It may be hard to believe but the growth in employer healthcare costs is at a 10-year low. PwC’s annual report  on medical cost trends— including physician, pharma, hospital, and outpatient costs—-projects that healthcare costs in 2017 will increase by 6.5%. That’s down from 11.9% in 2007 when cost increases began a steady decline interrupted only by a slight increase from 2014 (6.5%) to 2015 (6.8%).

The medical cost trend is important to employers and consumers because it influences the cost of health insurance premiums. And no, this decline doesn’t mean that insurance premiums will be lower anytime soon. That 6.5% is still a bit higher than the annual inflation rate so there’s still plenty of work to be done.

In this election year, both candidates have promised to reduce healthcare costs, but as the PwC report points out reducing those costs is complicated work, which has to account for not only the price paid for— but also the utilization of — medical products and services.

“Future reductions in medical cost trend growth will require a continued focus on prices but also delivery and access changes that might impact utilization,” says the report. The analysis, based on health industry interviews and surveys, measures medical spending growth for the 155 million people insured by employer-sponsored plans.

So what is pushing cost upward?

Convenience is a cost inflator. Just a few years ago the healthcare industry was excited by the arrival in big box stores of small retail clinics. With lower costs and convenient locations they can provide an alternative to costly ER (emergency room) visits. In 2011 there were fewer than 1,500 retail clinics nationwide and about 24% of consumers reported visiting one. It’s projected that by the end of 2016 there will be 3,000 retail health clinics and about 40% of consumers will have sought care at one.

So what’s the problem? Well, it’s sort of a damned if you do; damned if you don’t scenario. There’s evidence that the threshold for seeking care at a retail clinic is lower. A sniffle or a sprain may not justify a trip to the ER but a quick stop at a retail clinic is acceptable. So for now this convenience is contributing to increased costs.

But change is brewing and retail clinics may help reduce overall spending in the future. These clinics are already moving into chronic disease management, especially for diabetes and asthma, explains Rick Judy, a principal in PwC’s Health Research Institute, in an e-mail exchange. That’s a step physicians are welcoming with open arms with 75% of primary care docs saying they want retail pharmacists to assist with medication management.

Pent up demand is a cost inflator. For years mental health was something of a step-child to physical health in the health insurance industry with complicated rules for access and more frequent denials for mental health care than for general medical care. But according to the PwC report, employer recognition that mental health is closely related to physical health (68% of people with mental health issues have chronic health conditions such as diabetes and heart disease) and a new regulatory push to enforce mental health parity legislation is expected to change that.

In the short-term, pent-up demand for mental health services could inflate medical costs and push the medical cost trend upwards. Over the long term though mental health treatment could help reduce costs associated with physical health issues, according to the report.

Meanwhile, high performing networks and new pharmacy benefit management (PBM) strategies are putting downward pressure on healthcare costs, says the report.

The high performance network is a deflator. For years cost sharing was the go-to strategy for employers looking to reduce their healthcare expenses. So employees paid a larger share of healthcare premiums and often found themselves on the hook for higher and higher deductibles and copayments. But now it looks like cost sharing has plateaued and employers are looking for other ways to control costs.

A typical high performance network includes a local or regional community of providers with proven, high-quality care delivery, an efficient cost structure, and the willingness to be paid on outcomes, says Judy.

The narrow networks can reduce employer costs by as much as 35% compared with broader, more inclusive provider networks. Although only 9% of employers have implemented a performance-based network, there is strong interest with 43% of employers considering their adoption, according to the PwC report. One caveat: Employers may need to devote resources to educate their staff about the trade-offs between large all-inclusive networks and cost savings.

PBM is a deflator. Aggressive negotiations, increased competition and a move toward paying for results — not volume discounts—may create a perfect storm that will help hold down drug prices. PBMs are aggressively negotiating drug costs as employers signal their willingness to provide narrow formularies to their employees. Employers are more likely to get the best prices if they are willing to narrow their formularies to a single treatment option.

Meanwhile, increased competition and a lack of a new blockbuster specialty drug coming on market in 2017 will mean more rebates and pricing discounts.

“Many of the new prescription drugs coming on market…are arriving close to the same time as competitors’ drugs…[making] it easier to negotiate more attractive discounts,” says the report.

Judy notes that the FDA is beginning to approve biosimilar drugs, which are less expensive alternatives to the high-cost specialty drugs. “Our research found discounts as high as 40% once a follow-on drug is approved for market. Costs go down even further when the patents expire and generic versions compete with branded drugs.”

