Cyber challenges remain as Russia infects hundred of thousands of Internet routers

By John Breyault (@jammingecono, johnb@nclnet.org)
NCL Vice President of Public Policy, Telecommunications and Fraud

Subscribe here. Tell us what you think.

Editor’s Note: Last week the the FBI urged all Internet router users to restart their devices in an effort to determine which routers Russian hackers have infiltrated. Meanwhile news came to light that the geolocations for users of four major cellphone carriers were unsecured and available to anyone who knew where to look. This could be a problem for President Trump, since he routinely refuses pleas from security experts in the White House that he switch out his cell phones on a regular basis as being “too inconvenient.”

And now, on to the clips!

—————–

FBI: Hundreds of thousands of Internet routers have been hacked with Russian malware. The FBI is urging anyone with an Internet router to restart it in an effort to thwart malware that is linked to Fancy Bear, the Russian hacking group responsible for the hacking of the Democratic National Committee. The malware, “is capable of blocking web traffic, collecting information that passes through home and office routers, and disabling the devices entirely.” According to @TalosSecurity, “The malware has a destructive capability that can render an infected device unusable.” The malware “can be triggered on individual victim machines or en masse, and has the potential of cutting off internet access for hundreds of thousands of victims worldwide.”(Source: New York Times)

Speaking of Russia: 95 percent of surveyed digital security experts believe that our state election systems are not safe. (Source: Washington Post)

FBI massively overstates number of encrypted phones it cannot access. For months, the FBI has told both Congress and the public that “investigators were locked out of nearly 7,800 devices connected to crimes last year when the correct number was much smaller, probably between 1,000 and 2,000.” @DevlinBarrett reports that the bureau believes the overstatement was a result of a coding error, which resulted in “the use of three distinct databases that led to repeated counting of phones.” (Source: Washington Post)

The geo location information of AT&T, Sprint, T-Mobile, and Verizon users was left unsecured on the Internet. @briankrebs reports that LocationSmart, a company that provides real-time geolocation information of cellular devices has been providing Internet users the geolocation of any cell phone on the four major networks “without the need for any password or other form of authentication or authorization…to an accuracy of within a few hundred yards.” (Source: Krebs on Security)

Using a secure mobile device is “too inconvenient,” for President Trump. While advisors have urged the President to swap out his phones once a month as his predecessors have done for security reasons, he’s reportedly gone as long as five months between security checks as they are “too inconvenient” for him. In addition, @politico reports that unlike his predecessor, President Trump uses a phone with an enabled microphone and camera, which multiply the security risks. “Former national security officials are virtually unanimous in their agreement about the dangers posed by cell phones, which are vulnerable to hacking by domestic and foreign actors who would want to listen in on the president’s conversations or monitor his movements.” (Source: Politico)

House and Senate introduce bill to protect children from data collection. The bill, introduced by Sen. Ed Markey (D-MA) and Rep. Joe Barton (R-TX) in their respective chambers, “would amend the Children’s Online Privacy Protection Act to tighten protections against collecting data on minors, forcing websites to obtain parental consent before collecting data on users under the age of 13. To collect data on those ages 13-15, it would require websites to secure consent from the users themselves. The bill would also prohibit using such data for advertising targeted at children.” (Source: The Hill)

GDPR is in effect. As if the hundreds of emails clogging your inbox wasn’t a tip-off, last week, Europe’s long awaited General Data Protection Regulation (GDPR) law officially went into effect. The law pairs consumer protections such as “requirements to notify regulators about data breaches (within 72 hours)” with steep penalties for noncompliance. (Source: The Verge)

Mobile app fraud increases 600 percent in three years. The report published by RSA also found that 48 percent of the fraud it observed stemmed from phishing attacks. (Source: RSA)

Events

August 9-12, 2018 – DEF CON 26 – Las Vegas, NV
DEF CON is the world’s longest-running and largest underground hacking conference. Each summer, hackers, corporate IT professionals, and three-letter government agencies all converge on Las Vegas to absorb cutting-edge hacking research from the most brilliant minds in the world. (Source: DEF CON)

National Consumers League
Published May 31, 2018

As cyber threats continue to grow, White House looks to eliminate top cyber job

By John Breyault (@jammingecono, johnb@nclnet.org)
NCL Vice President of Public Policy, Telecommunications and Fraud

Subscribe here. Tell us what you think.

