• Revenue Cycle Management
  • COVID-19
  • Reimbursement
  • Diabetes Awareness Month
  • Risk Management
  • Patient Retention
  • Staffing
  • Medical Economics® 100th Anniversary
  • Coding and documentation
  • Business of Endocrinology
  • Telehealth
  • Physicians Financial News
  • Cybersecurity
  • Cardiovascular Clinical Consult
  • Locum Tenens, brought to you by LocumLife®
  • Weight Management
  • Business of Women's Health
  • Practice Efficiency
  • Finance and Wealth
  • EHRs
  • Remote Patient Monitoring
  • Sponsored Webinars
  • Medical Technology
  • Billing and collections
  • Acute Pain Management
  • Exclusive Content
  • Value-based Care
  • Business of Pediatrics
  • Concierge Medicine 2.0 by Castle Connolly Private Health Partners
  • Practice Growth
  • Concierge Medicine
  • Business of Cardiology
  • Implementing the Topcon Ocular Telehealth Platform
  • Malpractice
  • Influenza
  • Sexual Health
  • Chronic Conditions
  • Technology
  • Legal and Policy
  • Money
  • Opinion
  • Vaccines
  • Practice Management
  • Patient Relations
  • Careers

‘Tremendous financial strain’ – Physicians struggling after Change Healthcare cyberattack


AMA poll shows effects on processing claims linger weeks after announcement of major computer hack.

medical cybersecurity concept: © BillionPhotos.com - stock.adobe.com

© BillionPhotos.com - stock.adobe.com

Doctors continue to struggle financially due to the Change Healthcare cyberattack.

More than a third of physician practices (36%) have seen the suspension of claim payments, according to a survey by the American Medical Association. Four out of five (80%) said they lost revenue from unpaid claims, and more than half (55%) used personal funds to cover expenses, the AMA said.

In addition, 32% have said they can’t submit claims, and 22% said they can’t verify if patients are eligible for benefits. The AMA conducted what it called an “informal survey” between March 26 through April 3, with more than 1,400 respondents.

Jesse M. Ehrenfeld, MD, president of the AMA, said the cyberattack has caused “tremendous financial strain” for physician practices.

“These survey data show, in stark terms, that practices will close because of this incident, and patients will lose access to their physicians,” Ehrenfeld said in a statement. “The one-two punch of compounding Medicare cuts and inability to process claims as a result of this attack is devastating to physician practices that are already struggling to keep their doors open.”

Physician practices, medical groups, and hospitals and health systems have all been taking a financial hit from the Change Healthcare cyberattack. A subsidiary of UnitedHealth Group, Change Healthcare processes claims, billing, prescriptions and other services for providers nationwide. The company handles roughly one out of every three patient records, healthcare groups note.

Nearly all hospitals (94%) said they have suffered a financial impact from the Change Healthcare attack, according to a survey by the American Hospital Association. Nearly 60% of the hospitals said the impact on their revenue has been $1 million per day or greater.

Rick Pollack, president and CEO of the American Hospital Association, said earlier this month that hospitals continue to struggle with disruptions stemming from the cyberattack. Speaking at the Hospital + Healthcare Association of Pennsylvania Leadership Summit, Pollack said it’s unclear which hospitals may be directly affected by the loss of patient information, or how many records may have been taken.

Organizations are required to notify patients about health data breaches. While it’s unclear which hospitals are affected, Pollack said the notification requirements belong to Change Healthcare or UnitedHealth.

“It's their responsibility to inform patients, not our responsibility,” Pollack said.

UnitedHealth Group has made about $4.7 billion in payments to providers. The company has said it will continue to offer assistance to providers until there is a full system recovery. In a court filing this month, Change Healthcare said it has “worked tirelessly” to restore systems and support providers and consumers.

UnitedHealth Group has said the attack was launched by the “Blackcat” ransomware gang, which has targeted healthcare organizations in the past, federal authorities say.

Two dozen lawsuits have already been filed as of early April, almost evenly split between patients and providers, according to a court filing by Change Healthcare. The company has moved to have the cases consolidated in Nashville.

The U.S. Department of Health & Human Services said last month it has launched an investigation of Change Healthcare and UnitedHealth Group to determine if there was a violation of federal privacy regulations. The department cited the “unprecedented magnitude of this cyberattack.”

Cybersecurity experts have said the Change Healthcare attack illustrates that any health care organization is vulnerable to breaches.

K. Craig Kent, CEO of UVA Health, told Chief Healthcare Executive® in a March interview that the attack is a vivid example of the dangers health systems face from cyberattacks. Kent said he is confident UVA Health will weather the storm, but he said cybersecurity must be a top priority for hospitals and health systems.

“It's absolutely fascinating to see how one security breach can affect health care across the United States. It's fascinating, and it's scary,” Kent said. “I'm sure this is just the beginning of the challenges that we'll have over the next decade, related to cybersecurity and the interconnectedness of us and other health systems and all the companies that support us.”

Related Videos
© National Institute for Occupational Safety and Health
© National Institute for Occupational Safety and Health
© National Institute for Occupational Safety and Health
© National Institute for Occupational Safety and Health