A debilitating cyberattack on Change Healthcare has imposed significant financial strains on the Massachusetts health care system, costing approximately $24 million per day. The Massachusetts Health and Hospital Association (MHA) revealed this staggering figure on Monday, based on input from 12 hospitals and health systems affected by the attack.
The cyber incident, which occurred on February 21, targeted Change Healthcare, a subsidiary of UnitedHealth Group, disrupting crucial services such as eligibility verification, claims processing, and prior authorization submissions. The attack prompted concerns over the financial implications for healthcare providers, with MHA urging health insurers to offer financial relief.
UnitedHealth Group anticipates restoring Change Healthcare systems later this month, but MHA remains cautious, emphasizing the ongoing uncertainty surrounding the timeline for full system recovery.
The attack’s impact extends beyond financial losses, raising concerns about the resilience of the healthcare ecosystem’s cybersecurity infrastructure. The U.S. Department of Health and Human Services highlighted the incident’s broader implications, emphasizing the urgent need for enhanced cybersecurity resilience across the healthcare sector.
To mitigate the financial strain on hospitals, MHA called for bridge payments and flexible operating policies from health insurers until Change Healthcare’s systems are fully restored. Blue Cross Blue Shield of Massachusetts has implemented some policies, while other insurers are exploring individualized solutions with affected providers.
Lora Pellegrini, CEO of the Massachusetts Association of Health Plans (MAHP), underscored insurers’ commitment to collaborating with providers on tailored solutions, including bridge funding, to address the aftermath of the cyberattack.
The incident underscores the imperative for healthcare organizations to invest in backup systems and cybersecurity measures to mitigate future cyber threats. Legislative efforts are underway on Beacon Hill to enhance cybersecurity regulations and response capabilities, emphasizing the need for comprehensive cybersecurity and artificial intelligence legislation.
Sen. Michael Moore emphasized the importance of collaboration among lawmakers, government officials, and the private sector to address cybersecurity challenges and safeguard essential services.