DAILY UPDATE: Big Pharma Payouts as Stock Markets Eke Out Rise

Posted on July 15, 2025 by Dr. David Edward Marcinko MBA MEd CMP™

MEDICAL EXECUTIVE-POST TODAY’S NEWSLETTER BRIEFING

***

Essays, Opinions and Curated News in Health Economics, Investing, Business, Management and Financial Planning for Physician Entrepreneurs and their Savvy Advisors and Consultants

Serving Almost One Million Doctors, Financial Advisors and Medical Management Consultants Daily

A Partner of the Institute of Medical Business Advisors , Inc.

http://www.MedicalBusinessAdvisors.com

SPONSORED BY: Marcinko & Associates, Inc.

***

http://www.MarcinkoAssociates.com

Daily Update Provided By Staff Reporters Since 2007.
How May We Serve You?
© Copyright Institute of Medical Business Advisors, Inc. All rights reserved. 2025

REFER A COLLEAGUE: MarcinkoAdvisors@outlook.com

SPONSORSHIPS AVAILABLE: https://medicalexecutivepost.com/sponsors/

ADVERTISE ON THE ME-P: https://tinyurl.com/ytb5955z

Your Referral Count -0-

***

CITE: https://www.r2library.com/Resource

Drug and medical device companies paid at least $13.2 billion to medical professionals in 2024, according to CMS data released June 30th. There’s been steady growth in these payments over the last few years, which include everything from research payments to free meals to promotional or conference fees. Drug and medical device companies paid out $13.1 billion in 2023, $13.1 in 2022, and $12.6 in 2021. If you’re a medical provider, you’ve probably gotten one of those perks from a drug or medical device company and thought it wouldn’t affect your decision-making.

But research suggests physicians are more likely to prescribe drugs from companies that pay them, with some studies specifically associating this with drugs that are costlier to patients. “Really well-trained people who affirm an oath to do no harm can be influenced, and are,” Neil Jay Sehgal, associate professor of health systems and population health at the University of Washington School of Public Health, told Healthcare Brew.

CITE: https://tinyurl.com/2h47urt5

Stocks Up

  • Bitcoin is booming, and crypto stocks climbed along with it. MicroStrategy rose 3.86%, Robinhood Markets added 1.67%. and Coinbase gained 1.80%.
  • Boeing rose 1.64% on preliminary reports that investigators have found no evidence of malfunction in the plane that crashed in India last month. Engine-maker GE Aerospace also gained 2.71%.
  • Warner Bros Discovery climbed 2.39% thanks to a strong opening weekend for the new Superman movie.
  • Autodesk popped 5.05% on the news that it is not pursuing an acquisition of rival software maker PTC. PTC fell 1.25%.
  • Kenvue, the company behind Band Aids and Listerine, gained 2.18% after kicking its CEO to the curb.
  • PayPal climbed 3.55% despite the news that JPMorgan will start charging the fintech fees for access to customer data.

Stocks Down

  • Starbucks sank 1.60% on news that employees will have to return to the office four days a week. Shareholders were also unimpressed with the coffee giant’s new secret menu.
  • Synopsys stumbled 1.74% after getting regulatory approval from Chinese authorities to acquire software designer Ansys for $35 billion. Ansys rose 3.03% on the news.
  • Waters plunged 13.81% on the news that it will merge with Becton Dickinson’s bioscience and diagnostic solutions business in a $17.5 billion deal.
  • Rivian Automotive lost 2.15% thanks to a downgrade from Guggenheim analysts, who forecast soft sales for the automaker’s latest models.

CITE: https://tinyurl.com/tj8smmes

Visualize: How private equity tangled banks in a web of debt, from the Financial Times.

