January 2020 – Page 2 – Law Enforcement, Military, and Terrorism News

Electronic Health Records Vendor to Pay $145 Million to Resolve Criminal and Civil Investigations

Practice Fusion Inc. (Practice Fusion), a San Francisco-based health information technology developer, will pay $145 million to resolve criminal and civil investigations relating to its electronic health records (EHR) software, the Department of Justice announced on Monday.

Practice Fusion Inc. Admits to Kickback Scheme Aimed at Increasing Opioid Prescriptions

As part of the criminal resolution, Practice Fusion admits that it solicited and received kickbacks from a major opioid company in exchange for utilizing its EHR software to influence physician prescribing of opioid pain medications. Practice Fusion has executed a deferred prosecution agreement and agreed to pay over $26 million in criminal fines and forfeiture.

In separate civil settlements, Practice Fusion has agreed to pay a total of approximately $118.6 million to the federal government and states to resolve allegations that it accepted kickbacks from the opioid company and other pharmaceutical companies and also caused its users to submit false claims for federal incentive payments by misrepresenting the capabilities of its EHR software.

“Across the country, physicians rely on electronic health records software to provide vital patient data and unbiased medical information during critical encounters with patients,” said Principal Deputy Assistant Attorney General Ethan Davis of the Department of Justice’s Civil Division. “Kickbacks from drug companies to software vendors that are designed to improperly influence the physician-patient relationship are unacceptable. When a software vendor claims to be providing unbiased medical information – especially information relating to the prescription of opioids – we expect honesty and candor to the physicians making treatment decisions based on that information.”

The resolution announced today addresses allegations that Practice Fusion extracted unlawful kickbacks from pharmaceutical companies in exchange for implementing clinical decision support (CDS) alerts in its EHR software designed to increase prescriptions for their drug products. Specifically, in exchange for “sponsorship” payments from pharmaceutical companies, Practice Fusion allowed the companies to influence the development and implementation of the CDS alerts in ways aimed at increasing sales of the companies’ products.

Practice Fusion allegedly permitted pharmaceutical companies to participate in designing the CDS alert, including selecting the guidelines used to develop the alerts, setting the criteria that would determine when a healthcare provider received an alert, and in some cases, even drafting the language used in the alert itself.

The CDS alerts that Practice Fusion agreed to implement did not always reflect accepted medical standards. In discussions with pharmaceutical companies, Practice Fusion touted the anticipated financial benefit to the pharmaceutical companies from increased sales of pharmaceutical products that would result from the CDS alerts. Between 2014 and 2019, health care providers using Practice Fusion’s EHR software wrote numerous prescriptions after receiving CDS alerts that pharmaceutical companies participated in designing.

Practice Fusion executed a deferred prosecution agreement with the U.S. Attorney’s Office for the District of Vermont based on its solicitation and receipt of kickbacks from a major opioid company to arrange for an increase in prescriptions of extended release opioids by healthcare providers who used Practice Fusion’s EHR software. As detailed in the criminal Information made public today, Practice Fusion solicited a payment of nearly $1 million from the opioid company to create a CDS alert that would cause doctors to prescribe more extended release opioids.

That payment was financed by the opioid company’s marketing department, and the CDS was designed with input from the marketing department. Practice Fusion and the opioid company entered the CDS sponsorship because they believed that the CDS would influence doctors’ prescriptions of extended release opioids. In marketing the “pain” CDS alert, Practice Fusion touted that it would result in a favorable return on investment for the opioid company based on doctors prescribing more opioids.

“Practice Fusion’s conduct is abhorrent. During the height of the opioid crisis, the company took a million-dollar kickback to allow an opioid company to inject itself in the sacred doctor-patient relationship so that it could peddle even more of its highly addictive and dangerous opioids,” said Christina E. Nolan, U.S. Attorney for the District of Vermont.

“The companies illegally conspired to allow the drug company to have its thumb on the scale at precisely the moment a doctor was making incredibly intimate, personal, and important decisions about a patient’s medical care, including the need for pain medication and prescription amounts. This recovery is commensurate to the nature of Practice Fusion’s misconduct, represents the largest criminal fine in the history of this District, and requires Practice Fusion to admit to its wrongs. It is another example of pioneering healthcare fraud enforcement by the talented Assistant U.S. Attorneys and staff of this U.S. Attorney’s Office, working with their partners in law enforcement. We cannot — and will not — tolerate technology companies influencing patient treatment merely because a pharmaceutical company provided a kickback.”

