Off the Record - Cerner, CDK, Facebook, and Detroit Riverfront Conservancy
Cerner
A common train of thought among tech executives is that software can improve any process. Systems that include any non-digital elements should, for efficiency’s sake, be digitized and, presumably, someone (them) should be richly rewarded for doing so.
Electronic health records, or EHR, have become a cottage industry in the US, where the catch-all ‘healthcare’ business accounts for eighteen percent of the country’s spending. The premise behind EHR is that centralizing a person’s medical information will allow doctors to make more informed care decisions. Which absolutely makes sense. Unfortunately, the reality is far more complicated.
A medical records company called Cerner - one of the two largest firms in the country - won a contract to handle EHR for the Defense Department and Department of Veteran’s Affairs (VA) in the mid 2010s, a deal worth almost $15 billion. Then, right as Cerner was rolling out its system for the VA in 2020, Oracle bought Cerner for a staggering $38 billion, its largest-ever investment.
Larry Ellison, Oracle’s founder and one of the world’s richest men, had become obsessed with EHR as part of a larger longevity push that seems to captivate many aging billionaires who’ve realized their infinite resources can’t do much against a terminal health condition.
Ellison believed that his company’s vast resources could dramatically improve EHR where others had failed. He chose Cerner because Oracle could better exploit its EHR data:
But Cerner, the go-to EHR for small and midsize hospitals, had a quality that would have appealed to Ellison: It was widely seen as taking a more relaxed approach to data privacy. The company was investing in the technology infrastructure to help hospitals share data with one another — and with third parties.
As it happens, the pandemic strengthened Oracle's case for scooping up Cerner. In the race to defeat the coronavirus, both companies were afforded greater latitude in handling patient records, including those that fall under the Health Insurance Portability and Accountability Act. That would enable Oracle to get started on Ellison's EHR of the future right away.
Sure, it’s great to have skilled developers and engineers, but what if you also could play fast and loose with patient data? Disruption!
Cerner’s problem, which Oracle’s executives would discover mere weeks after buying the company, was that its VA rollout was an unmitigated disaster:
Outages were increasingly common, and one Cerner executive says the entire system was on the verge of failing: "We were going to go off a cliff and die." The system was considered so dangerous that its rollout to the remaining 166 VA medical centers had been put on hold.
Cerner wasn’t bringing the VA from paper into the light of modernity - the Administration already had a working EHR system that its staff liked. Cerner sold the government a promise of a more modern, more secure system, and convinced the folks who signed the checks. In the end, Cerner delivered a barely functional disaster that disrupted critical care to veterans.
How bad was it?
One feature of its electronic records system had caused more than 11,000 orders for medical care to disappear into an "unknown queue." As a result, thousands of patients didn't receive the treatment their doctors had ordered.
Not great! Elsewhere, the VA’s system for scheduling mental health follow-ups broke and impacted over seventy thousand veterans receiving psychiatric care.
One risk inherent automating parts of the medical process is that the people using said systems may not have any way of knowing when it’s malfunctioning. In a system as large as the VA, a missed phone call or shipment of medication could easily go unnoticed, and many did. And it cost lives.
Investigations into veterans who died by suicide, or due to prescription errors, found Cerner’s systems at fault. Systems that Oracle now owned, and swore it would invest adequate funds and resources to fix.
How’s that going?
The company hasn't fully moved Cerner onto the cloud, as Sicilia promised. While outages have decreased, the VA says they remain "an area of significant attention."
Ellison gave speeches as recently as last year promising to use AI models to improve VA care, but in reality he and his company have grown bored of the Cerner boondoggle:
One Oracle executive, who spoke on the condition of anonymity, acknowledged that many of Cerner's clients were unhappy, in part because cuts to Cerner's workforce had left them with less day-to-day support. "There's not a whole lot we have to tell clients other than please hang in there," he says.
[…]
The VA brought this mentality to the Cerner project, flooding the company with requests for special customizations — and Oracle has grown so frustrated that it has stopped taking on individual requests that haven't been formally contracted.
Within Oracle's health team, morale has suffered. "Morale is at an all-time low," an Oracle-Cerner manager says. "We have so much important work to do. Everybody's velocity is lower because basically everybody is depressed or upset."