Editor’s Note: The White House raised eyebrows this week when several sources reported that the new National Security Advisor, John Bolton, was lobbying the President to eliminate the role of special assistant to the president and cybersecurity coordinator. The position is currently held by the departing Rob Joyce.

Meanwhile, Equifax provided further details into the types of data its massive 146 million account breach compromised. Facebook, in response to the Cambridge Analytica scandal, suspended 200 applications while it looked into their data handling practices.

And now, on to the clips!

—————–

John Bolton is lobbying for the elimination of top cyber security job. As Iran raisers its cyber attacks in response to the US decision to pull out of the Iran deal, the White House is considering eliminating a key cyber post charged with protecting America from foreign state hackers. @ericgeller reports that “[c]ybersecurity experts and former National Security Council officials expressed alarm at the idea of eliminating the job, saying it would undo much of the progress the U.S. has made on cyber efforts and send the wrong message about U.S. priorities in the digital domain.” (Source: Politico)

Further details of Equifax breach released. Prior to Equifax’s latest disclosure, we knew that the breach had affected more than 146 million people, but we did not know the number of the records that were compromised. Equifax is now acknowledging that the compromised records included “146.6 million names, 146.6 million dates of birth, 145.5 million social security numbers, 99 million address information and 209,000 payment cards (number and expiry date) exposed, the company said there were also 38,000 American drivers’ licenses and 3,200 passport details.” (Source: The Register)

Personal data breaches, phishing scams among the top cyber crimes reported to the FBI in 2017. The FBI released its 2017 Internet Crime Complaint Center (IC3) Internet crimes report which “represents a total of 301,580 complaints with reported losses in excess of $1.4 billion. The top three crime types reported by victims in 2017 were non-payment/non-delivery, personal data breach, and phishing.” (Source: FBI)

Breach du jour: Chili’s. Last week, the restaurant chain learned that some of its customers’ payment cards had been compromised. @justinlmack reports that “Preliminary investigation indicates that malware was used to gather payment card information, including credit and debit card numbers, as well as names of cardholders who made in-restaurant purchases.” (Source: USA Today)

Breach du jour part deux: 3M Facebook users. Facebook users who took a personality quiz had their data stored on a website whose access codes were googleable. While the dataset did not include users’ names, in many cases it contained their ages, genders, and relationship statuses. For 150,000 people, it even contained their status updates. @Jake_K observes that while “a leak of 3 million users’ data is far smaller than the 87 million obtained by Cambridge Analytica, the story still serves as another warning of how easily this information can spread around and just how detailed it can be… even though the data was supposed to be anonymized, New Scientist points out that it easily could have been re-identified using the extra Facebook information attached to each personality test.” (Source: The Verge)

Quick hit: In related news, Facebook suspends 200 apps to investigate potential misuses of data. (Source: Quartz)

Twitter urges users to change their passwords. While there is no evidence that user passwords were compromised, a bug in the password hashing process caused user passwords to be “saved in plain text to an internal log, instead of masking them with the hashing process.” @cgartenberg observes tht while “Twitter hasn’t revealed how many users’ passwords may have potentially been compromised or how long the bug was exposing passwords before it found and fixed the issue … [t]he fact that the company is urging its entire user base to change their passwords indicates that it would seem to be a significant number of users.” (Source: Verge)

California teen phishes teachers to successfully change grades. Phishing attacks are usually used to perpetrate identity theft or to drain bank accounts. David Rotaro, a California student, used a phishing attack to change students’ grades at his school. Rotaro “created a fake website that looked identical to the school’s and then sent emails to teachers in an attempt to get them to sign into his fake site. At least one did, which allowed Rotaro to collect their login and password info. He then reportedly used that information to get into the Mount Diablo Unified School District IT network where he then changed other students’ grades — he even lowered some.” Rotaro now faces 14 felony charges. (Source: Yahoo!)