The criminal Information charges Practice Fusion with two felony counts for violating the Anti-Kickback Statute (AKS), 42 U.S.C. § 1320a-7b(b)(1), and for conspiring with its opioid company client to violate the AKS, 18 U.S.C. § 371. This case is the first ever criminal action against an EHR vendor and the unique Deferred Prosecution Agreement imposes stringent requirements on Practice Fusion to ensure acceptance of responsibility and transparency as to its underlying conduct, and to invest heavily in compliance overhauls and an independent oversight organization.

The Deferred Prosecution Agreement requires Practice Fusion to pay a criminal fine of $25,398,300 and forfeit criminal proceeds of nearly $1 million. In addition, the company will cooperate in any ongoing investigations of the kickback arrangement and report any evidence of kickback violations by any other EHR vendors. To ensure transparency and public awareness of the company’s activities while the nation continues to battle an epidemic of opioid addiction, the Deferred Prosecution Agreement requires Practice Fusion to make documents relating to its unlawful conduct available to the public through a website.

Additionally, the Deferred Prosecution Agreement mandates that Practice Fusion retain an independent oversight organization that is required to review and approve any sponsored CDS before Practice Fusion may implement the CDS, and create a comprehensive compliance program designed to ensure such abuses are not repeated.

The civil settlement with the United States resolves Practice Fusion’s civil liability arising from the submission of false claims to federal healthcare programs tainted by the kickback arrangement between Practice Fusion and the opioid company. It also resolves allegations of kickbacks relating to thirteen other CDS arrangements where Practice Fusion agreed with pharmaceutical companies to implement CDS alerts intended to increase sales of their products.

The $118.6 million settlement amount includes approximately $113.4 million to the federal government and up to $5.2 million to states that opt to participate in separate state agreements.

“Prescription decisions should be based on accurate data regarding a patient’s medical needs, untainted by corrupt schemes and illegal kickbacks,” said U. S. Attorney David L. Anderson of the Northern District of California. “In deciding what is best for patients, electronic health records software is an important tool for care providers. It is critically important that technology companies do not cheat when certifying that software.”

In addition to the kickback allegations, the civil settlement with the United States resolves allegations relating to two intersecting Department of Health and Human Services (HHS) programs.

One at the Office of the National Coordinator for Health Information Technology (ONC) that regulates the voluntary health IT certification program, and one at the Centers for Medicare & Medicaid Services that oversees EHR incentive programs.

Specifically, the United States alleged that Practice Fusion falsely obtained ONC certification for several versions of its EHR software by concealing from its certifying entity, known as an ONC-Authorized Certification Body, that the EHR software did not comply with all of the applicable requirements for certification.

ONC’s certification criteria were designed to promote enhanced functionality, utility, and security of health information technology, and access to patient medical information across the care continuum. HHS implemented the certification criteria for EHR software in multiple stages, known as editions. To be certified under the 2014 Edition certification criteria, EHR software was required to allow users to electronically create a set of standardized export summaries for all patients.

When Practice Fusion sought certification of this 2014 Edition criteria, Practice Fusion falsely represented to the certifying body that its software met this data portability requirement, when several versions of its software did not. The civil settlement resolves allegations that, at the time these versions of Practice Fusion’s software were certified, its software was unable to permit a user to create a set of standardized export summaries.

Additionally, after obtaining certification of the 2014 Edition criteria, Practice Fusion disabled access to this feature altogether. Instead, Practice Fusion required users to contact it separately to request export of this critical patient data.

In addition to failing to satisfy the data portability requirement, Practice Fusion’s software allegedly did not incorporate standardized vocabularies as required for certification.

The United States alleged that by fraudulently obtaining certification for its products, Practice Fusion knowingly caused eligible healthcare providers who used certain versions of its 2014 Edition EHR software to falsely attest to compliance with HHS requirements necessary to receive incentive payments from Medicare during the reporting periods for 2014 through 2016 and from Medicaid during the reporting periods for 2014 through 2017.

“As new technologies continue to develop and evolve, so too do new and innovative fraud schemes,” said Shimon R. Richmond, Assistant Inspector General for Investigations of the U.S. Department of Health and Human Services. “We will continue to be vigilant in detecting and investigating these schemes in order to protect the safety of patients in federal health programs and to ensure the appropriate use of electronic health records in providing their care.”

“Today’s announcement shows that Practice Fusion exploited technology to profit at the expense of a vulnerable population – patients seeking medical advice,” said Timothy M. Dunham, Special Agent in Charge of the FBI’s Washington Field Office, Criminal Division. “The FBI is committed to working with our partners to bring to justice the perpetrators of healthcare fraud in all its forms, especially one that fans the flames of the already rampant opioid epidemic.”

