AHA survey: Change Healthcare cyberattack having significant disruptions on patient care, hospitals’ finances

Mar 15, 2024 - 12:19 PM
cybersecurity-hand-lock-graphic_900x400

Ninety-four percent of hospitals are experiencing a financial impact from the Change Healthcare cyberattack with more than half reporting “significant or serious” impact, according to results from an AHA survey released today. The survey included responses from about 1,000 hospitals from March 9-12. More than 80% of hospitals said the cyberattack has affected their cash flow, and of those nearly 60% report that the impact to revenue is $1 million per day or more. In addition, the survey found that 74% of hospitals reported impacts to direct patient care as a result of the cyberattack. While hospitals are implementing workarounds to mitigate the patient impact and address the affected Change Healthcare systems, most hospitals are reporting that these workarounds are very labor intensive and costly.

“These survey findings are another irrefutable reminder that the impact of this cyberattack is far reaching and far from over,” said AHA President and CEO Rick Pollack. “When nearly every hospital says they are experiencing a financial loss and half of those say it’s ‘significant or serious,’ with no immediate end in sight, then the debate about whether we need to help them should be over. We continue to call on Congress and the Administration to take additional actions now to support providers as they deal with significant fallout from this historic attack. We also need UnitedHealth Group and commercial payers to step up and support patients and providers on the front lines by waiving prior authorization and timely filing requirements, as well as advancing payments that will allow providers to continue providing 24/7 care to communities.”

Related News Articles

Headline
Agencies release guidance on Microsoft Exchange server best practices
The National Security Agency, Cybersecurity and Infrastructure Security Agency and international partners released joint guidance Oct. 30 on best practices for…
Headline
Microsoft issues security update addressing critical vulnerability impacting Windows server services 
Microsoft has released a security update to address a critical remote code execution vulnerability impacting multiple versions of Windows Server Update…
Headline
2025 Cybersecurity Year in Review, Part Two: Mitigating Third-Party Risk, Ensuring Clinical Continuity and Addressing AI Risk
In part two of a recent blog, AHA National Advisor for Cybersecurity and Risk John Riggi and AHA Deputy National Advisor for Cybersecurity and Risk Scott Gee…
AHA Cyber Intel
2025 Cybersecurity Year in Review, Part Two: Mitigating Third-Party Risk, Ensuring Clinical Continuity and Addressing AI Risk
In part one of this blog, we reviewed the number of cyberattacks the health care field endured this year compared to last; provided an overview of the lessons…
Headline
CISA warns of vulnerability in F5 BIG-IP products
The Cybersecurity and Infrastructure Security Agency Oct. 15 released an emergency directive advising federal agencies to take stock of their F5 BIG-IP…
Headline
AHA blog: 2025 Cybersecurity Year in Review, Part One — Breaches and Defensive Measures
In part one of a new blog, John Riggi, AHA national advisor for cybersecurity and risk, and Scott Gee, AHA deputy national advisor for cybersecurity and risk,…