Your Doctor has a headache and here’s why
Long story short, your doctor is probably suffering right now like many others due to a cyber security issue that’s affected them for the last few weeks. No, your doctor wasn’t hacked, but they also haven’t been paid for a while. Running a medical practice isn’t cheap or easy but it’s worse when you don’t even get paid for your work.
So what's going on?
In late February Change Healthcare, a unit of UnitedHealth Group (UHG) was impacted by a cybersecurity incident. As of now it’s reported to be a ransomware attack that affected their systems.
Many medical clearinghouses whose purpose is to electronically transmit different types of medical claims data to insurance carriers send claims to Change Healthcare. These claims are processed and doctors are sent payment for the work they already conducted. Due to Change Healthcare being down because of the ransomware attack these claims are not being processed and doctors of course are not being paid.
There are reports that Change healthcare paid a $22 million ransom, however these claims have not been confirmed by Change healthcare.
How does this affect you?
Doctors aren’t the only ones being affected. This attack also affects the pharmacies that need to look up patient insurance information and process claims for the medication they supply. NBC news reported on this just yesterday. So patients are sometimes having issues getting the medication they need in a timely manner. Some patients are having to pay out of pocket for the medications and services they need.
These attacks only happen to large organizations and they should focus on Cyber Security
We’ve covered in a previous article which you can read here how these types of attacks can affect all business sizes not only the large organizations. As they say in the cyber security industry, your not too small to get hacked, just too small to make the news.
These attacks aren’t always targeted, hackers use automated systems to send attacks out to thousands or hundreds of thousands of unsuspecting users, then more specifically target those users that fell for the initial “burst” or spread of the attack as they’ve already proven to be easy prey. So it’s not a matter of business size. Think of it this way, if you fall victim of a ransomware attack and recovering from it will take you 2-3 days and your business is stopped for that period of time, compared to the money lost in downtime, the money lost in the recovery process, and the effect on your companies reputation, would it not be easier and cheaper to pay a ransom of $5K, $10K, $20K or more to be up and running within minutes?
This case also shows how businesses can be affected by things outside of their control. Pharmacies and medical offices around the U.S. are being affected by the attack even though it didn’t happen to them. I’d recommend checking with your insurance provider to see if you’d be covered in an incident like this. Check to see if you have cyber insurance as part of your policy or need to add it as supplemental insurance. And if you already have it, have you reviewed it to see that you meet the requirements on the policy? If you’re paying for this policy only to have your claim denied when you need because you didn’t meet the policies requirements then you’re just tossing money out of the window. If you need help reviewing your policy click here to setup a FREE consultation.
