Delaware News

Major Cybersecurity Event Impacting Health Care, Pharmacy Operations

Captive | Captive Insurance | Insurance Commissioner | Date Posted: Thursday, February 29, 2024


Official Seal of the Insurance Commissioner of Delaware

Delays impacting operations, including payments and insurance transactions

Earlier this month, one of the nation’s largest health care companies experienced a cybersecurity attack immobilizing much of the industry. Change Healthcare, a subsidiary of UnitedHealth Group that also operates as Optum Solutions, states that it interacts with 1 in every 3 patient records. Their systems are integral in many areas of pharmacy operations, provider claim processing, billing and cost estimation services, patient eligibility verifications, and other clinical decision supports.

On February 21, 2024, Change Healthcare locked their systems in an attempt to limit the impact of the cybersecurity attack discovered that day. The ongoing disruption has created adverse impacts for providers and pharmacies, generating delays for consumers, limiting the ability to process payments and consumers’ insurance, and requiring complex workarounds or movement to new systems. It is believed that the attack was completed by a foreign hacking group. Federal entities are involved in the investigation.

“The implications of this cyberattack are wide-reaching and not yet fully known. We hope that raising awareness of this issue will encourage consumers to be patient with any delays in clinical and pharmacy activities. Please know that all parties are working as hard as they can to continue operations despite this issue. If you are in urgent need of medication, or will be soon, please get in touch with your local pharmacy before visiting. You may need to use a different pharmacy, or plan to pay in cash,” said Insurance Commissioner Trinidad Navarro. “No timeline currently exists for resolution, and health care providers and pharmacies have been encouraged to remain disconnected from the impacted systems.”

Insurers have been in contact with the Delaware Department of Insurance about this issue and are in communication with contracted providers to inform them of available portals and processes. The Delaware Insurance Data Security Act has not yet been triggered, but all parties continue to watch the situation closely. Additionally, the department will be closely monitoring any potential prompt payment compliance issues that may arise as a result of this situation.

At this time, there is no indication that consumer data or insurer data has been impacted. However, consumers are still encouraged to engage in personal cybersecurity practices at an enhanced level. To protect from a cybersecurity attack, install anti-malware protection and use complex passwords that cannot be easily guessed. Do not click on suspicious links in emails or pop-ups, including those purporting to be from health care services, providers, insurers, and pharmacies. Residents might consider freezing their credit report to protect data.

View Change Healthcare’s Incident Page

image_printPrint

Related Topics:  , , , , , , , , , ,


Graphic that represents delaware news on a mobile phone

Keep up to date by receiving a daily digest email, around noon, of current news release posts from state agencies on news.delaware.gov.

Here you can subscribe to future news updates.

Major Cybersecurity Event Impacting Health Care, Pharmacy Operations

Captive | Captive Insurance | Insurance Commissioner | Date Posted: Thursday, February 29, 2024


Official Seal of the Insurance Commissioner of Delaware

Delays impacting operations, including payments and insurance transactions

Earlier this month, one of the nation’s largest health care companies experienced a cybersecurity attack immobilizing much of the industry. Change Healthcare, a subsidiary of UnitedHealth Group that also operates as Optum Solutions, states that it interacts with 1 in every 3 patient records. Their systems are integral in many areas of pharmacy operations, provider claim processing, billing and cost estimation services, patient eligibility verifications, and other clinical decision supports.

On February 21, 2024, Change Healthcare locked their systems in an attempt to limit the impact of the cybersecurity attack discovered that day. The ongoing disruption has created adverse impacts for providers and pharmacies, generating delays for consumers, limiting the ability to process payments and consumers’ insurance, and requiring complex workarounds or movement to new systems. It is believed that the attack was completed by a foreign hacking group. Federal entities are involved in the investigation.

“The implications of this cyberattack are wide-reaching and not yet fully known. We hope that raising awareness of this issue will encourage consumers to be patient with any delays in clinical and pharmacy activities. Please know that all parties are working as hard as they can to continue operations despite this issue. If you are in urgent need of medication, or will be soon, please get in touch with your local pharmacy before visiting. You may need to use a different pharmacy, or plan to pay in cash,” said Insurance Commissioner Trinidad Navarro. “No timeline currently exists for resolution, and health care providers and pharmacies have been encouraged to remain disconnected from the impacted systems.”

Insurers have been in contact with the Delaware Department of Insurance about this issue and are in communication with contracted providers to inform them of available portals and processes. The Delaware Insurance Data Security Act has not yet been triggered, but all parties continue to watch the situation closely. Additionally, the department will be closely monitoring any potential prompt payment compliance issues that may arise as a result of this situation.

At this time, there is no indication that consumer data or insurer data has been impacted. However, consumers are still encouraged to engage in personal cybersecurity practices at an enhanced level. To protect from a cybersecurity attack, install anti-malware protection and use complex passwords that cannot be easily guessed. Do not click on suspicious links in emails or pop-ups, including those purporting to be from health care services, providers, insurers, and pharmacies. Residents might consider freezing their credit report to protect data.

View Change Healthcare’s Incident Page

image_printPrint

Related Topics:  , , , , , , , , , ,


Graphic that represents delaware news on a mobile phone

Keep up to date by receiving a daily digest email, around noon, of current news release posts from state agencies on news.delaware.gov.

Here you can subscribe to future news updates.