In this column last week, we highlighted how the cyberattack against Change Healthcare — a health care technology company that is part of Optum and owned by UnitedHealth Group — is the most serious incident of its kind leveled against a U.S. health care organization.

Every day that becomes clearer. The repercussions from the attack have made it harder for many hospitals and doctors to provide patient care, fill prescriptions, submit insurance claims, and receive payment for the essential health care services they provide. Some hospitals and other care providers are experiencing extraordinary reductions in cash flow, threatening their ability to make payroll and to acquire the medical supplies needed to provide care.

While health care providers continue to implement manual workarounds to mitigate the impact on patient care, we continue to press Congress, the Administration and UnitedHealth Group to step up their efforts to respond to this unprecedented incident.

Here are just a few of the ways we are engaged in this effort.

  • Urging Congress and the Administration to Act – On Monday we sent a letter to every senator and representative outlining the seriousness of the situation and emphasizing that it "demands a whole of government response.” We have shared recommendations for actions Congress can take to support providers impacted by this incident, and we continue to meet with lawmakers to convey the far-reaching impact this is having on providers. While the Department of Health and Human Services announced some flexibilities for providers this week, more must be done. That’s why we are continuing to insist that if limitations exist for an appropriate government response, it is incumbent upon the executive branch to propose the necessary legislation and authorities to ensure the provider network in this nation is not further compromised. Earlier this week, we sent an Action Alert to hospital and health system leaders asking them to reach out to lawmakers and explain the impact this incident is having on their organization’s operations and ability to care for patients, as well as how the disruption could affect services for an extended period.
  • Keeping the Pressure on UnitedHealth Group – Since the beginning of the cyberattack, we have been in close communication with UnitedHealth Group so that we can update hospitals on the latest information about the incident. On Monday, we expressed concern that UnitedHealth Group’s Temporary Funding Assistance Program “is not even a band-aid on the payment problems” they identified and that the limited eligibility and one-sided contractual terms severely undermine the intent of the program. We have reiterated that we need “real solutions — not programs that sound good when they are announced but are fundamentally inadequate when you read the fine print.”
  • Telling Our Story — During the past few weeks, we have ramped up our efforts with the media so that they understand how this incident continues to wreak havoc on the health care system and why additional actions to support hospitals and providers are necessary. We’ve worked with many news outlets, including the Wall Street JournalNew York Times and Washington Post, to get those stories out to the public.

We know this crisis is far from over. Please make sure to visit our webpage for the latest updates and resources on these efforts. And rest assured, the AHA will continue to work with Congress, the Administration, UnitedHealth Group and all stakeholders on meaningful solutions to preserve 24/7 access to care. 

Related News Articles

Headline
The Health Sector Cybersecurity Coordination Center on Oct. 28 released a report on the "Miracle Exploit," a set of critical vulnerabilities affecting Oracle…
Headline
A new AHA Cyber Intel blog by John Riggi, AHA’s national advisor on cybersecurity and risk, examines current trends and challenges in health care regarding…
Chairperson's File
Cyberattacks are increasing and expected to reach record numbers in the U.S. by the end of 2024. Although no field or industry is immune from attacks that…
Headline
A joint advisory issued Oct. 16 by the FBI, the Cybersecurity and Infrastructure Security Agency, the National Security Agency and international agencies warn…
Headline
The FBI, along with the National Security Agency, Cyber National Mission Force and United Kingdom’s National Cyber Security Centre, today released a joint…
Headline
The Department of Justice last week announced a new strategic approach to combating cybercrime which involves "using all tools” to disrupt cybercriminals and…