- Home
- Advocacy
- Latest News and Practice Data
- House Committee Examines Change Healthcare Cyberattack
The House Energy and Commerce Subcommittee on Health held a hearing on April 16 to examine health sector cybersecurity in the wake of the Change Healthcare attack and address barriers to implementation of cybersecurity protections. On February 21, Change Healthcare suffered a cybersecurity attack that resulted in disruptions in claims processing, delayed prior authorization requests, and other major impacts on physician practices. The CAP has continually monitored the impact the attack has had on pathology practices and laboratories and is sharing resources to assist pathologists managing the fallout. It is worth noting that at the April 16 hearing, members of Congress decried the absence of UnitedHealth Group (which owns Change Healthcare) as they did not send officials to take questions from lawmakers. During the hearing they discussed the causes and policy implications of ransomware attacks on the health care sector. Some of the points made at this hearing are as follows: Health care organizations typically do not invest in cybersecurity measures, and federal incentives are needed to rectify this The large size of consolidated health care companies, such as Change Healthcare, may exacerbate cybersecurity risk There is a need for federal privacy regulationThere are international implications for cyberattacks, as a lot of hackers are from hostile countries or will sell hacked data to hostile countries Most recently, the Department of Health and Human Services compiled information, resources, and tools from health plans and payers for providers in need of assistance – find that document online here. The following are additional resources to help pathologists navigate these ongoing issues can be found here.
The House Energy and Commerce Subcommittee on Health held a hearing on April 16 to examine health sector cybersecurity in the wake of the Change Healthcare attack and address barriers to implementation of cybersecurity protections.
On February 21, Change Healthcare suffered a cybersecurity attack that resulted in disruptions in claims processing, delayed prior authorization requests, and other major impacts on physician practices. The CAP has continually monitored the impact the attack has had on pathology practices and laboratories and is sharing resources to assist pathologists managing the fallout. It is worth noting that at the April 16 hearing, members of Congress decried the absence of UnitedHealth Group (which owns Change Healthcare) as they did not send officials to take questions from lawmakers.
During the hearing they discussed the causes and policy implications of ransomware attacks on the health care sector. Some of the points made at this hearing are as follows:
Health care organizations typically do not invest in cybersecurity measures, and federal incentives are needed to rectify this The large size of consolidated health care companies, such as Change Healthcare, may exacerbate cybersecurity risk There is a need for federal privacy regulationThere are international implications for cyberattacks, as a lot of hackers are from hostile countries or will sell hacked data to hostile countries
Most recently, the Department of Health and Human Services compiled information, resources, and tools from health plans and payers for providers in need of assistance – find that document online here. The following are additional resources to help pathologists navigate these ongoing issues can be found here.