We live in a country where a tech company can convince the government it can deliver patient care better than the public sector, and then a whimsical billionaire can decide he can do it even better, and the result is literally killing the country’s servicemembers.
The DOD can (and may) scrap the Cerner contract, but what then? Go back to an old system? Hire a new contractor with no guarantee they’ll be any better? In the mean time, millions of veterans depend on the VA for care, and they deserve, at the very least, medical systems that work.
CDK
Elsewhere in critical software, software provider CDK Global suffered a cyberattack on its systems which has disrupted operations at fifteen thousand car dealers across the US:
Car buyers and dealers are grappling with the shutdown of the retail software provider, which has left nearly 15,000 car dealerships across North America struggling to provide services to customers and scrambling to find temporary analog solutions to operate.
Like in healthcare, the idea of centralizing operations on one software platform probably seemed like a great idea for America’s sprawling car dealer fiefdoms, but any system built by humans is vulnerable to them, and overseas hackers are quite sophisticated.
The CDK outage has taken down purchasing, rebating, and vehicle registration systems, leaving staff and customers scrambling to find alternative ways to buy and sell cars.
At some dealerships, repair systems are also on the fritz:
Jacob said the [Kia service] center told them it was unable to service the car, citing the CDK cyber incident, as there were no appointments available and all walk-ins were suspended until next week.
These relatively mundane software and systems monopolies have become all too common in the US, which creates single points of failure during an inevitable cyberattack. All it takes is one employee falling for a phishing scam or leaving data unprotected for intruders to pounce. Hackers have become adept at targeting critical services providers, leveraging the mass chaos to demand huge ransoms or even set up future attacks:
CDK hasn’t said who or which entity is behind the intrusion, but it issued a warning to customers Thursday evening, saying that outside parties are reaching out to customers, attempting to capitalize on the confusion.
Making any large software company hack-proof is impossible, so a more reasonable goal would be discouraging industries from relying on a single provider for all of their critical systems. Unfortunately, this runs counter to every market force in tech. Companies are pressured to grow at all costs, to absorb rivals, to achieve monopoly power via consolidation. Now, every hack has the potential to become a cataclysmic event.
Whether you call its parent company Meta or, like me, insist on mostly calling it by its birth name, a question worth asking about the world’s largest social media platform is - what is Facebook?
I mean this in the literal sense - what is happening on with the current iteration of Facebook’s core platform (called Blue internally) and what does the company want it to do going forward?
One theory I find credible is that Meta has largely abandoned the premise of maintaining its core product as anything other than a spam-and-ad-filled hellscape full of unchecked AI chum and bots posting at one another. It’s entirely believable that, given the multiple lawsuits threatening Meta’s online monopoly, the company has largely abandoned any appearance of moderation and is focused instead on its multiple moonshot products - AI and the metaverse. Why else would it be spending in excess of twenty billion dollars a year on things mostly no one is using, while Blue becomes nearly unusable?
Amidst this zombification of Facebook itself, a new saveur du jour has captured the attention of the Youths and the tech press - a product so old we talked about it in 2021. According to Fortune, Facebook Marketplace is now ‘a shopping empire’ ready to take on Amazon. Huh.
A lot of people are using Marketplace, because people need to buy things, and there are a lot of things on Marketplace. TikTok influencers are building followings hunting for valuable or interesting finds, a zoomer Antiques Roadshow. Maybe it’s more soothing to look at a bunch of secondhand junk than whatever the fuck is on Facebook. Whatever the reason, the company is pointing to Marketplace as proof more young users are flocking to Facebook, because they need the Blue app to access the place with the interesting stuff:
Facebook now has over 40 million daily young adult users ages 18 to 29 in the U.S. and Canada, a three-year high, with one in four using Marketplace, Meta told Fortune.
Sure, cool. The problem with this purported surge in Marketplace usage is that it’s still largely an unregulated mess, because Meta has done little to shore up its moderation. It’s a popular place to sell stolen cars:
Identity theft companies detail the many flavors of scams prevalent on Marketplace, dedicating pages to educating their users on its dangers.