About the author: Margaret Dick Tocknell specializes in business-to-buiness healthcare reporting, white papers, and the analysis of trends affecting stakeholders in the delivery of healthcare services. She is based in Jacksonville, Fla.

Steady Hillary Clinton and unbridled  Donald Trump headed into the final stretch of campaigning before the election with last night’s third  debate. Clinton, the cadence of years of politics and experience behind her, versus the bombast of Trump, this outsider of political outsiders on a treadmill going backward, one “nasty” word at a time.

The debate again put healthcare on a low-rung, possibly because Clinton and Trump’s differences have been so well documented, such as Trump’s disdain for Obamacare, and Clinton’s favorable view of it. We’ll get to some of the specifics in a bit.

The big news out of the debate focused on Trump refusing to promise he would concede if he lost, with the statements described as unprecedented, an insult to democracy, a hint that his followers may never give in.

But, on the other hand, if he  loses, he’s outta here, and what difference does it make? When a team loses the championship, they pack their bags, say goodbye, and the planes fly them home. Season over. There’s a lot of we could-a-should-a, brow-beating, and second-guessing over missed chances. But that’s it. If Trump loses, we’ll be saying Happy New Year at the advent of 2017, and the GOP could begin or continue a massive re-examination. Yeah, the worry is Trump will keep saying the system is rigged, yeah, yeah, yeah, without a teardrop of evidence.

America is great still, despite whiners.

The debate and healthcare

When it comes to healthcare, in the final debate, Trump and Clinton sharply disagreed about Obamacare, potential Supreme Court choices in light of Roe Vs. Wade, and the work of the Clinton Foundation.

According to the transcript prepared by Politico

Obamacare

“One thing we have to do is repeal and replace the disaster known as Obamacare,” said Trump. “It’s destroying our country. It’s destroying our businesses.”

“It is probably going to die of its own weight, but Obamacare has to go,” Trump said. “The premiums are going up 60%, 70%, 80%. Next year, they’re going to go up over 100%. And I’m really glad that the premiums have started, at least the people see what’s happening because she wants to keep Obamacare and she wants to make it even worse and it can’t get any worse.”

Clinton strongly disagreed. “And I’ll say something about the Affordable Care Act, which he wants to repeal,” she said. “The affordable care act extended the solvency of the medicare trust fund. If he repeals it, our Medicare problem gets worse.”

Trump told Clinton:  “Your husband disagrees with you,” obviously referring to former President Clinton’s remarks about Obamacare as ” craziest” thing.

Clinton elaborated, however:  “We’ve got to go after the long-term health care drivers. We’ve got to get costs down, increase value, emphasize wellness. I have a plan for doing that, and I think that we will be able to get entitlement spending under control but with more resources and smart decisions.”

The Supreme Court

Trump emphasized that he would, if elected, be “putting  pro-life justices on the court.”  “It will go back to the states and the states will then make a determination.” He said he’s  aiming (to nominate)  two or perhaps three justices on the court.”

Clinton emphasized her support for Roe v. Wade. “We need a Supreme Court that will stand up on behalf of women’s rights strongly support Roe v. Wade, which guarantees a “constitutional right to a woman to make the most intimate, most difficult in many cases, decisions about her health care that one can imagine,” she said.” I will defend planned parenthood.

Clinton said the government shouldn’t be “stepping in and making those personal decisions,” referring to a question about her stance related to government intervention of  late-term partial birth abortions. “So you can regulate if you are doing so with the life and the health of the mother taken into account,” she said.

“Well, I think it’s terrible,” Trump said. “If you go with what Hillary is saying, in the ninth month you can take baby and rip the baby out of the womb of the mother just prior to the birth of the baby.”

Clinton Foundation

Clinton said the foundation “made it possible for 11 million people around the world with HIV-AIDS to afford treatment and that’s about half of all the people in the world that are getting treatment in partnership with the American health association.”

Said Trump: “It’s a criminal enterprise.”  He added, “So I’d like to ask you right now why don’t you give back the money that you’ve taken from certain countries that treat certain groups of people so horribly?

The news that as many as 500 million user accounts were hacked on Yahoo came roughly when I was typing..er…an email in my Yahoo account.

And I was just writing a story about the problems of hacking into healthcare organizations.

Yahoo may have been subjected to the worst data breach in history.

“The Yahoo hack is HUGE,” says Phil Richards, chief information officer for LANDESK, based in South Jordan, Utah. The impact of that could be staggering.” LANDESK provides IT systems, security service and process management solutions for organizations worldwide.

The FBI is trying to untangle the Yahoo situation, while Congress may investigate, too.

While the Yahoo hack is multifaceted, Richards says there is an immediate lesson for those working in healthcare and a relatively simple one: watch out for re-used passwords, especially among patients.

