A major health care technology company is still scrambling to restore its downed systems following a massive cyberattack, which has crippled operations in health care systems across the country for ten days.
“The cyberattack against Change Healthcare that began on Feb. 21 is the most serious incident of its kind leveled against a U.S. health care organization,” according to the American Hospital Association (AHA).
The Nashville-based healthcare technology company says it continues to work with law enforcement and cyber security consultants to get their systems back to normal following the cyberattack, but it does not know how long it will take to get fully resolved.
An official company statement says a ransomware group that identifies itself as ALPHV/Blackcat has claimed responsibility for the cyberattack and perpetrated the online hack.
In its filing with the U.S. The Securities and Exchange Commission, Change Healthcare reported that it “isolated the impacted systems from other connecting systems in the interest of protecting our partners and patients” immediately after the hack was discovered.
The health care technology company, owned by UnitedHealth and part of Optum Health, processes 15 billion health care transactions every year. These transactions directly affect patient care, including pharmacy operations, claims transmittals, and payment processes.
According to its online update, the company says there are “multiple workarounds to ensure people have access to the medications and the care they need” as patient care remains its top priority. But it also says it is still trying to understand the impact on its members, patients, and customers.
Since the online hack, members say a substantial portion of their claims cannot be processed. Eligibility verifications necessary to determine whether a patient’s insurance covers a specific treatment cannot be completed.
“All of these transactions have been disrupted to varying degrees over the past several days and the full impact is still not known, “ according to Rick Pollack, AHA President and CEO. “The effects are continuing to be felt throughout the entire health care system,” he wrote in a statement.
Mr. Pollack has since sent a letter to the U.S. Health and Human Services Secretary Xavier Becerrra asking for help to minimize the fallout for hospitals and health systems across the country. He also warned that any prolonged disruption could cripple the ability of many hospitals to offer the full set of health care services to their communities.
“After all, without this critical revenue source, hospitals and health systems may be unable to pay salaries for clinicians and other members of the care team, acquire necessary medicines and supplies, and pay for mission critical contract work in areas such as physical security, dietary and environmental services,” the letter reads.
The full impact of the cyberattack is still unclear, but Change Healthcare’s “vast nationwide reach suggests that it could be massive,” according to Mr. Pollack.
The AHA executive also warned that hospitals and health systems may need immediate federal support if Change Healthcare systems remain down.