Meta’s bets on growth are entirely scam-based. AI, the metaverse, and Marketplace are simply flavors of flimflam, a bet that users and investors will see growth that isn’t actually there. Whether it’s digital real estate, chatbots reading your DMs, or an online bazaar full of people competing to rip you off, Meta is no longer about connecting people or bringing the world together. It’s about sewing new appendages to a rotting corpse and hoping everyone ignores the smell.
Detroit Riverfront Conservancy
The Detroit Riverfront Conservancy was a nonprofit that took in millions of dollars to revitalize the city’s downtown core. Detroit has been hit hard by a combination of the Great Financial Crisis and the closure of many of its industrial and manufacturing plants as automakers shipped jobs out of the country.
If I were put in charge of a popular nonprofit to which people donated tens of millions of dollars, I cannot say with complete confidence I would not be tempted to use some of that money to, I don’t know, host donor dinners at fancy restaurants, or throw cool galas in extravagant locations. Having access to a bank account(s) with all that money might tempt me to use a tiny bit of it to enjoy myself, in my professional capacity, of course.
For arguments sake, it is also kind of the job of someone running a nonprofit to dedicate some of its budget for wining and dining, and galas, and whatnot. You could be forgiven for using some small portion of your funds to throw nice parties, because it could potentially result in more funds being donated.
Anyhow, another thing you could do if you were put in charge of an organization like the Detroit Riverfront Conservancy is simply steal the money:
On Wednesday, federal prosecutors said Mr. Smith abused his power to pull off an astonishing fraud: He stole nearly $40 million between 2012 and this March, they said, equal to 39 percent of all the money that the group had reported spending in that time, burning through the group’s cash reserves.
William Smith, former CFO of the Conservancy, had complete control of the organization’s finances to the extent that even the group’s accountant did not have access to any of its bank accounts. Smith chose a not-at-all suspicious way to deliver quarterly reports:
He gave [the accountant] the bank statements on paper and met her only four times a year, in the parking lot of a Honey Baked Ham store 40 miles from the office.
As a nonprofit accounting expert in the piece notes, from the outside, the Conservancy appeared to have robust oversight procedures and employed auditing firms and yet, one guy had control over all the actual money and dropped off paperwork a few times a year in a ham store parking lot.
Smith used the millions to pay his 8-figure AmEx bills, and splurged on luxury items and travel. At one point he stole so much money from the nonprofit he had to take out a five million-dollar credit line in its name, which he also stole from.
Employees at the nonprofit finally became aware of the financial issues a few months ago, and notified the FBI. Swift is facing federal fraud charges, and will likely go to prison for awhile.
The lesson here is that it might be okay to use some of your nonprofit’s money to throw a fancy party. It is not okay to use forty million dollars of your nonprofit’s money to pay your AmEx bills. That’s just regular old fraud.
Short Cons
WSJ - “Instagram regularly recommends sexual videos to accounts for teenagers that appear interested in racy content, and does so within minutes of when they first log in, according to tests by The Wall Street Journal and an academic researcher.”
NBC News - “The search for the mysterious company behind a scheme to steal Elvis Presley’s Graceland estate led last week to a small, quiet city near the Ozark Mountains and the gnome-lined porch of a trailer, nestled along one branch of a winding lake.”
WSJ - “The lie began to crack open the hidden life of a prolific philanderer and exposed how Wright skirted conflict-of-interest standards to serve his amorous and financial pursuits, The Wall Street Journal found.”
Bloomberg - “The supply chain churning out generative AI tools like ChatGPT has highly paid executives and researchers at the top, and at the bottom, working stiffs who toil at screens training algorithms. Between 150 million and 430 million people do such work, according to a recent World Bank estimate…”
CNN - “The new JAMA Pediatrics study found that, between 2021 and 2022, infant deaths in Texas surged 12.9%, compared with a much smaller increase in the rest of the US of 1.8%.”
The Guardian - “Some lawmakers have hailed this as a 20% raise for drivers – however, the deal’s pay rates are lower than almost every proposal made over the past two years amid a bitter fight between Uber, Lyft, their drivers and lawmakers.”
CDC Gaming - “This betting story first came out two weeks ago, when it was learned that Craig Williams, Prime Minister Rishi Sunak’s personal private secretary (a.k.a. his bag carrier), bet £100 at 5/1 on the election being held on 4 July, three days before Sunak announced it to the British public.”