The unprecedented cyberattack on Change Healthcare, a major revenue cycle management firm, has thrown the U.S. healthcare system into disarray. With payment systems crippled, hospitals are now pleading for federal intervention to avert a financial crisis that could imperil care delivery.
The American Hospital Association (AHA) has ramped up pressure on Congress and the White House to take extraordinary measures supporting providers impacted by the ongoing disruptions at the UnitedHealth Group subsidiary. In a letter to leaders like Senate Majority Leader Chuck Schumer, the AHA warned the 13-day incident "demands a whole of government response."
"This attack has already imposed significant consequences on patients and the hospitals, health systems, and other providers who care for them," wrote AHA President Rick Pollack. He cited patients struggling to get care, billions in halted cash flows threatening provider viability, and skyrocketing administrative costs from laborious manual workarounds.
The AHA lambasted UnitedHealth's temporary funding assistance program as "not even a band-aid on the payment problems," and called for bold federal actions like expediting Medicare advance payments and compelling more support from the healthcare giant.
The crisis has cybersecurity experts debating the merits of potential government intervention. "Federal agencies can play a pivotal role... offering support to the affected entities in a number of ways—both in the short term and long term," said Darren Guccione, CEO of Keeper Security, outlining roles for the FBI, CISA, and NIST.
However, Critical Start's Chad Graham cautioned that such intervention could create "a moral hazard, reducing the incentive for healthcare institutions to invest in robust cybersecurity measures." Yet he acknowledged it may be needed to "prevent potentially catastrophic disruptions in patient care."
Menlo Security's Ngoc Bui alleged the attack is linked to the prolific BlackCat ransomware gang, speculating they pulled an "exit scam" after getting paid to avoid law enforcement.
[RELATED: BlackCat Eats into Its Nine Lives, Threatens More Attacks on Hospitals]
