Jean Mixer has been guiding Boston Children’s Hospital into the digital future for the past seven years, so she was more than prepared when the COVID-19 pandemic arrived and suddenly everyone was forced to go remote. I first met Jean at Boston Consulting Group in the 1990s when she led growth strategy projects in healthcare, financial services and consumer goods. We stayed in touch and reunited five years ago when Health Business Group helped Jean put the Children’s digital strategy in place.
In this episode of the HealthBiz podcast, Jean traces her journey from JP Morgan to BCG to her own consulting practice and then to Boston Children’s. She shares her experience as a director of public companies in biotech, medical devices, and banking. And she explains what she’d do if she had a time machine.
Chances are you’ve been hearing a lot about cyberattacks and specifically ransomware in healthcare lately. Attackers take over systems and encrypt files, demanding payment in Bitcoin. They often get away with it.
Attacks like the recent ones on Universal Health Services and ERT that make the papers are just the tip of the iceberg. No one wants to report that something like this happened to them.
Until recently, I had assumed that such attacks were really hard to stop. Some are. But it turns out there are often many ways to thwart ransomware, and often hours or even days in which to do so.
I asked security experts at Gamayan to analyze the UHS attack and was amazed that they found at least 28 ways it could be stopped. Check out the UHS ransomware case study that breaks down the attack and potential response step by step.
If you want to learn how to prevent such attacks at your organization, contact me.
Here’s the timeline of the attack:
16:37 Bazar Malware Executed (Remote IP)
16:48 Domain discovery commands
17:06 Registry discovery commands
17:28 More domain discovery and network checks to domain controllers
17:41 AdFind used to map active directory
18:49 checks again for domain trusts and AdFind using Bazar (FTP exfiltration to remote IP)
20:12 First lateral movement attempt with WMIC (SMB transfer, Multiple payloads tried)
20:23 P64.exe Cobalt Strike beacon run on beachhead host (Remote IP)
21:04 Second P64.exe Cobalt Strike beacon dropped on beachhead host (New remote IP)
21:09 Next lateral movement attempt via a service and PowerShell (First Successful Lateral Movement)
21:10-22:06 Continual lateral movement using Cobalt Strike beacons via SMB across the environment
21:43 Windows Defender begins to be disabled using Powershell commands
21:45 First RYUK ransomware executable transferred to the backup system (Ryuk Executed)
When Dave Terry started his career in healthcare three decades ago, he noticed something odd and disturbing. The fee-for-service model meant doctors were paid for quantity, not for quality or cost effectiveness. Since then he’s been working to do something about it: for the first twenty years at American Practice Management, then Partners Healthcare and Harborside Healthcare. He made progress, but also learned the limitations of acting against entrenched interests.
For the last decade he’s gotten even more serious, co-founding Remedy Partners in the wake of the Affordable Care Act and then Archway Health, where he is CEO. Archway helps physicians jump into the meaningful risk-based payment models that are finally on offer from the Feds and private carriers.
I compared Dave’s quest to the Thirty Years’ War, but reminded him that there was a Hundred Years’ War, too, so he better gird himself.
I met Dr. Kevin Churchwell, the new CEO of Boston Children’s Hospital a few years ago. He impressed me then, and I’m excited that he has been named as the new CEO, following the retirement of Sandy Fenwick.
He’s a physician and business leader, and has already run a prestigious pediatric academic medical center, the Nemours/Alfred I. duPont Hospital in Wilmington, DE.
As a parent of kids who have received incredible care there, I have a special fondness for Children’s. I’m excited by this choice of CEO.
Hospitals need to perform elective procedures to make money, but with the first wave of the pandemic still in process and a second wave possibly on its way, patients are in no rush to return. In this interview, eVideon CEO Jeff Fallon opines on what’s ahead.
Hospitals are currently preparing for a “second wave” of non-COVID-19 patients who were forced to delay care – but even though restrictions are easing, people may continue to stay away. How do you think this will impact hospitals? Patients?
