In recent weeks, the biggest health insurance company in the United States was targeted by a cyberattack, causing major disruptions for healthcare providers. This has resulted in delays in insurance payments and prescription orders, resulting in a loss of approximately $100 million per day for physicians.
According to the American Medical Association (AMA), First Health Advisory, a cybersecurity firm specializing in the health industry, estimated the loss to be $100 million per day. In a statement, AMA President Dr. Jesse Ehrenfeld expressed concern about the impact of this breach on patients and healthcare providers, particularly smaller practices and those in rural and underserved areas.
The cyberattack was first discovered on February 21 at Change Healthcare, a subsidiary of Optum Inc., which is owned by UnitedHealth Group. In response, UnitedHealth Group reported the incident to the U.S. Securities and Exchange Commission and had to disconnect some of Change Healthcare's digital network from its clients. Despite efforts to restore services, not all have been fully recovered as of now.
Change Healthcare has reported that it is working to restore the provider payment systems by mid-March. UnitedHealth Group has also released a statement, assuring their commitment to supporting those affected by this attack and working towards a speedy recovery.
However, the effects of this cyberattack continue to affect both patients and healthcare providers. Dr. Céline Gounder, a CBS News medical contributor and editor-at-large for public health at KFF Health News, explains that the attack has impacted a significant number of patients as Change Healthcare processes payments for one-third of patients in the country. This has caused delays in services such as medication refills and prior authorizations.
To assist affected healthcare providers, the U.S. Department of Health and Human Services announced assistance programs on March 5. These programs aim to support health systems financially, as the lack of revenue from billing can make it difficult for providers to pay their staff.
Unfortunately, this cyberattack is not an isolated incident. Federal officials estimate that healthcare data breaches have increased significantly in recent years and are likely to continue in the future.