COMMENTS APPRECIATED

PLEASE SUBSCRIBE: MarcinkoAdvisors@outlook.com

Thank You

***

***

***

***

EDUCATIONAL TEXTBOOKS: https://tinyurl.com/4zdxuuwf

***

Filed under: "Ask-an-Advisor", Ask a Doctor, Career Development, Drugs and Pharma, Ethics, Glossary Terms, Health Economics, Health Insurance, Health Law & Policy, Information Technology, Investing, Marcinko Associates, Portfolio Management, Recommended Books, Sponsors | Tagged: , , , , , , , , , , , , , , , , , | Leave a comment »

MEDICAL DEVICES: Special Considerations

Posted on April 6, 2025 by Dr. David Edward Marcinko MBA MEd CMP™

By Staff Reporters

***

***

INFORMATION TECHNOLOGY CONSIDERATIONS FOR MEDICAL DEVICES

In 2013, the Food and Drug Administration (FDA) issued its first cybersecurity safety communication, followed in 2014 by final guidance. It struck a reasonable balance between new regulations (almost none) and guidance (in the form of non-binding recommendations).

In 2015, the Federal Trade Commission (FTC) released a staff report entitled Internet of Things: Privacy & Security in a Connected World, in which it recommend that Internet of Things (IoT) style devices, which of course include medical and clinical devices, need to maintain a good security posture. It’s worth noting that the FDA, FTC, and other government regulators are centering on a few key guidelines. The following recommendations come directly from the FTC report.

Companies should build security into their devices at the outset, rather than as an afterthought. As part of the security by design process, companies should consider:

  • Conducting a privacy or security risk assessment
  • Minimizing the data they collect and retain
  • Testing their security measures before launching their products
  • Companies should train all employees about good security, and ensure that security issues are addressed at the appropriate level of responsibility within the organization
  • Companies should retain service providers that are capable of maintaining reasonable security and provide reasonable oversight for these service providers.
  • When companies identify significant risks within their systems, they should implement a defense-in-depth approach, in which they consider implementing security measures at several levels.
  • Companies should consider implementing reasonable access control measures to limit the ability of an unauthorized person to access a consumer’s device, data, or even the consumer’s network.
  • Companies should continue to monitor products throughout the life cycle and, to the extent feasible, patch known vulnerabilities

According to colleague Shahid N. Shah MS, the FTC report and FDA guidelines are remarkably consistent. When thinking of cybersecurity and data privacy, engineers tend to think about authentication, authorization, and encryption. Those are the relatively easy topics. For safety-critical devices, however, things are much more difficult and need to encompass a larger surface of questions, including but not limited to:

  • Asset Inventory: Is the device discoverable, and can it associate itself with standard IT inventory systems so that revision management, software updates, and monitoring can be automated?
  • Cyber Insurance: Does the device have enough security documentation to allow it to be insured by standard cyber insurance riders?
  • Patching: How is the firmware, operating system (OS), or application going to be patched by IT staff within hospitals (or the home for remote devices)?
  • Internal Threats: Has the device been designed to circumvent insider (hospital staff, network participants, etc.) threats?
  • External Threats: Has the device been designed to lock down the device from external threats?
  • Embedded OS Security: Is the device sufficiently hardened at the operating system level, such that no extraneous software components, which increase the attack surface, are present?
  • Firmware and Hardware Security: Are the firmware and hardware components sourced from reputable suppliers and free of state-sponsored spying?
  • Application Security: Is the Microsoft Security Development Lifecycle (SDL) or similar software security assurance process integrated into the engineering process?
  • Network Security: Have all network protocols not in use by the device been turned off so that they are not broadcasting?
  • Data Privacy: What data segmentation, logging, and auditing is being done to ensure appropriate data privacy?
  • HIPAA Compliance: Have proper steps been followed to ensure Health Insurance Portability and Accountability Act (HIPAA) compliance?
  • FISMA Compliance: If you’re selling to the federal government, have proper steps, such as use of Federal Information Processing Standard (FIPS) certified encryption, been followed to ensure Federal Information Security Management Act (FISMA) compliance?
  • Data Loss Prevention (DLP): Is there monitoring in place to ensure data leakage outside of the device doesn’t occur?
  • Vulnerabilities: Have common vulnerabilities such as the Open Web Application Security Project (OWASP) Top 10 been reviewed?
  • Data Sharing: Are proper data sharing agreements in place to allow sharing of data across devices and networks?
  • Password Management: Are passwords hardcoded into the device or made configurable?
  • Configuration Protection: Are configuration files properly check-summed and protected against malicious changes?

ASSESSMENT

It is vital to perform a security assessment on a healthcare practice to understand the environment, identify risks and perform risk mitigation. A one-time security assessment with risk mitigation is not sufficient in 2025. This is a continuous process that needs to be performed religiously to maintain a secure and compliant practice.