Hospitals will surely welcome their revenues turning north towards normal as this begins. But it’s clear that many will still be concerned about the risk of infections. I read a new survey by the Society for Cardiovascular Angiography & Intervention, which showed that 61% of Americans over 30 years of age are more afraid of COVID-19 than a heart attack, and that 36% consider just going to a hospital risky behavior. With those kinds of stats in mind, hospitals are facing a new complexity in the level of trust with patients who so urgently need this delayed care. Patients will be looking for visible signs that the new normal for hospitals is tuned for their protection in a near post-pandemic reality. Things like ubiquitous PPE and hand sanitizer, hyper-clean environments, and use of new technologies that reduce risks of contagion will be vital evidence that gives confidence to the worried.
How can provider organizations persuade patients it is safe/important to start coming back in for elective procedures and routine treatments?
Many hospitals have developed tremendous marketing competencies and I expect they’ll do an amazing job in telling their communities about the important preparations they’ve made for this new normal. Those marketing messages are an essential start but even more important is the visible, tangible evidence of the commitment to safety when patients come back to the campus for care. They’ll surely tell two friends who tell two friends and so on as the slogan goes. Visible investments in new care tools like telehealth and virtual engagement solutions that enable excellent and thoughtful care from a healthy distance are examples of this. Touchless digital whiteboards that present vital information dynamically updated in the room is another.
What role will digital engagement platforms have in helping providers communicate effectively with patients returning for care?
The usual face-to-face communication comes with risks which have become front page news during recent months of this pandemic. Digital patient engagement platforms enable patient understanding of their clinical condition through delivery of personalized video education and now live face-to-face communication via video visits. Now more than ever the ability to effectively educate and communicate from a safe distance is vital for hospitals that seek to deliver higher quality, more satisfying care than ever before even in a post pandemic world. But the urgency for this reaches a new high as worried patients return to healthcare campuses for the vital and necessary care they have put off while remaining in place.
How will the bedside experience be different for patients post-pandemic? How can hospitals ensure the safety of patients and providers?
Virtualization of many common processes like patient meal ordering, nurse rounding, patient feedback, room controls like temperature and lighting are a necessity post-pandemic. The mandate for satisfaction and quality of care isn’t going away, so the hospitals that thrive post-pandemic will be those that excel at using these kinds of digital tools to maintain high performance while minimizing potential for exposure. Visitation policies might never be the same again. But the urgent need for us all to feel closer to those we love only increases when health and lives are at risk. So the need will remain very high for virtual visits between hospitalized patients and loved ones who can’t enter the hospital or even for doctors and nurses to stay at a safe distance while they consult with those hospitalized patients and their families who may be anywhere in the world.
How is eVideon helping hospitals improve patient engagement and education both inside and outside the hospital?
eVideon’s core value proposition for decades has been to enable nurses to better engage patients in their own care through strong interfaces to core healthcare IT tools like the EMR. This has always been about automatically prompting patients to complete personalized video education prescribed by the care team for that patient based upon admission details. This virtualization has always afforded the nursing staff high levels of efficiency, but the pandemic made very clear that with this efficiency comes a newly-important safe distance. But we’ve also just launched eVideon HELLO, a virtual visit tool that enables hospitals to provide low cost video visits for their patients without the need for app downloads or account setups which have too often turned the nursing staff into tech support for business conference calling apps. Finally, we brand HELLO for hospitals so the patients clearly know who is making this incredibly important patient experience tool available to them.
What are your recommendations for hospital executives who would like to support patients in managing their care during this time of crisis?
Go all-in on digital health tools that drive patient engagement. One doesn’t have to look past the front page of any newspaper, let alone the healthcare press to see that the businesses, (“brick and mortar” or otherwise) thriving through this pandemic are those leveraging strong digital strategies, and that will continue. And though the pandemic pushed digital/virtual to become a global business necessity, the delivery of care will not escape digital transformation after the virus abates. Hospitals that invest now in thoughtful digital health strategies will be best positioned to help nervous patients return for delayed care and they’ll be the providers of choice even beyond those who worry. Finally, new digital capabilities enable hospitals to meet more patients more efficiently wherever they are physically, emotionally or clinically; and that’s a smart digital strategy for today and forever.