Change Healthcare, a subsidiary of UnitedHealth, took its systems offline after a cyberattack by BlackCat/ALPHV ransomware group.
The American Hospital Association said that this massive interruption is the “most significant cyberattack on the US healthcare system in American history.”
What Is the Change Healthcare Attack?
On February 21, Change Healthcare experienced an outside cybersecurity threat. When it became aware of the issue, the company disconnected its systems to prevent any further issues. Change Healthcare said that it has a “high level” of confidence that the cyberattack did not affect Optum, UnitedHealthcare, and UnitedHealth Group systems, stating it was an isolated attack on Change Healthcare. However, Change Healthcare has not said whether patient information has been compromised.
Who Is Behind the Attack?
In a statement, Change Healthcare announced that BlackCat/ALPHV identified itself to the company, claiming responsibility for the cybercrime. According to the US Department of Justice, BlackCat/ALPHV is the second most prolific ransomware-as-a-service entity in the world, with over 1000 victims of cybercrimes across the globe.
This news organization reached out to the Cybersecurity and Infrastructure Security Agency (CISA), a component of the US Department of Homeland Security, for comment on whether CISA or other agencies had taken any previous action to stop the group after other attacks.
“CISA is working with our partners and Change Healthcare to support remediation, assist impacted organizations, and share timely information to reduce the likelihood of similar intrusions,” Eric Goldstein, executive assistant director for cybersecurity, responded in a statement.
How Has the Attack Affected Oncology Practices?
Change Healthcare is a technology company that provides services to hospitals and clinics across the country, including pharmacy claims transactions, clinician claims processing, patient access and financial clearance, clinician payments, and prior authorizations.
The Community Oncology Alliance (COA) said that the cyberattack has caused a massive disruption in claims processing. COA also said that practices have reported the disruption of benefits verification for patients, prior authorizations, and financial assistance from the attack.
“It’s impacting pretty much every facet of the practice and practice management,” said Nicolas Ferreyros, managing director of policy, advocacy, and communications at COA. “Right now, practices are making do, they’re working around these challenges.”
However, Ferreyros cautioned, continuing to manage these challenges “is absolutely, 100% unsustainable” for oncology practices.
“Very soon you’re going to find practices that are having to make tough decisions about what to do, how are they going to make payroll, are they going to take financial risks on filling prescriptions and treating patients?” he added.
What Are Current Workarounds for Clinicians?
Change Healthcare recommends that clinicians use manual methods such as calling the payer’s provider service line to check patients’ claim status and complete eligibility verification and prior authorizations.
The Department of Health & Human Services has issued guidance to Medicare Advantage organizations and Part D sponsors asking them to “remove or relax prior authorization, other utilization management, and timely filing requirements” while systems are offline. The department is also asking Medicare Advantage to offer advance funding to clinicians who have been affected the most.