We Must Step Up and Meet the Moment Following the Most Serious Cyberattack in History on Our Nation’s Health Care System

Mar 06, 2024 - 03:05 PM by
Rick Pollack, President and CEO, AHA
Rick Pollack Perspective 900x400 12-2023

In this column last week, we highlighted how the cyberattack against Change Healthcare — a health care technology company that is part of Optum and owned by UnitedHealth Group — is the most serious incident of its kind leveled against a U.S. health care organization.

Every day that becomes clearer. The repercussions from the attack have made it harder for many hospitals and doctors to provide patient care, fill prescriptions, submit insurance claims, and receive payment for the essential health care services they provide. Some hospitals and other care providers are experiencing extraordinary reductions in cash flow, threatening their ability to make payroll and to acquire the medical supplies needed to provide care.

While health care providers continue to implement manual workarounds to mitigate the impact on patient care, we continue to press Congress, the Administration and UnitedHealth Group to step up their efforts to respond to this unprecedented incident.

Here are just a few of the ways we are engaged in this effort.

  • Urging Congress and the Administration to Act – On Monday we sent a letter to every senator and representative outlining the seriousness of the situation and emphasizing that it "demands a whole of government response.” We have shared recommendations for actions Congress can take to support providers impacted by this incident, and we continue to meet with lawmakers to convey the far-reaching impact this is having on providers. While the Department of Health and Human Services announced some flexibilities for providers this week, more must be done. That’s why we are continuing to insist that if limitations exist for an appropriate government response, it is incumbent upon the executive branch to propose the necessary legislation and authorities to ensure the provider network in this nation is not further compromised. Earlier this week, we sent an Action Alert to hospital and health system leaders asking them to reach out to lawmakers and explain the impact this incident is having on their organization’s operations and ability to care for patients, as well as how the disruption could affect services for an extended period.
  • Keeping the Pressure on UnitedHealth Group – Since the beginning of the cyberattack, we have been in close communication with UnitedHealth Group so that we can update hospitals on the latest information about the incident. On Monday, we expressed concern that UnitedHealth Group’s Temporary Funding Assistance Program “is not even a band-aid on the payment problems” they identified and that the limited eligibility and one-sided contractual terms severely undermine the intent of the program. We have reiterated that we need “real solutions — not programs that sound good when they are announced but are fundamentally inadequate when you read the fine print.”
  • Telling Our Story — During the past few weeks, we have ramped up our efforts with the media so that they understand how this incident continues to wreak havoc on the health care system and why additional actions to support hospitals and providers are necessary. We’ve worked with many news outlets, including the Wall Street JournalNew York Times and Washington Post, to get those stories out to the public.

We know this crisis is far from over. Please make sure to visit our webpage for the latest updates and resources on these efforts. And rest assured, the AHA will continue to work with Congress, the Administration, UnitedHealth Group and all stakeholders on meaningful solutions to preserve 24/7 access to care. 

Related News Articles

Headline
OCR launches webpage with HIPAA FAQs on Change Healthcare cyberattack
The Department of Health and Human Services’ Office for Civil Rights April 19 launched a webpage answering HIPAA-related FAQs about the Change Healthcare…
Headline
Agencies issue ransomware alert, guidance for securely deploying AI
U.S. and European agencies April 18 recommended organizations implement certain best practices to protect against the latest versions of Akira ransomware,…
Headline
AHA urges Congress to reject cybersecurity proposal in HHS budget request
In a statement submitted to the House Energy and Commerce Health Subcommittee for a hearing April 17 on President Biden’s fiscal year 2025 Health and Human…
Headline
HHS Deputy Secretary Palm discusses Change Healthcare attack and future of cybersecurity
Department of Health and Human Services Deputy Secretary Andrea Palm addressed AHA Annual Membership Meeting attendees about the Administration’s work to…
Headline
Representative Guthrie discusses cybersecurity, prior authorizations and telehealth
Rep. Brett Guthrie, R-Ky., today addressed attendees of AHA’s 2024 Annual Membership Meeting and touched on many of the biggest issues in health care:…
Headline
AHA testifies at hearing on health care cybersecurity
Testifying April 16 before a House Energy and Commerce Subcommittee on Health hearing on addressing health care cybersecurity vulnerabilities in the wake of…