COMMENTS APPRECIATED

Refer, Like and Subscribe

***

***

Filed under: "Ask-an-Advisor", Experts Invited, Funding Basics, Glossary Terms, Health Law & Policy, Information Technology, Insurance Matters, Research & Development | Tagged: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment »

PHYSICIAN PAYMENTS: Drug and Device Makers

Posted on April 10, 2024 by Dr. David Edward Marcinko MBA MEd CMP™

By Staff Reporters

***

***

Physicians Received $12 Billion from Drug & Device Makers in Less Than 10 Years

A review of the federal Open Payments database found that the pharmaceutical and medical device industry paid physicians $12.1 billion over nearly a decade. Almost two thirds of eligible physicians — 826,313 doctors — received a payment from a drug or device maker from 2013 to 2022, according to a study published online in JAMA on March 28th. Overall, the median payment was $48 per physician.

CITE: https://www.r2library.com/Resource

Orthopedists received the largest amount of payments in aggregate, $1.3 billion, followed by neurologists and psychiatrists at $1.2 billion, and cardiologists at $1.29 billion. To find out what any physician was paid, click here.

Source: Alicia Ault, MD Edge [4/3/24]

COMMENTS APPRECIATED

Subscribe Today

***

***

Filed under: "Doctors Only", Accounting, Career Development, Drugs and Pharma, Ethics, Experts Invited, Risk Management | Tagged: , , , , , , , , , , , | Leave a comment »

FDA: Database of Artificial Intelligence-Based Medical Devices

Posted on October 2, 2021 by Dr. David Edward Marcinko MBA MEd CMP™

***

Faces of digital health 001 How long can you live with the help of digital health? (Dr. Bertalan Mesko) | by Tjaša Zajc | Faces Of Digital Health | Medium

By Bertalan Meskó, MD PhD

***

Two years ago, I was searching in the FDA’s database of artificial intelligence-based medical devices. The database had no such segment. What could I do? Started creating our own.

Together with fellow researchers at The Medical Futurist Institute, we created the first open-access, online database of FDA-approved A.I.-based technologies that got published in the prestigious journal npj Digital Medicine last year. Since then, we have repeatedly called upon the FDA to do its own database (and even offered ours), and finally, this past week the breakthrough happened: the FDA listed our database as a publicly available resource on the subject. I tell you why this step is important below.

Take care,
Berci
Bertalan Meskó, MD
The Medical Futurist

***

YOUR COMMENTS ARE APPRECIATED.

Thank You

***

***

Filed under: Experts Invited, iMBA, Inc., Information Technology | Tagged: , , , , , , | 1 Comment »

Cyber-Security Considerations for “Mission-Critical” Medical Devices

Posted on May 24, 2015 by Dr. David Edward Marcinko MBA MEd CMP™

Join Our Mailing List 

Understanding the balance between new regulations (almost none) and guidance (in the form of non-binding recommendations)

By Shahid N. Shah MS

Shahid N. ShahTHEN …

In 2013, the Food and Drug Administration (FDA) issued its first cybersecurity safety communication, followed in 2014 by final guidance.

It struck a reasonable balance between new regulations (almost none) and guidance (in the form of non-binding recommendations).

NOW …

In 2015, the Federal Trade Commission (FTC) released a staff report entitled Internet of Things: Privacy & Security in a Connected World, in which it recommend that Internet of Things (IoT) style devices, which of course include medical and clinical devices, need to maintain a good security posture. It’s worth noting that the FDA, FTC, and other government regulators are centering on a few key guidelines.

Six Recommendations

The following six recommendations come directly from the FTC report:

  1. Companies should build security into their devices at the outset, rather than as an afterthought. As part of the security by design process, companies should consider:
  • Conducting a privacy or security risk assessment
  • Minimizing the data they collect and retain
  • Testing their security measures before launching their products
  1. Companies should train all employees about good security, and ensure that security issues are addressed at the appropriate level of responsibility within the organization
  2. Companies should retain service providers that are capable of maintaining reasonable security and provide reasonable oversight for these service providers.
  3. When companies identify significant risks within their systems, they should implement a defense-in-depth approach, in which they consider implementing security measures at several levels.
  4. Companies should consider implementing reasonable access control measures to limit the ability of an unauthorized person to access a consumer’s device, data, or even the consumer’s network.
  5. Companies should continue to monitor products throughout the life cycle and, to the extent feasible, patch known vulnerabilities

The FTC report and FDA guidelines are remarkably consistent. When thinking of cybersecurity and data privacy, engineers tend to think about authentication, authorization, and encryption. Those are the relatively easy topics.

