatments and moving personalized medicine forward. In addition, collection and analysis of research of this type will generally improve medical research and efforts to advance medical knowledge and clinical care. Moreover, services like Ciitizens that can centralize a patients' complete medical history can improve a practitioner’s ability to view a patient holistically hopefully resulting in improved diagnosis, treatment, and outcomes. Invitae Acquires Ciitizen for $325M to Strengthen its Patient-Consented Health Data Platform; Invitae to Buy Health Records Startup Ciitizen for $325M