Events

August 9-12, 2018 – DEF CON 26 – Las Vegas, NV
DEF CON is the world’s longest-running and largest underground hacking conference. Each summer, hackers, corporate IT professionals, and three-letter government agencies all converge on Las Vegas to absorb cutting-edge hacking research from the most brilliant minds in the world. (Source: DEF CON)

National Consumers League
Published May 17, 2018

Facebook data leak estimated to have affected as many as 87 million accounts; Breaches affect Atlanta, Baltimore, Saks, Panera

By John Breyault (@jammingecono, johnb@nclnet.org)
NCL Vice President of Public Policy, Telecommunications and Fraud

Subscribe here. Tell us what you think.

Editor’s Note: The aftermath from the Facebook/Cambridge Analytica data leak continued this week with reports surfacing that some psychological profiles may not yet be deleted and that the number of affected users may be as many as 87 million. Meanwhile, both Atlanta and Baltimore experienced ransomware attacks that disrupted key services like 911. Atlanta’s attack lasted for days and forced city workers to revert to pen and paper.

On the political front, the FBI’s Inspector General issued a report that suggests that the FBI exploited the circumstances of the San Bernardino shooting case to try coerce Apple into creating a backdoor to its encryption. The report suggests that the FBI knew it would be able to unlock the iPhone in question, but still attempted to pressure Apple so as to create a legal precedent. Finally, despite the shift to more secure chip-based payment cards, card data remains lucrative to hackers. This week, we learned of a massive break at Saks Fifth Avenue that reportedly compromised more than 5 millions customers’ card data.

And now, on to the clips!

—————–

FBI IG: Bureau more interested in establishing unlocking precedent than pursuing San Bernardino case. The Department of Justice’s Office of the Inspector General (OIG) released a new report finding that a “top FBI official ‘became concerned’ that one of her subordinates was stonewalling efforts to unlock the shooter’s phone ‘to pursue his own agenda of obtaining a favorable court ruling against Apple.’ In addition, according to the report, an FBI unit knew that a private vendor was 90 percent done with an unlocking tool when the bureau told a federal court that only Apple could crack the device.” (Source: Morning Cybersecurity)

Outspoken cyberhawk John Bolton tapped as National Security Advisor. On April 9, John Bolton will become President Trump’s National Security Advisor. Bolton has been a champion for cyber retaliation in the aftermath of state-sponsored hacks, saying that the United States should use its “‘muscular cyber capabilities’ to strike back against digital adversaries like China, Russia, Iran and North Korea. The point, he said, would be to impose costs ‘so high that they will simply consign all their cyber warfare plans to their computer memories to gather electronic dust.’” (Source: Politico)

City of Atlanta hit with crippling cyberattack. Last Thursday, Atlanta’s municipal government was “brought to its knees” by a ransomware attack that disabled the city government’s computers. @alanblinder called the attack “one of the most sustained and consequential cyberattacks ever mounted against a major American city.” (Source: New York Times)

Baltimore’s 911 system hit with ransomware attack. Last Sunday, Baltimore’s 911 and 311 systems were shut down by ransomware, forcing city workers to revert to manual dispatching. @RectorSun reports that the attack disabled the system that “automatically populates 911 callers’ locations on maps and dispatches the closest emergency responders there more seamlessly than is possible with manual dispatching.” For a time, the attack forced the city to revert to manual dispatching. (Source: The Baltimore Sun)

Facebook scandal grows to 87 million accounts. Yesterday, Facebook published a blog in which it acknowledged that, “in total, we believe the Facebook information of up to 87 million people — mostly in the US — may have been improperly shared with Cambridge Analytica.” (Source: Facebook)

Cambridge Analytica’s profiles on users have not yet been deleted. The UK’s Channel 4 reports that “Cambridge Analytica US campaign data, is still circulating – despite assurances it has been deleted…The cache of campaign data from a Cambridge Analytica source, details 136,000 individuals in the US state of Colorado, along with each person’s personality and psychological profile.” (Source: Channel 4)

Quick hit: FTC confirms investigation into Facebook. In its release, the FTC said that recent press reports had raised “substantial concerns about the privacy practices of Facebook.” (Source: Federal Trade Commission)

