In response to a cybersecurity breach that has disrupted the U.S. healthcare system, the federal government has taken action to support hospitals and healthcare providers impacted by a hack at UnitedHealth Group’s technology unit, Change Healthcare.
The attack, orchestrated by the Blackcat ransomware group and disclosed on Feb. 21, has compromised electronic pharmacy refills and insurance transactions, Reuters reported Wednesday (March 6).
With healthcare services across the nation being hit hard, the Centers for Medicare & Medicaid Services(CMS), a division of the Department of Health and Human Services (HHS), announced measures to expedite Medicare and Medicaid payments to those affected, according to the report.
Despite these efforts, concerns remain within the healthcare community, the report said. Industry groups, including the American Hospital Association (AHA) and the American Medical Association (AMA), have voiced that the government’s current measures fall short of addressing the full scale of the crisis. AHA President Rick Pollack emphasized the need for a more comprehensive response, analogous to the urgency and leadership shown during other national crises.
Both organizations have urged the HHS to expand the availability of accelerated payments, reminiscent of those issued during the COVID-19 pandemic, to counter the cash flow dilemmas engendered by this cybersecurity breach, per the report. The AMA has specifically called for further financial assistance, including advanced payments for physicians, to protect individual practices from the consequences of the hack.
Acknowledging the severity of the situation, CMS has outlined a process for hospitals to request accelerated payments, according to the report. Additionally, it encouraged Medicare Advantage plans to offer advance funding to the providers most severely hit by the disruption.
UnitedHealth Group posted its first update reporting connectivity issues at Change Healthcare Feb. 21. On the following day, it said in a filing with the Securities and Exchange Commission (SEC) that a “suspected nation-state associated cybersecurity threat actor” gained access to some of Change Healthcare’s IT systems.
The breach severely disrupted Change Healthcare’s billing services, leading to nationwide concerns among healthcare providers and a Monday (March 4) appeal by the AMA to the Biden Administration for urgent support for affected physicians.
A week after the attack, Change Healthcare rolled out a new version of its ePrescribing service, Wednesday’s Reuters report said.