The Department of Health and Human Services (HHS) Has Stepped In To Assist With Recent Cyberattacks

The ransomware infection that struck Change Healthcare in February has had such a profound effect on the U.S. health system that the Department of Health and Human Services (HHS) has stepped in to assist. The Register reports that providers including hospitals, and especially pharmacies, require assistance to provide care.

Software provided by the breached entity, an IT services subsidiary of UnitedHealth, provides software that more than 70,000 pharmacies and healthcare organizations use to process insurance claims and fill prescription orders. HHS is relaxing Medicare rules and urging advanced funding to providers to fight the widespread paralysis the attack caused.

“Numerous hospitals, doctors, pharmacies, and other stakeholders have highlighted potential cash flow concerns to HHS stemming from an inability to submit claims and receive payments,” said the department in a statement. “HHS has heard these concerns and is taking direct action and working to support the important needs of the healthcare community.”

Medicare providers are being allowed to change clearing houses for claims processed during the outage on an expedited basis. HHS is strongly suggesting that Medicare Advantage plans offer advance funding to the worst affected providers, private companies (including UnitedHealthcare) that rely on Medicare to cover individual benefits claims.

HHS is actively encouraging Medicaid and Children’s Health Insurance Program managed-care plans to relax or in some cases remove prior authorization requirements, and offer advance funding to providers that need it.

Additionally, it is ordering Medicare Administrative Contractors to accept paper claims from providers while electronic billing systems are down. This all follows new voluntary cyber security performance goals for hospitals and healthcare organizations that were issued in January.

Information security professionals predict that the goals won’t be voluntary for long, given the catastrophic failures the ALPHV/BlackCat ransomware gang attack caused.

Padraic O’Reilly, co-founder and chief innovation officer of cyber risk firm CyberSaint, told The Register that the government’s decision to step in has had a huge effect. He says the supply chain problems that the attack caused reach into the entire infrastructure around healthcare payments “It’s really high risk to have half the transactions running through one provider,” he says.

Compared with other critical infrastructure sectors, “healthcare [cyber security] historically tends to lag because they don’t always have the mandate from above that other sectors do,” O’Reilly explained.