DOJ busts “massive” Iranian hacking ring. Iranian hackers are believed to have been “pilfering research and documents from over 100 American universities and government agencies for years.” Geoffrey Berman, the U.S. attorney for the Southern District of New York, commented that the bust is “one of the largest state-sponsored hacking campaigns ever prosecuted” by the United States. (Source: Politico)

Breach du jour: Saks Fifth Avenue. Saks Fifth Avenue, Lord & Taylor, and Saks Off Fifth were the subject of a massive data breach compromising the payment information of more than 5 million shoppers. Gemini Advisory, the cybersecurity research firm that discovered the breach, said that the breach is “is amongst the biggest and most damaging ever to hit retail companies.” (Source: Fortune)

Breach du jour, part deux: Panera Bread. @briankrebs is reporting that Panera Bread leaked millions of “customer records — including names, email and physical addresses, birthdays and the last four digits of the customer’s credit card number — for at least eight months before it was yanked offline.” Customers who ordered food online or through their app are believed to be affected. (Source: Krebs on Security)

Events

April 11, 2018 – House Energy and Commerce Hearing, Washington, DC
Facebook Founder Mark Zuckerberg will appear before the House Energy and Commerce committee to discuss Facebook’s “use and protection of user data.” (Source: Wall Street Journal)

National Consumers League
Published April 5, 2018

USP

Access to Affordable, Quality Medicines
USP is evaluating approaches to best support recent efforts by the FDA to streamline and enhance the approval process for generic drug development. USP’s standards, developed in partnership with hundreds of expert volunteers, help support a robust and dependable generic medicines market that contributes to lower drug costs. USP is looking forward to working closely with both the FDA and the generic drug manufacturing industry to advance these efforts.

Compounding Update
USP General Chapters <795> Pharmaceutical Compounding ‒ Nonsterile Preparations, and <797> Pharmaceutical Compounding ‒ Sterile Preparations are in the active revision process. To provide a unified approach to quality compounding, USP intends to align the timing and content of General Chapters <795>, <797>, and <800> Hazardous Drugs—Handling in Healthcare Settings. Among other proposed content in the revisions, hazardous drug handling sections in <795> and <797> will reference General Chapter <800>. Stakeholders will be able to provide written comments through the USP website from March 30, 2018 to July 31, 2018 for USP <795>, and from July 28, 2018 to November 30, 2018 for USP <797>. There will also be two Stakeholder Open Microphone Sessions at USP-Rockville on April 20, 2018 for Chapter <795> and September 5, 2018 for Chapter <797>. The Intended Official Date for Chapters <795>,<797>, and <800> is December 1, 2019.

National Council on Patient Information and Education (NCPIE)

New NCPIE Report Outlines National Strategy to Prioritize Self-Care
A new report by the National Council on Patient Information and Education (NCPIE) highlights the need for advancing self-care in the United States and introduces an agenda to achieve greater awareness of self-care. The report, entitled Empowering Americans to Take Greater Responsibility for Their Health: A Roadmap for Building a National Self-Care Movement in the U.S., calls attention to a rapidly aging population as well as the increasing burden of both minor and chronic illnesses in the U.S. With the nation spending over $3 trillion annually on healthcare and with 80% of Americans expected to have at least one chronic condition by 2030, costing society more than $42 trillion in medical expenditures and losses in productivity, the U.S. health system is in a state of  disrepair. This report sheds light on how self-care has the potential to improve individual health and reduce medical costs.

NCPIE has joined a new collaborative program, Allied Against Opioid Abuse (AAOA) with several stakeholder partners. AAOA is a national education and awareness initiative to help prevent the abuse and misuse of prescription opioids. The goal is to contribute to solving the opioid crisis in a meaningful way by educating patients about the rights, risks, and responsibilities associated with prescription opioids. The initiative is a collaborative effort with diverse partners across the pharmaceutical supply chain, as well as organizations that are experts in public health and healthcare. The AAOA website provides details about the campaign objectives and available educational resources.

