In this column last week, we highlighted how the cyberattack against Change Healthcare — a health care technology company that is part of Optum and owned by UnitedHealth Group — is the most serious incident of its kind leveled against a U.S. health care organization.

Every day that becomes clearer. The repercussions from the attack have made it harder for many hospitals and doctors to provide patient care, fill prescriptions, submit insurance claims, and receive payment for the essential health care services they provide. Some hospitals and other care providers are experiencing extraordinary reductions in cash flow, threatening their ability to make payroll and to acquire the medical supplies needed to provide care.

While health care providers continue to implement manual workarounds to mitigate the impact on patient care, we continue to press Congress, the Administration and UnitedHealth Group to step up their efforts to respond to this unprecedented incident.

Here are just a few of the ways we are engaged in this effort.

  • Urging Congress and the Administration to Act – On Monday we sent a letter to every senator and representative outlining the seriousness of the situation and emphasizing that it "demands a whole of government response.” We have shared recommendations for actions Congress can take to support providers impacted by this incident, and we continue to meet with lawmakers to convey the far-reaching impact this is having on providers. While the Department of Health and Human Services announced some flexibilities for providers this week, more must be done. That’s why we are continuing to insist that if limitations exist for an appropriate government response, it is incumbent upon the executive branch to propose the necessary legislation and authorities to ensure the provider network in this nation is not further compromised. Earlier this week, we sent an Action Alert to hospital and health system leaders asking them to reach out to lawmakers and explain the impact this incident is having on their organization’s operations and ability to care for patients, as well as how the disruption could affect services for an extended period.
  • Keeping the Pressure on UnitedHealth Group – Since the beginning of the cyberattack, we have been in close communication with UnitedHealth Group so that we can update hospitals on the latest information about the incident. On Monday, we expressed concern that UnitedHealth Group’s Temporary Funding Assistance Program “is not even a band-aid on the payment problems” they identified and that the limited eligibility and one-sided contractual terms severely undermine the intent of the program. We have reiterated that we need “real solutions — not programs that sound good when they are announced but are fundamentally inadequate when you read the fine print.”
  • Telling Our Story — During the past few weeks, we have ramped up our efforts with the media so that they understand how this incident continues to wreak havoc on the health care system and why additional actions to support hospitals and providers are necessary. We’ve worked with many news outlets, including the Wall Street JournalNew York Times and Washington Post, to get those stories out to the public.

We know this crisis is far from over. Please make sure to visit our webpage for the latest updates and resources on these efforts. And rest assured, the AHA will continue to work with Congress, the Administration, UnitedHealth Group and all stakeholders on meaningful solutions to preserve 24/7 access to care. 

Related News Articles

Headline
The FBI, National Security Agency and Cyber National Mission Force last week issued a joint advisory about recent actions of China-linked cyber actors…
Headline
The Health Information Sharing and Analysis Center last week announced that Veeam, a software company that provides data protection, backup and disaster…
Headline
The Cybersecurity and Infrastructure Security Agency Aug. 21 published guidance providing best practices for event logging to mitigate cyberthreats. The…
Headline
The AHA has released five new tip sheets designed to fortify crisis leadership competencies during emergency events such as cyberattacks, natural disasters and…
Headline
The FBI, Cybersecurity and Infrastructure Agency and the Department of Defense Cyber Crime Center Aug. 29 issued a joint advisory to warn of Iranian-based…
Headline
Health care is under constant cyberattack threat, but how prepared is the industry to fight back? The lack of resources is especially acute in rural areas. In…