California doctors struggle to make payroll a month after ransomware attack


To sum up

A cyberattack paralyzed claims processing across the country, forcing doctors and hospitals to forgo payments and risk shortages of medical supplies.

For the past month, Sacramento dermatologist Dr. Margaret Parsons has been unable to submit insurance claims to receive payment for services rendered.

All of his private practice claims go through Change Healthcare, the nation’s largest insurance billing network and the subject of a Feb. 21 cyberattack that has not yet been fully resolved.

Change Healthcare, a subsidiary of UnitedHealth Group, processes about half of all medical claims nationwide. Four weeks since the cyberattack, some providers in California and elsewhere are still waiting to file claims and receive reimbursement. Meanwhile, they are struggling to pay bills and order medical supplies.

The cybersecurity breach disrupted payments and prescription drug processing for tens of thousands of hospitals, physician groups, dentists and pharmacies. The American Hospital Association called it the largest cyber attack on the US healthcare system in US history.

The attackers’ precise entry point is unknown, but ransomware attacks typically involve someone clicking on a malicious link in an email. It showed the vulnerability of the financial infrastructure that supports the healthcare system. And, providers are learning, the consequences can be long-lasting.

Parsons’ four-physician private practice sees 100 to 125 patients a day. It’s a healthy business, but the cash flow is drying up, he said. With e-invoicing, you submit your claims and are usually reimbursed within two weeks. His office released the numbers recently and he expects his practice to be fine for at least a couple of weeks.

But it’s been a stressful month, he said. Until recently, filing insurance claims was considered the old school, through paper. He chose to wait because paper claims take twice as long and are more prone to data entry errors, he said. At one point, he also questioned whether the shed needed to borrow money to pay rent and staff.

Calculate your bank balance, weekly bills, payroll and start counting big. Look at your credit line and decide whether to call your bank, he said.

He said he recently had some peace of mind after his office hired an alternative insurance claims system, which he hopes will be up and running soon. It has also applied to access Medicare advance payments through a temporary program created to give some relief to providers. Medicare is the federal public insurance program for the elderly and disabled. This option gives him some breathing space and he is optimistic that he will soon be able to file claims again.

At this point, they were hopeful for next week, he said.

Calculate your bank balance, weekly bills, payroll and start counting big. Look at your line of credit and decide whether to call your bank.

Dr. Margaret Parsons, dermatologist, Sacramento Dermatology Consultants

Change Healthcare performs more than 100 operational functions of the healthcare system, including payments and prescription drug processing.

On Monday, Change Healthcare said it plans to restore claims processing for thousands of doctors in the coming days, but like Parsons, some were still unable to process claims as of Tuesday.

On March 15, the company restored Change Healthcares electronic payment platform and is proceeding with payer implementations, the company said in an update shared with CalMatters. As of March 7, the company restored 99% of Change Healthcare’s pharmacy network services and continues to work on the remaining issues.

Persistent consequences of cyberattacks

Dr. Abid Mogannam, a vascular surgeon who treats patients in Alameda and Contra Costa counties, said about 30 percent of his claims go through Change Healthcare. Mogannam said this means 30% of his internship pay will be delayed.

It is meaningful to us. If you’re unlucky enough to contract exclusively with payers affected by this, you may have to make tough decisions like closing, going bankrupt, temporarily closing offices and limiting access to patients, he said.

This new financial pressure, he said, has added to rising costs due to inflation and just as small practices are recovering from the COVID-19 pandemic. It’s been a tough couple of years, Mogannam said. Now, with the Health Change situation, we won’t be complete for months, he said.

Last week, the California Department of Managed Health Care urged health insurance plans to accept paper claims and eliminate or relax claims filing deadline requirements. The U.S. Department of Health and Human Services issued guidance that Medicare providers should relax or eliminate claims filing requirements and encouraged state Medicaid providers to do the same, after which the agency began to extend loans to Medicare providers.

The disruption caused by this unprecedented cyber assault threatens the very existence of many practices, especially smaller practices and those serving rural and underserved communities, California Medical Association President Tanya Spirtos said in a blog post. This is an urgent crisis that requires immediate action.

