In a significant cybersecurity event, Change Healthcare, a prominent provider of healthcare technology services, suffered a cyberattack. The situation underscores the intertwined nature of healthcare systems and the widespread impact such incidents can have, given the reliance on services provided by companies like Optum and Change Healthcare.
The cyberattack, which disrupted numerous systems and services at Change Healthcare, began affecting operations last Wednesday, prompting immediate action from the company to isolate and protect their partners and patients by disconnecting their systems. This move, while crucial for security, has had cascading effects on revenue cycle, healthcare technologies, and clinical authorizations across the sector.
This event serves as a stark reminder of the far-reaching consequences of cybersecurity breaches. It also highlights the importance of robust security measures, emergency preparedness, and swift response strategies to safeguard against such threats.
Organizations are advised to take several additional steps to monitor and enhance their security posture.
Disconnect from Compromised Systems: As a precaution, affected organizations are advised to disconnect from systems that are known to be compromised until they are deemed safe to reconnect.
Enhance Monitoring and Threat Hunting: Increase the monitoring of network and system activities for any signs of unauthorized access or anomalies. Employ threat-hunting practices to proactively search for indicators of compromise.
Patch and Update Systems: Ensure that all systems, especially those that are internet-facing, are up-to-date with the latest security patches. Prioritize patching known vulnerabilities that are actively being exploited.
Test and Review Incident Response Plans: Review and test cyber incident response plans. Ensure that these plans are well integrated with broader emergency management plans and include clear activation protocols.
Secure and Test Backups: Verify that data backups are secure, up-to-date, and immutable—meaning they cannot be deleted, altered, or encrypted by ransomware. Testing the restoration process from backups is also crucial to ensure quick recovery in the event of data loss.
Conduct Eligibility and Authorization Checks Manually: In cases where electronic systems for eligibility checks and prior authorizations are unavailable, organizations may need to revert to manual processes.
Communicate with Patients: Inform patients about potential delays or changes in processes, especially concerning electronic prescriptions and insurance verifications.
Engage with Law Enforcement and Cybersecurity Experts: Work closely with law enforcement agencies and cybersecurity experts to investigate any incidents, understand the impact, and apply remediation strategies.
Comments