United States: The much damaging ransomware attack by an unknown hacker group on the American health technology giant –Change Healthcare– has greatly disrupted the healthcare system in the United States. It is believed that the incident is the largest-ever cyberattack on the healthcare sector and has resulted in extreme financial crisis, approximately $100 million for every day that the healthcare providers are shut down.
One big player, Change Healthcare, which is a company that arranges medical payment processes and claims around 33 percent of American patients, had faced connectivity issues in February, CBS News reported.
The attack has disrupted various aspects of healthcare operations. Suppliers endure issues related to the hardships of billing, the process of prior authorizations, and calculating the insurance coverage for medical procedures and drugs. Recent patients who are trying to pick up prescription refills have run into issues getting their refills extended, with doctors now only prescribing a two-week supply and requiring the patient to pay out-of-pocket.
In response to the crisis, the US Department of Health and Human Services (HHS) announced assistance programs for affected healthcare providers. These programs aim to support healthcare systems financially, as revenue shortages from billing disruptions hinder payroll and essential expenses. The government’s focus is particularly on assisting Medicaid providers, who may have fewer financial reserves, according to reports by CBS News.
High-level government officials, including HHS Secretary Xavier Becerra and White House domestic policy chief Neera Tanden, have engaged with United Health CEO Andrew Witty to address the payment crisis. Officials urged insurers to consider the premiums collected from patients but not paid out to healthcare providers as outstanding bills accumulate nationwide.
Regarding data security, while patient records are tightly protected under HIPAA regulations, potential vulnerabilities exist. Cyber attackers may abuse systemic holes to list connected medical supplies or extra mechanical ventilators, which act as backdoors to healthcare systems’ internet networks.
The assault serves as a clear manifestation of the requirement for reinforced cyber security mechanisms in the healthcare sector to securely store patient data and to ensure unhampered healthcare services.