National Association of Nurse Practitioners in Women’s Health

The National Association of Nurse Practitioners in Women’s Health (NPWH) will convene its second annual Healthy at Any Age Summit on April 26, 2018. The Summit will provide an opportunity for the group to focus on the physical, mental, economic, and community/social health needs of women over the age of 50. NPWH also plans to launch its Patient Portal during Women’s Health Week in May. Additionally, NPWH is looking forward to hosting the fifth annual Women’s Sexual Health Course for NPs in Phoenix this June. Finally, NPWH just concluded a series of successful regional meetings on “Women’s Health Care Across the Lifespan,” held in Dallas, Atlanta, Chicago, and New York.

National Alliance for Caregiving

The National Alliance for Caregiving, in partnership with Global Genes, has released Rare Disease Caregiving in America (February 2018), a national study of 1,406 unpaid caregivers ages 18 and over living in the United States who provide care to a child or adult with a rare disease or condition. The National Institutes of Health estimates that there are approximately 7,000 rare diseases. More than 400 unique rare diseases and conditions were captured in the study which identifies the emotional, financial, physical, and social strain of rare disease caregivers and includes public policy recommendations. The study and related materials are available at www.caregiving.org/rare. For questions or comments about the study, please contact the Alliance at (301) 718-8444 or info@caregiving.org.   

Johnson & Johnson

The Janssen Pharmaceutical Companies of Johnson & Johnson issued their 2017 Janssen U.S. Transparency Report, which demonstrates the company’s commitment to responsible business practices that put patients first, including how Janssen invests its resources, prices its medicines, and helps people who need Janssen medicines get access to them. The second annual report shows that in 2017 the net price of Janssen’s medicines in the U.S. decreased by 4.6% while the company increased to $7.9 billion its investment in discovering and developing transformational medicines for patients facing some of the world’s most challenging diseases.

Brian Isetts, PhD, BCPS, FAPhA, University of Minnesota College of Pharmacy

Brian J. Isetts was recently nominated to serve a two-year term of service, commencing June 1, 2018, on the Medicare Evidence Development & Coverage Advisory Committee (MEDCAC) at CMS. MEDCAC was established to provide independent guidance and expert advice to CMS on specific clinical topics. The MEDCAC is used to supplement CMS’ internal expertise and to allow an unbiased and current deliberation of “state of the art” technology and science.

FDA Office of Women’s Health

FDA’s Office of Women’s Health (OWH) supports Research on Heart Disease in Women to provide valuable insights into sex differences in the diagnosis and treatment of cardiovascular disease. FDA OWH also provides free resources with special tips to help women from diverse communities make good decisions about their heart health.

Duke University School of Medicine

The Duke University School of Medicine Department of Population Health Sciences is pleased to announce its Summer Institute, which is scheduled for June 4-6, 2018 at the Washington Duke Inn on Duke’s campus. The Summer Institute is geared toward early- to mid-career researchers and professionals working in health care and health services research who want to learn new methods to broaden their research design. Led by five of Duke’s leading researchers, the Institute will cover three key health science research methods: Measurement Science, Qualitative Methods, and Dissemination & Implementation Science. Additional information is available here. 

Council for Affordable Health Coverage

The Council for Affordable Health Coverage (CAHC) hosted Acting Assistant Secretary for Planning and Evaluation at HHS, John Graham, for its most recent monthly meeting on March 15^th. The coalition is currently formulating its response to a request for feedback on healthcare cost transparency from Sen. Bill Cassidy (R-LA), Sen. Michael Bennet (D-CO) and members of the bipartisan Senate transparency workgroup.

CAHC’s Clear Choices Campaign is also preparing to release a report, tentatively set for April 3^rd, entitled “Modernizing Medicare Plan Finder: Evaluating and Improving Medicare’s Online Comparison Shopping Experience.” The study, prepared with the National Council on Aging, offers a look at the current challenges and shortcomings of Medicare Plan Finder while providing recommendations for improvement.

Finally, earlier this month, CAHC released its March 2018 ACA dashboard, providing a snapshot of enrollment figures, carrier choices, and premium costs under the healthcare law. CAHC also released a supplemental fact-sheet on ACA premiums that can be viewed here. 

