by Holland Lively, RHIA
Below is an inside look at the cyberattack that affected countless care providers across the county - what happened, who did this affect, and how can organizations ensure that something like this doesn’t happen to them?
Let’s start back at the beginning with a refresher on clearinghouses. A clearinghouse acts as an intermediary between healthcare providers and insurance payers. It processes and translates medical claims, ensuring that they are correctly formatted and compliant with payer requirements before submission. This function is crucial for reducing errors, speeding up reimbursement processes, and maintaining compliance with regulatory standards. So, what happens when this functionality is at jeopardy?
On February 21, an unprecedented cybersecurity incident occurred at Change Healthcare, a subsidiary of Optum, involving a cyberattack that led to the unavailability of its Medical Network and Medical Network API systems. This included Relay, Relay Health, Optum, ConnectCenter and Assurance platforms. This impacted multiple sectors of the healthcare industry, including claims submission to payers, electronic remittance advise (ERAs) delivery and electronic prescription transmittance. The direct number of affected end users has not been able to be estimated.
Change Healthcare is, however, estimated to be involved in one of every three patient records. The impact of this has been felt far and wide – practices, providers, and patients are all reeling with the results of this cybersecurity attack. When a Clearinghouse is in jeopardy, cash flow challenges arise due to the inability to submit claims or receive remittances, meaning increase A/R days and payment lags. Depending on the financial reporting of the organization, there may be a significant change in the standard benchmarks that have been set for their KPI reporting. It’s a safe assumption that practices relying on Change Healthcare for claim submissions have been most impacted, but even if their clearinghouse leverages a pathway linked to Change Healthcare, practices and physicians are feeling the ramifications of this.
With the cybersecurity event, one automatically shifts to the mindset of “How can I make sure this doesn’t happen to me?”. Adopting internal policies and procedures and even partnering with a Cybersecurity organization for external expertise and advisory services can aid your organization in being as prepared as possible against bad faith actors.
In summary, Clearinghouses are indispensable to modern healthcare practices, offering benefits from error reduction and efficiency improvements to enhanced compliance and data security. By partnering with a reliable clearinghouse, practices can streamline their administrative processes, ensure faster and more accurate reimbursements, and ultimately focus more on delivering high-quality patient care. Ensuring that the organizations are protected from these unprecedented cybersecurity attacks is critical. In understanding the effects that an attack like this could have and taking the correct preparedness steps, organizations are setup to be more efficient, compliant, and financially healthy.
To stay up to date on the latest news regarding the Change Healthcare Cybersecurity response, please visit https://www.unitedhealthgroup.com/changehealthcarecyberresponse.
About the Author
Holland Lively, RHIA, is a graduate of The Ohio State University's Health Information Management and Systems program Class of 2021. She has been a member of OHIMA since 2019, starting as a Student and transitioning into her professional career. She has volunteered her time as a part of the nominating committee and is dedicated to the growth and success of her fellow HIM professionals. She currently works as a NextGen Product Manager at DAS Health, residing in Columbus, OH and enjoys spending time with her friends and family.