Celo’s Post

The RISK of BIG and the RISK OF TECHNOLOGY The ongoing cybersecurity incident, that started last week (2/22), involving Change Healthcare - part of Optum which is part of United Healthcare underscores: - the risk of consolidation in healthcare market - the mounting cybersecurity risks even when an organization other than our own is attacked because of extremely connected and interdependent health IT ecosystem. ✔ First, some background. Like many hospitals, Lawrence General Hospital was notified of this cyberattack last week and as advised we immediately disconnected our systems from Change Healthcare technology. ✔ Why is the impact so severe and so large? Basically, Change Healthcare serves as a claims clearinghouse for many hospitals in the US. This means that their client hospitals can send claims to payors only through the Change Healthcare conduit. For us, we have lost the ability to send claims to ALL payors (Medicaid, Medicare, Commercial payors - BCBS, United, Point32, Aetna etc.) 💲 📉 With this channel broken, we continue to provide care, incur expenses but we cannot bill for our services. 😕 😕 😕 ✔ RISKS RISKS of consolidation: I can't find out the % of claims in the US healthcare that are processed via Change but it seems that they have a very large share of the US healthcare market. Moving forward this extreme consolidation of IT connectivity via single channel with no redundancy has to be evaluated and fixed. RISKS of Cybersecurity outside of our organization: basically, an attack on one system can affect many - this is the nature of the business. How do we enforce / demand redundancy during our business agreements with third party IT vendors that protects hospitals like us? ✔ GRATITUDE The good news is that our local hospital association - Massachusetts Health & Hospital Association, national American Hospital Association, state Medicaid - Masshealth Enrollment Center, federal payor CMS, as well as local Blue Cross Blue Shield of Massachusetts, Point32Health etc. have been very responsive in working with us in trying to understand advance payment options so that we can continue to provide care to our patients and community and cover our expense. Sharing AHA's letter below. https://lnkd.in/gV3W9ftP #healthcarereimbursement #healthcareclaims #claimsprocessing #cybersecurity #cyberattack #marketconsolidation William Sullivan, Robin Hynds, Ellen Murphy Meehan, Rosemarie Day, Laurel Sweeney, Jose Cruz, Michael Sklar, Mike Mancuso, Dan Rivera

MA hospitals losing $24M per day following Change Healthcare cyberattack - Health IT Security Title: MA hospitals losing $24M per day following Change Healthcare cyberattack #Impact of Cyberattack Massachusetts hospitals are facing significant financial losses of $24 million per day as a result of the recent cyberattack on Change Healthcare. #Revenue Loss The cyberattack has led to a disruption in revenue cycle management, causing hospitals to lose millions of dollars each day. #Operational Challenges Hospitals are struggling to maintain operations and provide quality patient care due to the cyberattack on Change Healthcare. #Importance of Cybersecurity This incident highlights the importance of robust cybersecurity measures in healthcare IT systems to prevent financial and operational disruptions. #Collaboration for Recovery Hospitals are working together to recover from the cyberattack and mitigate ai.mediformatica.com #health #hospital #maachusetts #hospitals #disruption #change #changehealthcare #healthcare #cyberattack #healthsystems #survey #alphv #digitalhealth #healthit #healthtech #healthcaretechnology @MediFormatica (https://buff.ly/3vkoMng)

Healthcare cyberattacks often result in data breaches, affecting the privacy of patients. However, as recent healthcare cyberincidents have shown, operational disruptions are also common when an organization is targeted by cyberthreat actors. In late July and early August 2024, the healthcare sector faced numerous cyberattacks and data breaches, some of which resulted in operational challenges and significant system downtime. https://lnkd.in/gejkvJ8C

Bredec Group Report: Gang Blackcat Behind Cyberattack on Change Healthcare - PYMNTS.com: Report: Gang Blackcat Behind Cyberattack on Change Healthcare  PYMNTS.com Inquiry@bredec.com

The recent Change Healthcare attack has MSPs raising concerns about our health system's vulnerability. 🚨 Cybercriminals are increasingly targeting healthcare, impacting patients and organizations alike. Read the full story here: https://ow.ly/3BsW50QR9mS #healthcare #cyberattack #msps #cyberthreats

