Cyberattack halts U.S. health insurance system
UMD Urgent Care in Manhattan
Hailey Brown — The cyberattack that rendered a large part of the U.S. healthcare payment system useless demonstrates the fragility of networks. The attack targeted Change Healthcare, which is responsible for up to one-third of all patient records in the U.S. The company is responsible for connecting healthcare providers to insurers, meaning patients could no longer gain insurance coverage for essential medications and procedures.
The United States’ healthcare system is an example of a complex network tied together by many nodes and linkages. In this case, the network is mainly digital. Nodes like health care providers, insurance companies, pharmacies, hospitals, etc. connect through online database nodes to access important data, such as insurance coverage and patient information. Change Healthcare is one node in this network, and a rather important one. It functions as a data warehouse to streamline healthcare decisions. It allows providers to charge insurance for healthcare services or products, access patient medical records, among many other services. When Change Healthcare went offline, other nodes in the network lost a vital connection to each other, with few options to reconnect. The network has been forced to recalibrate. Some providers have opted to change their payment clearinghouse, and the U.S. The Department of Health and Human Services has authorized free 30-day supplies for all medicaid recipients.
The scale of this cyberattack spanned the local to national level, affecting individuals and companies across the country. The outage affected University of Utah pharmacies, blocking their ability to verify and charge insurance. This meant customers, including all Medicaid recipients in Utah, would have to pay out of pocket and wait for a refund once Change Healthcare came back online. Other healthcare providers have compiled massive backlogs of insurance charges to send to the company once it resumes functionality. Networks such as this, which rely on connections through one main node, are vulnerable to attacks. Hit the right node, and the entire network goes down. As in this case, when networks connecting private companies are attacked the impact may be so broad that governments feel compelled to act.
Image Source: Tdorante10, CC BY-SA 4.0