Prescriptions for a Healthy America

Prescriptions for a Healthy America (P4HA) saw a successful February, with enactment of legislation it had long championed to coordinate Medicare parts A, B, and D claims data as part of the Bipartisan Budget Act.  

On March 1, P4HA held a Congressional briefing entitled, “Medication Synchronization: Improving Health, Saving Time and Money.” The briefing featured a panel of expert guests from Harvard, Thrifty White, and Publix, among others, and discussed how medication synchronization programs can increase medication adherence, reduce hospitalizations, and reduce healthcare costs. 

Also at the briefing, P4HA unveiled new cost estimates on the fiscal impact of further expanding medication synchronization programs. The report, prepared by P4HA Chief Economist Jeff Lemieux – a Congressional Budget Office alumnus – and P4HA Executive Director Sloane Salzburg, found that utilizing medication synchronization programs for all seniors with three or more prescriptions could save up to $42 billion a year due to reduced hospitalizations and improved adherence.

Related to this, the Bipartisan Budget Act passed in February also called for a GAO study and report on medication synchronization programs, which could yield new data to support expanding these models to more Americans who are at elevated risk for nonadherence.

Contact Sloane Salzburg (Sloane.salzburg@cahc.net) to learn more about CAHC and P4HA.

Consumer Healthcare Products Association (CHPA) Educational Foundation

Up and Away Campaign’s Cold & Flu Rally
For the first time, the Up and Away campaign capitalized on the cold and flu season during the month of December to remind parents about the importance of safe medicine storage, specifically highlighting the risks of leaving medicines out between doses. Through partner activation, highly targeted Facebook and Instagram advertising, English and Spanish press releases, and earned media outreach across local and national media markets in both English and Spanish, the Up and Away cold and flu rally garnered more than 7 million total impressions. In addition, through this rally, the Up and Away campaign deepened its partnership with Safe Kids through a joint media outreach effort. National press releases were distributed via PR Newswire in both English and Spanish to 146,355,005 potential readers, and the campaign reached its goal of securing four original coverage hits, including one spokesperson interview, for an estimated 117,869 coverage views. There was strong interest from Hispanic outlets, both local and national, and, in collaboration with Safe Kids and a local poison center, six new spokespersons were recruited, including two Spanish-speakers and a mother with a “close call” story.

Black Women’s Health Imperative

The Black Women’s Health Imperative (BWHI) has released and conducted a number of new information and awareness campaigns with respective partners:

• Using 20 years of research from Boston University’s Black Women’s Health Study, BWHI created IndexUS: What Healthy Black Women Can Teach Us About Health. The Index provides:
  • Practical, everyday things Black women can do to improve their health
  • Advice for what political and civic leaders can do to improve Black women’s health
  • Facts about why Black women’s health matters.

The IndexUS can be viewed digitally by downloading a copy or you can request a printed copy by emailing info@bwhi.org.

• Expanding on the highly effective Change Your Lifestyle. Change Your Life. (CYL2) program supported by the CDC, BWHI has added new partners and resources like the Prediabetes Risk Test to educate communities about prediabetes, Type 2 diabetes, and encourage practical lifestyle changes to help women and men across the country lose weight, feel great, and get healthy! Lifestyle coaches teach participants how to cook all their favorite foods in a healthier way and make working out fun. The BWHI CYL² program is a leader among programs that help people not only shed pounds, but also avoid diabetes, heart disease and many other chronic conditions.
• In January 2018, BWHI and 7 other partner organizations combined efforts to establish the Care Women Deserve Campaign, a 9-month campaign that is educating women on the range of vital women’s preventive services available under the Affordable Care Act at no out-of-pocket cost to them.
• Additional BWHI initiatives include: My Sister’s Keeper, which provides young women with the tools to elevate the conversation about sexual health and domestic violence and advocate for policies that keep women safe; The New Network The New Normal, which focuses on HIV/AIDS prevention and education for Black women; and continuous promotion of preventive services and special enrollment available under the Affordable Care Act.