The recent cyberattack on Change Healthcare, a critical healthcare technology company, has had significant repercussions for the U.S. healthcare system, affecting billing, care authorization, and prescription services. Here's an overview of the incident and its impact: - Change Healthcare, owned by UnitedHealth Group, manages healthcare technology pipelines, processing billions of transactions annually. - The cyberattack was discovered on February 21, 2024, prompting immediate action to disconnect Change Healthcare's systems. Restoration efforts are underway. Electronic prescribing services were fully functional as of March 7, and additional services are expected to be restored gradually.   Impact on Health Care Providers: - Many physician practices have been unable to submit claims, leading to significant disruptions in revenue cycle processes. - Health care providers face financial challenges, with estimates suggesting losses exceeding $100 million daily.   Call for Action and Concerns: - Senate Majority Leader Chuck Schumer and leading medical organizations have called for immediate action in response to the cyberattack. - The American Medical Association and the American Hospital Association have expressed concerns about the attack's impact on patient care and healthcare providers' financial viability. - Optum, another UnitedHealth Group entity, has established temporary funding assistance programs for affected providers. - Federal officials have urged CMS to make accelerated payments available to affected providers, similar to measures during the COVID-19 pandemic.   Attribution and Response Efforts: - The cyberattack was attributed to the ALPHV/BlackCat group, which reportedly received a large ransom payment related to the attack. - In December, the Justice Department targeted ALPHV in a disruption campaign, providing decryption tools to ransomware victims.   Takeaway: The cyberattack on Change Healthcare underscores the critical need for enhanced cybersecurity measures in the healthcare sector. The attack also highlights that any organization, especially critical infrastructure, should mitigate third-party applications that lead to a single point of failure. Immediate action, support for affected providers, and collaborative efforts are essential to mitigate disruptions and safeguard patient care. #HealthcareCybersecurity #CyberAttack #Healthcare #UnitedHealthGroup #CybersecurityResponse #DataBreach #ThirdPartyRiskManagement https://lnkd.in/gBpfeW78

The healthcare industry is a prime target for cyberattacks due to the amount of sensitive information they store in their databases, as seen in a recent attack on Change Healthcare. "Cyberattacks of this nature will continue to happen. As more is revealed about this attack, healthcare providers—and the industry at large—will examine crucial defenses and what the industry can learn from the situation," said Robert Dudley, managing director of health systems at BOK Financial. Learn what you can do to protect your healthcare business: https://ow.ly/tT8L50R3u53 #cybersecurityawareness

Ascension, a large U.S. non-profit health system, has suffered a cyberattack, potentially impacting its operations, care delivery, and health IT. The attack has prompted Ascension to review its security protocols and look into potential policy and regulation failings. The impact on their M&A and health insurance activities is yet to be ascertained. Further investigation is underway to secure patient data and prevent future breaches. The incident serves as a reminder of the growing threat of cyberattacks in the healthcare sector. Thoughts and Opinions are my own and don't represent Comcast. #iworkforcomcast #comcastbusiness #healtcare #cybersecurity #risk #cyberrisk #security #insurance https://lnkd.in/ep4z4ekn

📢 **FTC Expands Health Breach Notification Rule to Health Apps** 📢 Starting July 29, 2024, the FTC's updated Health Breach Notification Rule will extend HIPAA protections to developers of health apps not previously covered. This change targets the misuse of non-HIPAA-compliant apps and the sale of protected health information (PHI) by data brokers. **Key Points:** - **Who’s Affected?** Health app developers and healthcare providers recommending these apps. - **What’s Required?** Notification of individuals, the FTC, and possibly the media in case of unsecured PHI breaches. - **Action Needed:** Clinicians must inform clients and patients to use HIPAA-compliant apps, especially those involving Personal Health Records (PHRs). **Why It Matters:** PHRs let patients securely manage and share their health info, unlike EHRs controlled by providers. Choosing HIPAA-compliant PHR apps safeguards data and ensures privacy. 🔗 [Learn more about PHRs and the new FTC rule here]

The Rising Tide of Healthcare Breaches #SydneyOutsourcedITServicesBlog