Payment to hacker group

As health care providers struggle to make ends meet and order medical supplies, the perpetrators of the attack remain at large. After a Bitcoin payment worth about $22 million, the ALPHV/Blackcat hacker group that claimed responsibility for the attack cheated on the co-conspirators and allegedly disbanded days later.

ALPHV/Blackcat is a multinational gang that emerged in 2021 and is the maker of the world’s second most prolific ransomware variety as a service. Since 2021, the Federal Bureau of Investigation believes that more than 1,000 U.S. entities from municipal governments and critical infrastructure providers have fallen victim to ransomware attacks.

A vulnerability that emerged in late 2023 is disproportionately affecting the healthcare sector, according to a cybersecurity advisory issued by the Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency, and the Department of Health and Human Services. An investigation is ongoing and no further details about the vulnerability have been released.

Law enforcement agencies from the US as well as Australia, Denmark, Germany, Spain and the UK participated in a joint campaign to disrupt ALPHV/Blackcat activity by December 2023.

In a warning issued less than a week before the Change Healthcare attack, the US government promised rewards of up to $15 million for information leading to the conviction of members of the ALPHV/Blackcat ransomware gang .

The disruption caused by this unprecedented cyber assault threatens the very existence of many practices, especially smaller practices and those serving rural and underserved communities.”

Tanya Spirtos, president of the California Medical Association

The attack on Change Healthcare has particularly affected Riaz Lakhani. Lakhani heads ​​​​​​​​​​​​​​​​​​​​​​​​​​cybersecurity for the Campbell-based company Barracuda Networks, said his wife has a dental practice. He said they have considered dipping into personal savings to keep their dental practice solvent.

Riaz says the attack shows that a single point of failure or a large billing company like Change Healthcare is an attractive incentive for attackers interested in getting hold of a large amount of data.

He said the incident raises questions about whether Change Healthcare had an adequate disaster recovery program and whether hackers will try to sell data obtained during the attack on the dark web where healthcare data, where data from ‘health care is only worth more.

It’s also unclear whether UnitedHealth Group’s 2022 acquisition of Change Healthcare introduced vulnerabilities or whether hackers will try to sell data obtained from the attack, Riaz said. Last week, the US Department of Health and Human Services’ Office for Civil Rights opened an investigation into whether there was a breach of protected health information or a violation of the federal health care privacy law. .

Cyber ​​attacks on hospitals, schools

When the attack is over, there will be a lot of hindsight about how the largest cyberattack on the health care system in U.S. history could have been prevented, said Amy Chang, a senior fellow at the R Street Institute and former chief operating officer of cybersecurity at San Francisco-based JP Morgan. The attack illustrates the appeal of targeting public institutions such as schools, local governments and hospitals: they are prime targets because they tend to have relatively limited cybersecurity budgets and provide essential services. Cybersecurity experts refer to them as target-rich and resource-poor.

The Change Healthcare attack also shows the consequences of consolidating key technologies with a handful of corporations. The attack is similar to the 2021 Colonial Pipeline cyber attack, which shut down several pipelines and caused fuel shortages on the US East Coast.

You’re seeing the same kind of cascading effects, if not even more so because of this entity that you’ve probably never even heard of before it’s happening with these far-reaching ramifications that, especially in the healthcare field , they end up really putting lives at risk. , Chang said.

New Zealand-based cybersecurity firm Emsisoft found that in the United States, cybersecurity attacks on hospitals increased in 2023 compared to 2022 and 2021. Attacks on school districts also increased during that time period. . Last fall, researchers estimated that ransomware attacks in the US killed dozens of Medicare patients between 2016 and 2021.

Parsons, the Sacramento dermatologist, says that while her practice will have to keep a tight budget until she can start billing again, she’s more concerned about colleagues who practice a more expensive type of medicine, such as oncology

We’ll be fine, he said. But when you think about other types of practices that are affected, it’s very real.


#California #doctors #struggle #payroll #month #ransomware #attack
Image Source : calmatters.org

Leave a Comment