White House and Healthcare Community Meeting About Changes to Healthcare Ransomware Attack Mitigations

On March 12, officials and leaders from the White House, UnitedHealth Group, Department of Health and Human Services, and other industry groups got together to discuss the impact of a cyberattack on UnitedHealth Group’s Change Healthcare. This cyberattack caused problems for healthcare services for the last three weeks. They also discussed ways to help patients and healthcare providers deal with these issues.

Change Healthcare discovered the cyberattack on February 21. The attack led to a three-week outage that caused problems for healthcare providers. The Blackcat ransomware group professed to be behind the attack. The cyberattack resulted in problems such as the inability of healthcare providers to

• check if patients had insurance coverage
• request permission for certain medical procedures
• share medical records
• get paid for the services they provided

UHG has created a financial assistance program to help healthcare providers who availed the payment processing services of Change Healthcare. Healthcare providers can apply to get temporary funding using Optum Financial Services. The Centers for Medicare and Medicaid Services (CMS) have also introduced options to unload the financial pressure on providers, such as applying for advanced payment. Two weeks after the cyber attack, UHG finally announced the availability of its systems online, with its pharmacy and payment systems being 99% accessible.

A meeting held by officials from the government talked about how to help patients and healthcare providers. HHS Secretary Xavier Becerra and Deputy Secretary Andrea Palm led the meeting. White House Domestic Policy Advisor Neera Tanden, White House Deputy National Security Advisor for Cyber and Emerging Technologies Anne Neuberger, and other government officials also joined the meeting. During the meeting, they talked about specific things they can do to lessen the harm that patients and providers are facing.

Domestic Policy Advisor Tanden and Secretary Becerra highlighted the importance of collaboration between the government and the public sector to support healthcare providers. Many providers are struggling to meet payroll and provide patients with timely care. By working together and giving the required support, healthcare providers can keep on delivering excellent care to patients.

During the meeting, industry groups discussed the financial difficulties faced by healthcare providers and the gaps in support from insurance companies. Insurance companies need to step up and provide assistance to providers who are having difficulties. This includes offering faster payment options, direct communications, and flexible billing and claims processing requirements.

Insurance companies were requested to offer assistance and agreed to continuing support. The government revealed that they are trying to work on how to lessen red tape and make funding options accessible through advanced payments, and other procedures to deal with the cash flow problems that providers are encountering. White House authorities stated they would be monitoring the commitment made by insurance companies during the meeting.

The interconnection in healthcare implies that a cyberattack on one entity could have significant effects on others. Change Healthcare deals with 15 billion transactions every year. Its systems manage the information, including PHI, of 1 in 3 American patients, so the cyberattack on Change Healthcare was huge. During the meeting, DNSA Neuberger emphasized the requirement to reinforce cybersecurity resilience throughout the industry, and the value of all organizations following the HHS’s voluntary HPH Cybersecurity Performance Goals. The discussions of the meeting may be read on the HHS website.