Massive cyberattack in healthcare
https://www.securityweek.com/change-healthcare-cyberattack-causes-significant-disruption/
Some of you may have been affected by this already, but sometime on Tuesday/Wednesday, Change Healthcare was the latest company to have a massive cyberattack. This has caused massive issues for patients. We know it is bad enough that United Healthcare filed a report to the SEC on Feb 21st to report they were a victim of cyberattack and were unsure the time it would take or the financial impact from the cyberattack. https://www.sec.gov/Archives/edgar/data/731766/000073176624000045/unh-20240221.htm
Change Healthcare (the most ironic name) is one of the largest companies that do prior authorizations, approve insurance payments for medications and provider visits, procedures and surgeries, and even control the data in some electronic med chart companies. This attack is HUGE. What I have seen personally over the week is that when medications are sent to the pharmacy, some are not being transmitted and “bounce back” to me. Insurance companies are receiving information that we saw a patient, but they are not processing the information once received. Our charting system is running on a “modified limited basis” which is a gigantic pain, as it runs super slow and is like the Window’s wheel of fortune that spins and spins before it loads what it is supposed to load. If a hospital cannot verify your benefits, they are cancelling elective procedures. Who is affected the most? Patients. It is a nuisance and pain in the ass for providers, but it is preventing insurance from paying for a medication a patient needs. And a patient cannot afford to pay out of pocket, even if that medication is generic. They may get the med for free with insurance, but it is $47 without insurance. I treat a lot of patients that are fixed income and they cannot afford that $47. We also do not know if any patient data was breached during this event, as the attack has hit insurance companies directly who have all patient data in their system. It appears that electronic charting is safe from any data breach (that may change as we learn more) but insurance companies are high risk of a breach at this point.
Is this the great undoing of modern healthcare? Is this the beginning of tearing down the medical regime and going back to patient centered care as it should be? The system that needs to be rebuilt from the garbage it is? One could only hope.
Interesting - the day of the AT&T massive outage, that Jeff covered on his C&C blog, a number of commenters on that post who are pharmacists noted that their systems were also down that day and wondered if the 2 were related.
Of course they have patient data from electronic health records. How could they not? https://rumble.com/v4f9f4t-all-electronic-health-records-and-telehealth-sessions-are-at-risk.html