The U.S. Attorney’s Office for the District of Vermont handled the criminal investigation and resolution. The civil investigation was jointly handled by the Civil Division’s Commercial Litigation Branch and the U.S. Attorneys’ Offices for the District of Vermont and the Northern District of California. The investigation was supported by the HHS Office of Inspector General and multiple HHS agencies and components. The FBI’s field office in Washington, DC, also provided significant investigative support.

Except for the conduct admitted in connection with the criminal resolution, the civil claims resolved by the settlement are allegations only, and there has been no determination of liability as to such civil claims.

Help me maintain this news reporting blog by donating here.

Malware stealing payment card details identified with support of private partner

An INTERPOL-coordinated cyber operation against a strain of malware targeting e-commerce websites has identified hundreds of compromised websites and led to the arrest of three individuals running the malicious campaign in Indonesia.

The malware, known as a JavaScript-sniffer, targets online shopping websites.

When a website is infected, the malware steals the customers’ payment card details and personal data such as names, addresses and phone numbers, sending the information to Command and Control (C2) servers controlled by the cyber-criminals.

Data provided to INTERPOL through a partnership with cybersecurity firm Group-IB on the scope and range of this malware helped identify hundreds of infected e-commerce websites worldwide. Group-IB also supported the investigation with digital forensics expertise helping to identify the suspects.

Under Operation Night Fury, INTERPOL’s ASEAN Cyber Capability Desk disseminated Cyber Activity Reports to the affected countries, highlighting the threat to support their national investigations. In particular, the intelligence detected C2 servers and infected websites located in six countries in the Association of Southeast Asian Nations (ASEAN) region.

At the request of the Indonesian National Police, the ASEAN Desk provided technical and operational support that resulted in the arrest of three individuals suspected of commanding the C2 servers in the country.

The investigation revealed the suspects were using the stolen payment card details to purchase electronic good and other luxury items, and then reselling them for a profit.

“Strong and effective partnerships between police and the cybersecurity industry are essential to ensure law enforcement worldwide has access to the information they need to address the scale and complexity of today’s cyber threat landscape,” said Craig Jones, INTERPOL’s Director of Cyber-crime.

“This successful operation is just one example of how law enforcement is working with industry partners, adapting and applying new technologies to aid investigations, and ultimately reduce the global impact of cyber-crime,” Jones said.

In Singapore, authorities identified and took down two of the C2 servers. Investigations in other ASEAN countries are ongoing, with INTERPOL continuing to support police in locating C2 servers and infected websites and identifying the cyber-criminals involved.

Interpol.int. (2020). INTERPOL supports arrest of cybercriminals targeting online shopping websites. [Accessed 28 Jan. 2020].

Help me maintain this blog by donating here.

Pensacola Executive Sentenced To 40 Months In Federal Prison For Conspiring With Foreign Nationals To Ship Technology To Iran

Pensacola business owner James P. Meharg, 60, was sentenced to 40 months in prison on federal charges of conspiring to sell and export power generating equipment to a recipient in Iran

United States Attorney Lawrence Keefe, of the Northern District of Florida, announced on Sunday that Pensacola business owner James P. Meharg, 60, was sentenced to 40 months in prison on federal charges of conspiring to sell and export power generating equipment to a recipient in Iran, and concealing the scheme, as well as having payments routed to Meharg via a foreign country. Meharg, CEO and president of Turbine Resources International, LLC, in Pensacola, conspired with citizens of the United Kingdom and Iran to export a large turbine and parts from the United States to an Iranian recipient, in violation of the Iranian Transactions and Sanctions Regulations as well as federal criminal law.

Meharg, a U.S. citizen, conspired from October 1, 2017, to June 12, 2019, to violate the Iranian embargo by attempting to export a Solar Mars 90 S turbine core engine and parts from the United States, for delivery to an end user in Iran.

Evidence revealed that on April 25, 2018, Meharg sent an invoice for $500,000 to a conspirator in the United Kingdom and received two partial payments of $124,950 each, on May 7 and May 24, 2018, at least one of which was routed through a company in Dubai.

In total, Meharg received approximately $250,000 in funds laundered through foreign accounts as payment for having the turbine sent to Iran. Law enforcement authorities, however, were able to seize the turbine before its transatlantic journey to the end user in Iran. That end user, a conspirator in Iran, is linked to an Iranian energy company. Meharg also falsified documents used to lawfully export items from the United States.

“Exporting technology to Iran is prohibited by law in order to protect the national security interests of the United States of America, and this defendant chose to put his own self-interest and greed above such interests,” Keefe said. “Federal imprisonment should send a clear signal that
the United States cannot and will not look the other way when one of its citizens endangers the safety of our nation.”