*** circuit***

Mission Critical Medical Devices

For “mission-critical” medical safety devices, however, things are much more difficult and need to encompass a larger surface of questions, including but not limited to:

  • Asset Inventory: Is the device discoverable, and can it associate itself with standard IT inventory systems so that revision management, software updates, and monitoring can be automated?
  • Cyber Insurance: Does the device have enough security documentation to allow it to be insured by standard cyber insurance riders?
  • Patching: How is the firmware, operating system (OS), or application going to be patched by IT staff within hospitals (or the home for remote devices)?
  • Internal Threats: Has the device been designed to circumvent insider (hospital staff, network participants, etc.) threats?
  • External Threats: Has the device been designed to lock down the device from external threats?
  • Embedded OS Security: Is the device sufficiently hardened at the operating system level, such that no extraneous software components, which increase the attack surface, are present?
  • Firmware and Hardware Security: Are the firmware and hardware components sourced from reputable suppliers and free of state-sponsored spying?
  • Application Security: Is the Microsoft Security Development Lifecycle (SDL) or similar software security assurance process integrated into the engineering process?
  • Network Security: Have all network protocols not in use by the device been turned off so that they are not broadcasting?
  • Data Privacy: What data segmentation, logging, and auditing is being done to ensure appropriate data privacy?
  • HIPAA Compliance: Have proper steps been followed to ensure Health Insurance Portability and Accountability Act (HIPAA) compliance?
  • FISMA Compliance: If you’re selling to the federal government, have proper steps, such as use of Federal Information Processing Standard (FIPS) certified encryption, been followed to ensure Federal Information Security Management Act (FISMA) compliance?
  • Data Loss Prevention (DLP): Is there monitoring in place to ensure data leakage outside of the device doesn’t occur?
  • Vulnerabilities: Have common vulnerabilities such as the Open Web Application Security Project (OWASP) Top 10 been reviewed?
  • Data Sharing: Are proper data sharing agreements in place to allow sharing of data across devices and networks?
  • Password Management: Are passwords hardcoded into the device or made configurable?
  • Configuration Protection: Are configuration files properly check-summed and protected against malicious changes?

Conclusion

Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.

ABOUT

Mr. Shahid N. Shah is an internationally recognized healthcare thought-leader across the Internet. He is a consultant to various federal agencies on technology matters and winner of Federal Computer Week’s coveted “Fed 100″ Award, in 2009. Over a twenty year career, he built multiple clinical solutions and helped design-deploy an electronic health record solution for the American Red Cross and two web-based eMRs used by hundreds of physicians with many large groupware and collaboration sites. As ex-CTO for a billion dollar division of CardinalHealth, he helped design advanced clinical interfaces for medical devices and hospitals. Mr. Shah is senior technology strategy advisor to NIH’s SBIR/STTR program helping small businesses commercialize healthcare applications. He runs four successful blogs: At http://shahid.shah.org he writes about architecture issues; at http://www.healthcareguy.com he provides valuable insights on applying technology in health care; at http://www.federalarchitect.com he advises senior federal technologists; and at http://www.hitsphere.com he gives a glimpse of HIT as an aggregator. Mr. Shah is a Microsoft MVP (Solutions Architect) Award Winner for 2007, and a Microsoft MVP (Solutions Architect) Award Winner for 2006. He also served as a HIMSS Enterprise IT Committee Member. Mr. Shah received a BS in computer science from the Pennsylvania State University and MS in Technology Management from the University of Maryland. 

Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com

OUR OTHER PRINT BOOKS AND RELATED INFORMATION SOURCES:

Product Details

Product DetailsProduct DetailsProduct Details

Filed under: Information Technology | Tagged: , , , , , , , , , , | 7 Comments »