The cyberattack against Change Healthcare that began on Feb. 21 is the most serious incident of its kind leveled against a U.S. health care organization.

Nine days into the attack on Change Healthcare, a health care technology company that is part of Optum and owned by UnitedHealth Group, effects are continuing to be felt throughout the entire health care system.

According to Change Healthcare, the company processes 15 billion health care transactions annually and touches 1 in every 3 patient records. These transactions include a range of services that directly affect patient care, including eligibility verifications and pharmacy operations, as well as claims transmittals and payment. All of these have been disrupted to varying degrees over the past several days and the full impact is still not known.

Since the attack was first made public, the AHA has been working on many fronts to support hospitals and health systems – and the patients and communities they serve – that have been impacted by the attack.

Keeping You Informed and Sharing Information to Help Protect Your System

  • Cybersecurity Advisories – We have issued a series of Cybersecurity Advisories to provide hospitals with the latest details and guidance about the cyberattack. As the incident has evolved, the Cybersecurity Advisories have included additional information about the indicators of compromise to assist network defenders with conducting a sweep within their environment to determine whether their network has been compromised.
  • Calls with Members – On Feb. 23, we hosted a call in which nearly 3,000 hospitals leaders heard from leaders at the Department of Health and Human Services, Cybersecurity and Infrastructure Security Agency, and FBI. Our team also has had several calls with individual hospitals and health systems to hear about how the attacks are affecting their organizations and what assistance they need.
  • New Webpage with Latest Resources – We launched a new webpage that provides a convenient central source of updated information related to the cyberattack. It also includes links to all of AHA’s cybersecurity tools and resources led by AHA’s National Advisory for Cybersecurity and Risk John Riggi, who is a highly-decorated 30-year veteran of the FBI. 

Advocating for Additional Assistance to Support Hospitals and Patient Care

The AHA remains in close contact at the highest levels with UnitedHealth Group about efforts to minimize any further disruption to patient care and hospital operations resulting from this attack. 

In addition, earlier this week we sent a letter asking the Department of Health and Human Services to continue to help hospitals and health systems minimize the fallout from the cyberattack. Among other actions, we asked the department to consider proposals to: offer guidance to providers about how they may request Medicare advanced and accelerated payments; provide flexibility with respect to e-prescribing regulations; and provide an extension to the timely filing requirements under federally regulated health plans.

We will continue discussions with UnitedHealth Group and the federal government about these efforts as a prolonged disruption of Change Healthcare’s systems could mean that some hospitals and health systems may be unable to pay salaries for clinicians and other members of the care team, acquire necessary medicines and supplies, and pay for mission critical contract work in areas such as physical security, dietary and environmental services.

America’s hospitals and health systems work very hard to secure their systems against cyberattacks, and they have invested considerable financial and human resources in these efforts. Yet as we have seen too often, the resources of our cyber adversaries, many of them sponsored by hostile nation-states, are formidable.

The AHA will continue to work collaboratively with all partners to enhance cybersecurity efforts for the entire health care field so that we can continue to deliver the care that our patients and communities need.  

Related News Articles

Two Administration officials April 14 discussed how the federal government is working with hospitals and other parts of the health care sector to defend…
Sen. Ron Wyden, D-Ore., expressed to AHA members frustration with the Change Healthcare cyberattack, which he believes jeopardized patients and their personal…
The Change Healthcare cyberattack was a significant event that caught many off guard, said the Centers for Medicare & Medicaid Services Administrator…
“Even before the recent Change Healthcare cyberattack that has left some hospitals fronting millions of dollars in extra costs, a perfect storm of complex…
The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) April 5 released an advisory on the top 10 ransomware groups…
The AHA has been made aware of a validated IT help desk social engineering scheme that uses the stolen identity of revenue cycle employees or employees in…