The ransomware cyberattack on Change Healthcare on February 21st, 2024 has highlighted the urgent need for robust cybersecurity measures in the healthcare industry. This incident disrupted operations nationwide, causing significant financial strain. According to the American Hospital Association, this cyberattack is the most significant and consequential of its kind against the U.S. healthcare system in history.

In light of these events, it’s crucial for healthcare administrators and RCM professionals to build effective contingency plans. This article provides practical advice and strategies for safeguarding healthcare operations against cyber threats, drawing from real-life experiences and expert insights.

The Importance of Contingency Plans

Having well-documented and regularly tested contingency plans is essential to ensure operational continuity and data protection in a cyberattack.

Key Insights:

  • Prepare for the Unexpected: Healthcare providers often take for granted that systems like Change Healthcare will always be operational. The recent cyberattack highlighted the critical need for having backup plans.
  • Backup Resources: Contracting with alternative clearinghouses or having resources like Velody or Navinet to manually upload claims can significantly reduce downtime and financial impact.

Real-Life Response to the Change Healthcare Cyberattack

In managing a regional hospital’s response to the Change Healthcare cyberattack, Rick Tully, Executive Director of Revenue Cycle Management at Infinx, emphasized the importance of quick decision-making and having alternative options ready. Upon realizing the severity of the attack, Rick immediately took steps to contact alternative clearinghouses.

He recalls, “On the second day, I called them and said, guys, we can’t wait for this to come back up, we need to make a move and pivot.” After several calls, Waystar responded promptly, agreeing to get the hospital up and running in two weeks.

To minimize downtime, Rick’s billing team manually keyed high-dollar claims into the DDE system. Recognizing the unsustainable nature of manual processing, automation was utilized to handle the influx of 999 responses from clearinghouses like Availity, saving significant time and resources.

Proactive Measures and Lessons Learned

The experience underscored the importance of proactive measures to strengthen cybersecurity and operational resilience.

Proactive Strategies:

  • Dual Clearinghouses: Implementing dual clearinghouses can provide operational continuity during a cyberattack. It’s essential to ensure both clearinghouses use similar edits to avoid discrepancies and rejections.
  • Documented Backup Plans: Just as clinical operations have downtime procedures, revenue cycle processes need documented backup plans for critical systems.
  • Government and Leadership Role: There’s a need for billing systems to become agnostic, allowing easy transition between vendors during emergencies. Leadership in government and industry should focus on this to enhance overall resilience.

Advice for Other Organizations:

  • Take Immediate Action: Don’t wait for systems to come back online. Be proactive and have contingency plans ready.
  • Communicate with Payers: Engage with payers to understand their support and any exceptions for timely filing.
  • Automation and Manual Efforts: Balance automation with manual processes to manage workload during recovery.

The Change Healthcare cyberattack serves as a stark reminder of healthcare’s digital vulnerabilities. However, with robust contingency plans, proactive measures, and strategic automation, organizations can mitigate such impacts.