cyberattackHealthcareHealthcare Data
September 30, 2024
When the Unexpected Occurs: Another Health Plan Suffers Cyberattack

When the Unexpected Occurs: Another Health Plan Suffers Cyberattack

You never know what a day might bring. For the most part, Americans live in relative peace and safety; but, every now and then, the unexpected crisis occurs. In these moments, we’re often staggered and stymied due to the initial shock; but we soon realize there must be a prompt and appropriate response. It’s how we respond to such crises that often determines the extent to which the damage is limited, and it doesn’t hurt to be prepared before the crisis occurs. These principles are certainly applicable in today’s healthcare space.

When the Unexpected Occurs: Another Health Plan Suffers Cyberattack

Share

The Latest Victim

Over the last year or so, we have kept you informed of various hack attacks that have greatly affected large portions of the healthcare community. The cyber hit on Change Healthcare—part of the Optum network—is a recent case in point. Due to the interconnecting systems that depend on Change, the claims of many healthcare professionals throughout the country were held up, causing a delay in payments. Unfortunately, we must report that it’s happened again—not to Change but to a more regional payer.

From August 5 to August 24, McLaren Health Plan (MHP) underwent a cyberattack that, among other things, caused certain electronic medical record (EMR) systems to go offline.  MHP is a Michigan-based, licensed health maintenance organization (HMO), operating since 1998. According to its website, MHP delivers healthcare benefits to more than 250,000 members. Its statewide provider network has more than 40,000 providers and includes 98 percent of hospitals in Michigan. McLaren offers several healthcare coverage options, which include:

    • Medicare Advantage
    • Medicare Supplement
    • Individual (ON/OFF Exchange)
    • Medicaid
    • Healthy Michigan

While this latest victim of “e-crime” may not have the national footprint of Change Healthcare, the August incursion stands as yet another reminder that these attacks can happen anywhere to anyone at any time.

Challenges and Responses

As with other cyber events the larger healthcare community has experienced in recent months, this latest attack has presented problems. Coronis Health has many client groups in Michigan, and these providers have certainly been inconvenienced. In one of the facilities affected by this event, our client had some initial difficulty with scheduling and presenting demographics, among other challenges.

Due to the compromising of facility EMRs in the August attack, many of our clients have had to resort to the use of hard copy anesthesia records and other paper-based medical records. Obviously, this has required some adjustment on the part of providers who have grown accustomed to the ease of the electronic record, with its legible readouts and drop-down menus.

Going old-school seems to be one of the essential solutions when facilities and clinicians are faced with these kinds of events. At home, when the power goes out, it’s time to crank up the generators or break out the kerosine lamps, right? The U.S. Marines have an old aphorism: when things don’t go according to plan, you improvise, you adapt, you overcome. That’s the motto that workers in the healthcare space will have to increasingly adopt in this new age of electronic assaults against our vital hospital and health plan systems.

This latest example of bad behavior on the part of bad actors was limited mainly to Michigan, but it is yet another reminder that such attacks may be coming to a hospital near you or to an insurance network with significant reach. In such an event, providers will need to be prepared to rely on other means to get needed information to the billing staff. We will be there to assist you. We are gratified that one of our clients impacted by the McLaren attack thanked our team for the support they received during the recent crisis.  

What happened to MHP should act as a cautionary tale. It’s important to move with agility and efficiency once the unexpected occurs, but it is even better to be prepared before an attack is launched. Groups that expect the unexpected are those that are more likely to have a gameplan in place in case the worst happens. This means being prepared to move to paper records, having your group members trained on the critical elements that must be documented thereon, emphasizing the importance of legibility, signatures, required attestation statements, etc. The group should be aware of the location of these paper records, and they should be in sufficient supply in case the unexpected happens. Here are some other proactive measures groups may consider:

    • Having and periodically updating a signature log is another way to preplan for cyber-related shutdowns. This way, the billing staff will be able to better verify each group member’s signature in the event there is a need to quickly revert to paper records.
    • Creating a hard copy surgery schedule template and maintaining sufficient copies of such can also prove helpful. The template should have a place to denote room numbers, where applicable, inpatient/outpatient status, etc.

It feels like it’s not a matter of “if” but “when”; when will your group or facility be impacted by another cyber-assault? Those who have a plan of action in place ahead of time are more likely to be better positioned to ride out the crisis when it comes.