“Many healthcare systems allow patients to log in to get a copy of their medical records, such as test or lab results, diagnosis reports, or prescriptions,” he says. “Humans, being somewhat predictable, often issue their credentials across multiple systems. If people used the same credential (user id and password) at a healthcare website, as they did for Yahoo, those credentials could be exposed.”

If you run a small hospital system or a doctor’s office, there are other concerns, too, such as hackers going into computer networks, or demanding money from you to get rid of the infections, twists of ransomware.

Phil Richards, an expert on computer security and chief information officer for LANDESK, based in South Jordan, Utah. LANDESK provides IT systems, security service and process management solutions for organizations worldwide.

Ransomware is the fastest growing malware threat, targeting users of all types – from the home user to the corporate network. Obviously, healthcare isn’t the only target of hackers. Hackers implementing ransomware can pinpoint home users, business and government networks.

On average, more than 4,000 ransomware attacks have occurred daily since January 1, 2016. – That’s a 300 percent increase over the about 1,000 attacks per day seen in 2015, according to the United States Computer Emergency Readiness Team. Healthcare accounts for 88 percent of all detections in the second quarter of 2016, according to managed security provider Solutionary, says a report in Betanews.

.In May, the Kansas Heart Hospital, in Wichita, KS, paid an undisclosed ransom after it was hacked. Once that occurred, officials there might have figured that was the end of it, a headache no longer to be suffered.

It wasn’t. The hospital was targeted a second time by a hacker. The hospital learned a lesson and said “no” the second time to the idea of paying a ransom.

“The police of Kansas Heart Hospital in conjunction with our consultants felt no longer was this was a wise maneuver or strategy,” the hospital said.

Richards says in his blog professionals dread the day when they get a call, like what happened at Kansas Heart Hospital, that someone seeking ransomware has infiltrated a network and already “started encrypting files, drives, and network shares.”

“The hackers are seeing continued profit in ransomware, and with more severity and frequency,” Richards says. “We’re seeing the healthcare being attacked successfully across the board.”

Medical records of smaller hospitals are particularly vulnerable especially with a lack of infrastructure to protect them. (Richards emphasizes that he was referring to generic healthcare providers, not specific cases, such as Kansas Heart Hospital, in which he is unaware of its infrastructure.)

“The nirvana would be to remove all profit potential from ransomware. That is likely not realistic, however,” Richards says.

The federal government and non-governmental organizations are strongly recommending against paying a ransom. Richards agrees and offers these observations:

• There is a possibility that you will not get the files back even after you pay.
• A perception may exist that you are ‘giving in’ to the bandits
•    “Bad actors” are encouraged to continue developing ransomware.
• A market perception may exist that your company doesn’t know how to handle security incidents.

Overcoming Vulnerabilities

In the security world, people are uncertain, worried and anxious what to do next

Ransomware can come about in some of the seemingly most innocuous ways. For instance, a physician may like what seems to be cool software he learned about at a conference and spread the word at his hospital or practice. Once the software is installed, it may only pack trouble and be a place for ransomware. Or a hospital doesn’t its system as often as it should.

Many ransomware “ (operatives) are well organized to quasi-organized, and most of the time not on U.S. soil, but from Russia,” Richards says.

Overcome Vulnerabilities

Nothing is perfect, but you can take big steps to reduce the possibility of vulnerabilities in a system that can’t stand a specific attack, he writes. “The best way to protect your system is to make sure that the malware can’t get a foothold, and analyze your computer to find vulnerabilities,” Richards says. A great tool to improve awareness has been established by an inter-agency government task force that offers technical guidance protective measures against ransomware.

   Do you have a weak password?

   A computer in a public place that hasn’t been locked

   An application that hasn’t been patched. Defects in software that require patching, he said, are tracked in the National Vulnerability Database.

A glaring example how vulnerabilities are exploited, he says, is by examining the behavior of Exploit kits. Exploit kits are the second most common way for malicious actors to gain a foothold within an organization, just behind phishing.

Exploit kits are sold on the cybercrime black market to gain control of unsuspecting consumers, Richards says.

The hacking can start when an employee in your organization goes to a website.

Recently, Richards mentioned in his blog a new threat: Betabot, a highly sophisticated piece of ransomware that has the ability to circumvent most of the technology devised to detect it. “The net effect is that the malware will skate through the perimeter defenses and infect the workstations within your network without being detected,” he says.

Ultimately, for hospital systems and physician practices, they must protect their health records. “This is part of treating patients,” Richards says, “and the priority is to secure the records.”