On February 21, Russian hackers accessed the servers of Change Healthcare, locked files and issued a ransom. Today, three weeks later, the impact of the attack is still being felt. Government leaders, officials at Change Healthcare (a subsidiary of UnitedHealth Group) and representatives in the healthcare industry are working to minimize the effects on patients and providers.
The impact was quickly felt by providers and hospital systems using Change Healthcare. The company processes about 15 billion healthcare transactions a year and touches one out of every three patient records in the country. As claim submission and electronic payment processing ground to a halt, the revenue streams of physician groups and healthcare systems were hampered if not disrupted. The impact was especially felt in places like our home state of Mississippi, where staffing shortages and a large number of uninsured patients already taxes the healthcare system.
Federal officials teamed up with industry leaders to minimize the effects of the disruption on payments and on healthcare delivery. Efforts have been made to provide relief by pressing UnitedHealth Group to access cash reserves to keep payments to providers flowing. Small to mid-size healthcare groups are most in danger of damaging revenue shortfalls. Those working on the issue also explored relief by asking other processors to step up by easing administrative burdens, pausing prior authorizations and issuing advanced payments to keep cash flows active.
Some reports have mentioned the possibility that UnitedHealth Group paid the hackers a $22 million ransom for release of the hacked data, something the company hasn’t confirmed. UnitedHealth Group has announced a timeline for bringing its network back online and it expects to begin testing its claims network and bringing it back online by March 18.
UnitedHealth Group reported revenues of $372 billion last year. Government officials and industry leaders have cited the company’s fiscal health and its outsized influence over the sector to call upon the Group to act more decisively and robustly to protect the fiscal health of frontline providers.
The episode, described as the most significant of its kind in the history of U.S. healthcare, underscores the need for as much security as possible around records and data in healthcare. Government officials at CMS and leaders at the American Hospital Association have asked Congress and industry leaders to use the event as a catalyst to work on best practices to both minimize the impact of this kind of disruption and to try to prevent it from happening again.
Comments