Association for Accessible Medicines

The Association for Accessible Medicines (AAM) hosted its annual meeting in Orlando in February. More than 600 leaders in the field came to celebrate the achievements of the generic and biosimilars industry and to ready themselves for the political and business challenges ahead. Successes from the past year included the defeat of the FDA’s problematic draft drug labeling rule, the institution of enhanced FDA approval processes, and the FDA’s determination to curtail the abuse of safety programs by some brand companies. AAM’s President and CEO Chip Davis reminded attendees that hundreds of millions of patients in the U.S. and around the world rely on AAM member companies to provide safe, effective and affordable medicine. He urged member companies to engage proactively with state and federal legislators and other stakeholders to help them understand the value proposition of generics and biosimilars and how our business model differs from that of the brand-name manufacturers.

During the conference, AAM also released a new white paper, “Ensuring the Future of Accessible Medicines in the U.S.: Avoiding Shortages & Ensuring Competition for America’s Patients,” which finds that generics and biosimilars continue to provide savings for patients, but that uninterrupted patient access to these affordable prescription medicines is at risk. According to the report, generic prices are falling faster and settling lower than ever before. But new savings – with up to $140 billion in patent expiries over the next five years – are at risk without policies that ensure market entry, and continued savings from older generics are threatened by purchaser consolidation and policies like the Medicaid Generics Penalty and state-enacted burdens. The report concluded with a series of policy recommendations that policymakers can and should act on to ensure continued savings and market-based competition, as well as prevent shortages, for future availability of affordable medicines.

American Society of Health-System Pharmacists

The American Society of Health-System Pharmacists (ASHP) recognizes the significant impact that the opioid epidemic is having on patients and the healthcare system. On March 6, ASHP convened an interdisciplinary stakeholder meeting at its headquarters to address this public health concern. The 22-member Commission on Goals: Focus on Opioids included key influencers from nursing, medicine, public health, regulatory agencies, academia, and pharmacy. The Commission was charged with identifying actionable solutions to the opioid epidemic, with an emphasis on optimizing pain management through the selection, initiation, and monitoring of medication therapy in hospitals and health systems and how pharmacists can assist other clinicians in moving these solutions forward.

The Commission identified a number of actionable solutions, including pharmacist participation on pain care teams, adoption of opioid stewardship programs, use of performance data to drive practice change, improvements to prescription drug monitoring programs, utilizing patient-specific pain plans, and action plans that are coordinated with community-based organizations, first responders, and government agencies. 

Proceedings of the meeting will be published in a forthcoming issue of the American Journal of Health-System Pharmacy.

America’s Health Insurance Plans

In February 2018, the Modern Medicaid Alliance — a partnership organization between Americans who value Medicaid and more than 100 leading advocacy groups, including the National Consumers League — convened an event in partnership with the Hoover Institution on the future of Medicaid. The event explored the immediate outlook for policy changes, examined Medicaid innovations already underway, and generated expert discussion on how Medicaid delivers for states and beneficiaries alike, as well as how leaders at the federal and state level can work together to improve outcomes and lower program costs. The event featured experts from leading organizations such as the National Association of Medicaid Directors, National Governors Association, National Rural Health Association, MMA-convening organization AHIP, George Washington University, and the National Alliance for Medicaid in Education.

AMAG Pharmaceuticals

AMAG Pharmaceuticals has continued to develop a ground-breaking alliance with leading organizations in the women’s health space – including NCL – to impact barriers standing in the way of better outcomes in women’s sexual health. The alliance has been carrying out primary research to inform a formal launch later this year. The company also recently received several important approvals from the U.S. Food and Drug Administration (FDA). In February, the FDA approved the Makena® subcutaneous auto-injector drug-device combination product as a ready-to-administer treatment to reduce the risk of preterm birth in women pregnant with one baby and who spontaneously delivered one preterm baby in the past. The pre-filled Makena auto-injector offers a new administration option for patients and providers and contains a shorter, thinner non-visible needle compared to the intramuscular (IM) Makena injection. In the same month, the FDA approved AMAG’s application to broaden the existing label for Feraheme^® (ferumoxytol injection) beyond the current chronic kidney disease (CKD) indication to include all eligible adult Iron Deficiency Anemia (IDA) patients who have intolerance to oral iron or have had unsatisfactory response to oral iron.