Cyberattack disrupts systems at health technology giant Change Healthcare
Editor's Note
Nationwide pharmacy delays and disrupted internal systems are among the effects of a February 21 cyberattack on Change Healthcare, one of the largest healthcare technology companies in the United States.
Systems were immediately disconnected to protect partners and patients, the organization reports, and “all other systems across UnitedHealth Group are operational” as of February 23. In 2022, Change Healthcare joined with healthcare services company Optum in a UnitedHealth Group merger.
Among other recommendations in a February 22 report, The American Hospital Association (AHA) advises organizations to back up data offline, review cyber incident response plans, review business and clinical continuity downtime procedures, and increase threat hunting and monitoring tools and techniques.
“Due to the sector wide presence and the concentration of mission critical services provided by Optum, the reported interruption could have significant cascading and disruptive effects on revenue cycle, certain health care technologies and clinical authorizations provided by Optum across the health care sector,” reads an AHA report on the matter. “We recommend that all health care organizations that were disrupted or are potentially exposed by this incident consider disconnection from Optum until it is independently deemed safe to reconnect to Optum. It also is recommended that organizations which utilize Optum’s services prepare related downtime procedures and contingency plans should Optum’s services remain unavailable for an extended period.”
In other cybersecurity news, National Institute of Standards and Technology (NIST) released the final version of its special publication titled “Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A Cybersecurity Resource Guide”. According to the February 14 announcement from NIST, this document guides organizations in implementing an information security program, and protecting health information, and otherwise ensuring compliance with the HIPAA Security Rule.
Free Daily News
- Report: Consistent, purposeful manager-team engagement reduces RN turnover
- Death, hospital readmission less likely for women treated by female doctors
- FDA announces class 1 recalls for infusion pumps, anesthesia workstation
- Study finds workforce readiness gap in new nurses
- Joint replacement manufacturer recalls products after FDA packaging warning
- Gene-edited pig kidney, heart pump combined in transplant surgery milestone
- Catheter sterility concerns prompt Class 1 FDA recall for surgery trays
- Large amounts of personal data possibly stolen in Change Healthcare cyberattack
- AI model helps predict patient decline, drive collaborative care
- One patient’s recovery highlights benefits of outpatient endoscopic spine surgery