The Cyberattack Shaking Healthcare to Its Core

The Cyberattack Shaking Healthcare to its Core

By now, you may have heard of or read something about the brutal cyberattack that hit UnitedHealth Group (UHG) subsidiary Change Healthcare. The scope of the breach was massive, and is said to have affected, or outright disrupted, every major facet of the healthcare industry.

So, what happened? What was the government asked to do to help? What does the fallout look like? And what actions has the government actually taken? Here is the Cliffs Notes version.

Change Healthcare, which connects hospitals and pharmacies with insurers, has had most of its systems offline since a Feb. 21 data breach, impeding claims and prescription processing nationwide. UHG has stated that systems will remain down until a later date in March.

According to the American Hospital Association (AHA), this is the most significant and consequential incident of its kind to impact the U.S. healthcare system in history. The AHA noted that Change Healthcare processes 15 billion healthcare transactions annually, and touches one in every three patient records.

The outage has widely affected billing, eligibility checks, prior authorization requests, and prescription fulfillment, and could spur greater emphasis on enhancing protocolsand greater oversight from the federal government.

In the wake of the attack, the feds have become involved.

First, the Centers for Medicare & Medicaid Services (CMS) issued a statement on the attack and guidance to Medicare Advantage (MA) and Part D sponsors to continue providing access to benefits by removing certain requirements – and to offer advanced funding, in some cases. CMS said it is in “communication with UHG” and “meeting with private health plans.”

Senators asked CMS itself to make accelerated and/or advanced payments available to affected providers and to streamline claims processing as well as payments.

The White House’s National Security Council has been asked to look into financial relief for hospitals, using funds from the U.S. Department of Health and Human Services (HHS) and Department of Veterans Affairs (VA).

HHS has been asked to help guarantee flexibility regarding timely filing requirements of claims, to extend timelines for appeals, and to reevaluate what counts as “critical infrastructure,” which would afford healthcare organizations more federal data breach protections.

However, none of these were able to stop or mitigate the staggering fallout from the breach.

Reports suggest that the cyberattack has impacted many insurers’ ability to track medical expenses. At the same time, insurers are observing a significant reduction in claims data following the breach, while UHG is contending with threats of litigation from patients: at least six cases seeking class-action status have been filed since the cyberattack, alleging that Change didn’t have reasonable cybersecurity measures in place.

Providers nationwide have been dealing with service delays, coping with an inability to receive and finalize reimbursements or check insurance eligibility, and hemorrhaging money.

Following all of this, CMS announced new flexibilities and relief efforts for physicians and other providers and suppliers. In particular, they made applications available for accelerated payments for Medicare Part A and B providers, directed Medicare Administrative Contractors (MACs) to expedite actions needed for providers and suppliers to change clearinghouses, urged Medicaid managed care plans to make prospective payments, and provided public information on how to submit requests for accelerated or advance payments.

While it’s still unknown how helpful these federal actions will be, we do know they are a far cry from fixing the underlying problem. The damage from the Change Healthcare data breach is extensive, and so too will be the effort to pick up the pieces.

More generally, it demonstrates how complex, interconnected, and fragile the healthcare ecosystem is. As such, the response could serve as a model for how future cyberattacks on healthcare organizations are handled – and approaches to help prevent them.

Stay vigilant, because government needs all the help it can get.

Facebook
Twitter
LinkedIn

Adam Brenman

Adam Brenman is a Sr. Gov’t Affairs Liaison at Zelis Healthcare. He previously served as Manager of Public Policy at WellCare Health Plans, where he led an analyst team in review, analysis, and development of advocacy materials related to state and federal legislation/regulatory guidance. He holds a master’s degree in Public Policy & Administration from Northwestern University and has also worked as a government affairs rep/lobbyist for a national healthcare provider association.

Related Stories

AI & Cybersecurity Outlook

AI & Cybersecurity Outlook

As we approach the holidays and look back on the past year we had and look forward to the new year and new presidential administration,

Read More

Leave a Reply

Please log in to your account to comment on this article.