“Today’s sentence sends a strong message that trade with Iran in violation of U.S. export control laws and regulations will not be tolerated,’ said Deputy Assistant Secretary for Export Enforcement, Douglas Hassebrock. “The Bureau of Industry and Security will vigorously pursue parties that seek to profit from illegally supplying materials to Iran.”

Assistant United States Attorney David L. Goldberg, who is a National Security Cyber Specialist, prosecuted the case following a joint investigation by the United States Department of Commerce’s Bureau of Industry and Security along with the Federal Bureau of Investigation.

“This case serves as a reminder to anyone who acts as an agent of the Iranian government in the United States, that American law enforcement is relentless in our efforts to protect the national security of this country and the freedoms of our citizens,” said Rachel L. Rojas, Special Agent in Charge of the FBI Jacksonville Division. “The FBI was proud to support our partners at the Department of Commerce – Bureau of Industry and Security in this case, and we are committed to disrupting any similar actions by individuals on behalf of Iran in the future.”

Meharg’s prison sentence will be followed by three years of federal supervised release. He was also ordered to forfeit a monetary judgment in the amount of $250,000.00.

The United States Attorney’s Office for the Northern District of Florida is one of 94 offices that serve as the nation’s principal litigators under the direction of the Attorney General. To access public court documents online, please visit the U.S. District Court for the Northern District of
Florida website. For more information about the U.S. Attorney’s Office, Northern District of Florida, visit http://www.justice.gov/usao/fln/index.html.

Help me maintain this blog by donating here.

Car of missing US Marine in Arizona found, Veteran still missing

Law Enforcement in Arizona has found a car belonging to U.S. combat veteran Jesse Conger who has been missing for more than five months.

Conger, 37, was last seen with his girlfriend, Natasha Harwell, the morning of August 14 at his apartment in Scottsdale. Harwell reported him missing the next day, and his family said he’d been suffering from post-traumatic stress disorder and depression.

The Scottsdale Police Department told FOX10 on Saturday that Conger’s car was discovered in San Carlos on Thursday, about 100 miles east of Phoenix.

His sister, Patricia Conger stated on Facebook that three men working in eastern Arizona found Jesse’s car on Thursday morning and that they called police and texted her at 10 am. When talking to locals the police were told the car had been there more than a month. The rail crew had been there the day before but didn’t notice it because of the terrains and color of the car.

“Apparently the morning sun happened to reflect off of a break light that shined in one of their eyes that made them notice it when they did. All the rain has washed away all tracks of any kind, “Conger said. “The car had the keys in the ignition, and Jesse’s maps, and fishing/hunting gear is still there. Jesse’s pistol is not there. I haven’t been able to confirm if the Xanax or Tramadol was there.”

Anyone with information of the whereabouts of Jesse Conger is asked to contact the Scottsdale Police Department.

Report: Sunni and Shi’a Extremism Plague Germany

German police conducted counterterrorism raids across the country during the week of January 13, 2020, arresting multiple alleged Islamists suspected of “planning a serious violent act endangering the state.”

IPT News has reported that German police conducted counter-terrorism raids across the country during the week of January 13, 2020, arresting multiple alleged Islamists suspected of “planning a serious violent act endangering the state.”

According to German prosecutors, the suspected terrorists were of “Chechen origin from the Islamist scene.” Raids targeted cells in Berlin and three other states including North Rhine-Westphalia – a state with a significant Hizballah and Muslim Brotherhood presence as well.

The suspects reportedly conducted surveillance of multiple locations to target in terrorist attacks, possibly including a Berlin synagogue, after video footage of the building was discovered on a suspect’s cellphone.

Germany has been increasingly vigilant against Islamist terrorism after 12 people were killed in a 2016 truck ramming attack on a Berlin Christmas market. The terrorist, Tunisian national Anis Amri, had been denied asylum.

German security authorities have foiled nine Islamist terror plots since. In November, the country’s security authorities thwarted an Islamic State bomb plot.

Most terrorism analysts and observers continue to focus only on the attacks that succeeded. Exploring major attacks that could have transpired – but were foiled by security authorities – provides a more accurate understanding of overall terrorist threats. Reporting foiled, significant plots, and including these incidents in data-sets, can also help security authorities signal the virtues of specific counter-terrorism measures to a concerned public.

Last year, for example, jihadist terrorist attacks declined by roughly 50 percent in Europe following significant spikes in attacks the previous two years. Based on this data, some observers started to believe that the Islamic State threat was declining in Europe. But by including foiled jihadist plots, overall terrorist activity in 2018 was actually higher than any year before 2015, including the 2000s when al-Qaeda struck Europe in several high-profile attacks.