Understanding the Change Healthcare Cyberattack: Implications for Providers

 

In recent weeks, the healthcare industry has been rocked by a significant cybersecurity attack on Change Healthcare, dubbed CHOPD (Change Healthcare/Optum Payment Disruption). The repercussions of this attack have impacted millions of providers, clients, and insurers alike.

In this article, we’ll delve into:

1) The details of what happened,

2) Explore its implications for providers,

3) Discuss mitigation efforts, and

4) Outline practical steps that providers can take in response to this crisis.

 

What Happened?

The cyberattack on Change Healthcare began with reports of connectivity issues on Wednesday, February 21st, which were later revealed to be the result of a cybersecurity concern. The attack, perpetrated by a cybercrime group known as BlackCat or ALPHV, targeted Change Healthcare’s systems, impacting its operations and causing widespread disruption.

UnitedHealth Group, the parent company of Optum, swiftly responded to the threat, isolating the affected systems and mobilizing resources to contain and mitigate the incident. However, the fallout from the attack continued to escalate, with reports emerging of data breaches and the potential exposure of PHI belonging to millions of individuals.

 

Implications for Providers: Navigating the Fallout

Providers have borne the brunt of the cyberattack, grappling with the immediate impacts of disrupted payment processing and claims transmission. The prolonged downtime of Change Healthcare’s systems has left many providers cash-strapped and looking for alternative solutions. Clients, too, have felt the effects, facing delays in accessing essential medications and medical and behavioral health services.

Against this backdrop, providers must navigate a complex landscape of legal and financial challenges, as lawsuits begin to surface in response to the breach. Clients are seeking recourse for the failure to protect their data, underscoring the need for robust cybersecurity measures and proactive risk management strategies within the healthcare industry.

 

Mitigating the Impact: UnitedHealth Group’s Response

UnitedHealth Group has been at the forefront of efforts to mitigate the impact of the cyberattack, rolling out a series of measures aimed at supporting providers and safeguarding client care. From restoring critical systems to offering funding assistance through its Temporary Funding Assistance Program, the company is committed to ensuring continuity of care and financial stability for affected stakeholders.

Additionally, UnitedHealth has implemented other temporary measures such as suspending prior authorization requirements and pausing utilization reviews to alleviate administrative burdens on providers and streamline client access to care.

 

Practical Steps for Providers: Moving Forward

As of March 8th, Change Healthcare’s Pharmacy Network is back online, and E-prescribing is back operating with claims submissions as well.

Tests are continuing to be run, but as of now, E-Payments should be reconnected and available on Friday, March 15th, and the aim is to restore connection to the claims network throughout the week of March 18th.

 

In the meantime, UHG has offered 2 workaround suggestions:

1. Utilizing UHG’s new iEDI Claim Submission System
2. Exploring different clearinghouse solutions

 

Additional suggestions also include: Bypassing clearinghouses by manually keying claims into payer portals (more viable for smaller agencies), establishing direct connections if you have EDI capabilities, or – while less advisable – there’s always the option to wait until connections are turned back on.

This can be easy to say but a lot to ask of many providers who have historically been able to remain fairly hands-off when it comes to EDIs, claims, and clearinghouse, who are now having to navigate manual entry of claims directly into payer portals to keep cash flowing.

Even as we say this, 13 payers used by Checkpoint providers have been directly impacted by the cybersecurity incident, and still about half of those have not been reconnected yet.

 

From our perspective, our biggest recommendations are:

1. Contact the payer(s) directly to see which aspects have been affected (claims, payments, remits, etc.)
2. See what the payer(s) recommendations are for handling
3. Reach out to your EHR directly to learn about affected payers and what their clearinghouses are doing (for Checkpoint customers and those interested, you can contact us here)

 

Furthermore, this exposed vulnerability goes to encourage all providers and payers alike that performing continued risk assessments and proactively establishing contingency plans is vital to being able to respond well amidst crisis situations.

And as a part of contingency planning, we highly recommend – to whatever extent providers are able – to explore setting up emergency funds, particularly for events like this.

 

Lastly, shoutout to Availity!

CheckpointEHR partners with Availity RCM to provide excellent clearinghouse services to our providers, and we’re grateful to say Availity jumped quickly in to support hundreds of thousands of providers experiencing revenue cycle disruptions during this cyberattack.

In just a couple of weeks, Availity has processed over $5B in claims that were caught up in the system breach with Change Healthcare.

 

—

 

To continue tracking the latest updates on this story, UHG is maintaining the latest news here.

 

Other reference materials below:

• https://www.fiercehealthcare.com/payers/optums-change-healthcare-responding-cybersecurity-issue
• https://www.unitedhealthgroup.com/ns/changehealthcare.html
• https://www.hfma.org/technology/cybersecurity/cyberattack-on-change-healthcare-brings-turmoil-to-healthcare-operations-nationwide/