Featured Webcasts

Enhancing Outcomes with CDI-Coding-Quality Collaboration in Acute Care Hospitals

Enhancing Outcomes with CDI-Coding-Quality Collaboration in Acute Care Hospitals

Join Angela Comfort, DBA, MBA, RHIA, CDIP, CCS, CCS-P, as she presents effective strategies to strengthen collaboration between CDI, coding, and quality departments in acute care hospitals. Angela will also share guidance on implementing cross-departmental meetings, using shared KPIs, and engaging leadership to foster a culture of collaboration. Attendees will gain actionable tools to optimize documentation accuracy, elevate quality metrics, and drive a unified approach to healthcare goals, ultimately enhancing both patient outcomes and organizational performance.

November 21, 2024
Comprehensive Inpatient Clinical Documentation Integrity: From Foundations to Advanced Strategies

Comprehensive Outpatient Clinical Documentation Integrity: From Foundations to Advanced Strategies

Optimize your outpatient clinical documentation and gain comprehensive knowledge from foundational practices to advanced technologies, ensuring improved patient care and organizational and financial success. This webcast bundle provides a holistic approach to outpatient CDI, empowering you to implement best practices from the ground up and leverage advanced strategies for superior results. You will gain actionable insights to improve documentation quality, patient care, compliance, and financial outcomes.

September 5, 2024
Advanced Outpatient Clinical Documentation Integrity: Mastering Complex Narratives and Compliance

Advanced Outpatient Clinical Documentation Integrity: Mastering Complex Narratives and Compliance

Enhancing outpatient clinical documentation is crucial for maintaining accuracy, compliance, and proper reimbursement in today’s complex healthcare environment. This webcast, presented by industry expert Angela Comfort, DBA, RHIA, CDIP, CCS, CCS-P, will provide you with actionable strategies to tackle complex challenges in outpatient documentation. You’ll learn how to craft detailed clinical narratives, utilize advanced EHR features, and implement accurate risk adjustment and HCC coding. The session also covers essential regulatory updates to keep your documentation practices compliant. Join us to gain the tools you need to improve documentation quality, support better patient care, and ensure financial integrity.

September 12, 2024

Trending News

Featured Webcasts

Patient Notifications and Rights: What You Need to Know

Patient Notifications and Rights: What You Need to Know

Dr. Ronald Hirsch provides critical details on the new Medicare Appeal Process for Status Changes for patients whose status changes during their hospital stay. He also delves into other scenarios of hospital patients receiving custodial care or medically unnecessary services where patient notifications may be needed along with the processes necessary to ensure compliance with state and federal guidance.

December 5, 2024
Navigating the No Surprises Act & Price Transparency: Essential Insights for Compliance

Navigating the No Surprises Act & Price Transparency: Essential Insights for Compliance

Healthcare organizations face complex regulatory requirements under the No Surprises Act and Price Transparency rules. These policies mandate extensive fee disclosures across settings, and confusion is widespread—many hospitals remain unaware they must post every contracted rate. Non-compliance could lead to costly penalties, financial loss, and legal risks.  Join David M. Glaser Esq. as he shows you how to navigate these regulations effectively.

November 19, 2024
Post Operative Pain Blocks: Guidelines, Documentation, and Billing to Protect Your Facility

Post Operative Pain Blocks: Guidelines, Documentation, and Billing to Protect Your Facility

Protect your facility from unwanted audits! Join Becky Jacobsen, BSN, RN, MBS, CCS-P, CPC, CPEDC, CBCS, CEMC, and take a deep dive into both the CMS and AMA guidelines for reporting post operative pain blocks. You’ll learn how to determine if the nerve block is separately codable with real life examples for better understanding. Becky will also cover how to evaluate whether documentation supports medical necessity, offer recommendations for stronger documentation practices, and provide guidance on educating providers about documentation requirements. She’ll include a discussion of appropriate modifier and diagnosis coding assignment so that you can be confident that your billing of post operative pain blocks is fully supported and compliant.

October 24, 2024
The OIG Update: Targets and Tools to Stay in Compliance

The OIG Update: Targets and Tools to Stay in Compliance

During this RACmonitor webcast Dr. Ronald Hirsch spotlights the areas of the OIG’s Work Plan and the findings of their most recent audits that impact utilization review, case management, and audit staff. He also provides his common-sense interpretation of the prevailing regulations related to those target issues. You’ll walk away better equipped with strategies to put in place immediately to reduce your risk of paybacks, increased scrutiny, and criminal penalties.

September 19, 2024

Trending News

Happy National Doctor’s Day! Learn how to get a complimentary webcast on ‘Decoding Social Admissions’ as a token of our heartfelt appreciation! Click here to learn more →

CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 2 with code CYBER24