We Must Step Up and Meet the Moment Following the Most Serious Cyberattack in History on Our Nation’s Health Care System

Mar 06, 2024 - 03:05 PM by
Rick Pollack, President and CEO, AHA
Rick Pollack Perspective 900x400 12-2023

In this column last week, we highlighted how the cyberattack against Change Healthcare — a health care technology company that is part of Optum and owned by UnitedHealth Group — is the most serious incident of its kind leveled against a U.S. health care organization.

Every day that becomes clearer. The repercussions from the attack have made it harder for many hospitals and doctors to provide patient care, fill prescriptions, submit insurance claims, and receive payment for the essential health care services they provide. Some hospitals and other care providers are experiencing extraordinary reductions in cash flow, threatening their ability to make payroll and to acquire the medical supplies needed to provide care.

While health care providers continue to implement manual workarounds to mitigate the impact on patient care, we continue to press Congress, the Administration and UnitedHealth Group to step up their efforts to respond to this unprecedented incident.

Here are just a few of the ways we are engaged in this effort.

  • Urging Congress and the Administration to Act – On Monday we sent a letter to every senator and representative outlining the seriousness of the situation and emphasizing that it "demands a whole of government response.” We have shared recommendations for actions Congress can take to support providers impacted by this incident, and we continue to meet with lawmakers to convey the far-reaching impact this is having on providers. While the Department of Health and Human Services announced some flexibilities for providers this week, more must be done. That’s why we are continuing to insist that if limitations exist for an appropriate government response, it is incumbent upon the executive branch to propose the necessary legislation and authorities to ensure the provider network in this nation is not further compromised. Earlier this week, we sent an Action Alert to hospital and health system leaders asking them to reach out to lawmakers and explain the impact this incident is having on their organization’s operations and ability to care for patients, as well as how the disruption could affect services for an extended period.
  • Keeping the Pressure on UnitedHealth Group – Since the beginning of the cyberattack, we have been in close communication with UnitedHealth Group so that we can update hospitals on the latest information about the incident. On Monday, we expressed concern that UnitedHealth Group’s Temporary Funding Assistance Program “is not even a band-aid on the payment problems” they identified and that the limited eligibility and one-sided contractual terms severely undermine the intent of the program. We have reiterated that we need “real solutions — not programs that sound good when they are announced but are fundamentally inadequate when you read the fine print.”
  • Telling Our Story — During the past few weeks, we have ramped up our efforts with the media so that they understand how this incident continues to wreak havoc on the health care system and why additional actions to support hospitals and providers are necessary. We’ve worked with many news outlets, including the Wall Street JournalNew York Times and Washington Post, to get those stories out to the public.

We know this crisis is far from over. Please make sure to visit our webpage for the latest updates and resources on these efforts. And rest assured, the AHA will continue to work with Congress, the Administration, UnitedHealth Group and all stakeholders on meaningful solutions to preserve 24/7 access to care. 

Related News Articles

Headline
Agencies release guidance on hardening network devices in response to cyber espionage campaign by hackers linked to Chinese government
New guidance released yesterday by the Cybersecurity and Infrastructure Security Agency, National Security Agency and FBI informs health care and other…
Headline
Advisory warns of activity by BianLian ransomware group 
A joint advisory released Nov. 20 by the Federal Bureau of Investigation, Cybersecurity and Infrastructure Security Agency and international partners warns of…
Headline
DOJ: Russian national charged with cybercrimes for ransomware attacks on hospitals, other entities 
The Department of Justice Nov. 18 announced criminal charges against Evgenii Ptitsyn, a Russian national, for allegedly administering the sale, distribution…
Headline
UN Security Council meeting discusses impact of ransomware attacks on hospitals 
A United Nations Security Council meeting the week of Nov. 4 discussed ransomware and the severe impacts that cyberattacks can have on hospitals and health…
Headline
AHA's Pollack breaks down role of hospitals in the future of health care on Pinkston podcast 
AHA President and CEO Rick Pollack was recently a guest on Pinkston's "To the Point" podcast to discuss the future of U.S. health care, touching on a range of…
Headline
Agencies provide cyberthreat updates and resources leading up to election 
The Cybersecurity and Infrastructure Security Agency, FBI and other federal agencies have created a webpage with the latest cyberthreat updates and information…