Cyberattack Causes Jitters, Deep Concern

Cyberattack Causes Jitters, Deep Concern

The recent (February 21, 2024) cyberattack on Change Healthcare has caused a shutdown of most of its operations. 

Change is one of the biggest clearinghouses in the industry, and handles the routing of claims, remittance advices, eligibility, prescriptions, and prior authorization transactions throughout the United States.  This shutdown impacted hospitals, physician offices, and other health plans that relied on Change to send and deliver transactions. 

The immediate impact was the inability of pharmacies to get prescriptions approved and paid for, for hospitals and other providers to submit claims and get paid, and for other transactions to be concluded.  The impact on patients and providers has been estimated in the hundreds of millions of dollars.

Some mitigation efforts were put in place by the Centers for Medicare & Medicaid Services (CMS) and others to allow for advance payments and loans to providers.  Of course, all of these will have to be reconciled as the claims finally begin flowing again, as Change is beginning to get systems back online and process transactions.

The federal response has taken a few forms. The U.S. Department of Health and Human Services (HHS) is undertaking a HIPAA investigation to determine if any protected health data (PHI) has been exposed; and several congresspeople are looking at laws to strengthen healthcare security.  However, the real work of this must be undertaken by entities themselves in strengthening their cybersecurity defenses and developing backup plans for situations like this.

America’s healthcare system has taken great strides in the last 20 years in implementing electronic transactions for the exchange of healthcare data and work continues to move forward in having clinical data become more available for exchange.  However, this cybersecurity incident shows the fragility of the system, especially when a major player gets shut down. 

To date, healthcare cybersecurity spending has not kept pace with other industries.  It will have to be seen if this incident spurs further investment. 

If not, the industry remains vulnerable.

Facebook
Twitter
LinkedIn

You May Also Like

Leave a Reply

Please log in to your account to comment on this article.

Subscribe

Subscribe to receive our News, Insights, and Compliance Question of the Week articles delivered right to your inbox.

Resources You May Like

Trending News

Prepare for the 2025 CMS IPPS Final Rule with ICD10monitor’s IPPSPalooza! Click HERE to learn more

Get 15% OFF on all educational webcasts at ICD10monitor with code JULYFOURTH24 until July 4, 2024—start learning today!

Unlock 50% off all 2024 edition books when you order by July 5! Use the coupon code CO5024 at checkout to claim this offer!

CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 2 with code CYBER24