A major cyber attack has crippled the nation’s largest healthcare authorization and payment system, leading to weeks of missed payments.
From WaPo:
The hackers stole data about patients, encrypted company files and demanded money to unlock them. Change Healthcare subsequently shut down most of its network as it tried to recover.
The system owned by Change Healthcare, a subsidiary of United Healthcare, has been down since February 21; reports indicate BlackCat, a shadowy hacking group is responsible. BlackCat and/or a closely related entity reportedly received what appears to be a ransom payment of $22 million
UHC reported Change’s pharmacy processing functionality had been restored last week, and its
electronic payment platform would be reestablished beginning March 15, and that it expected to start testing and establishing claims network connectivity on March 18, with service restored through the week.
Don’t expect a full recovery then; that’s the date UHC will start testing a rebuilt system.
Change’s electronic communications, billing and payment system handles everything from utilization review to bill submission to validation to payment and reconciliation for hospitals, health systems, provider groups, clinics, specialty providers, pharmacies and Pharmacy Benefit Managers.
According to Change, the system handles about 15 billion transactions a year, or about half of all medical claims.
What does this mean for you?
P&C insurance execs and Boards should re-think their chronic under-investment in all things IT.
note: HSA consulted for Change prior to its acquisition by UHG in 2022.
