Cybersecurity Threats in Health Insurance Today

The health insurance industry is currently grappling with an escalating wave of cybersecurity threats. Increasingly sophisticated threats are emerging due to the digitization of insurance transactions and clinical records.

Indeed, a significant recent incident was a ransomware attack on Change Healthcare, UnitedHealth Group’s unit and largest healthcare payment processor. Notably, this attack, which occurred in late February 2024, has had far-reaching impacts on healthcare operations across the country.

The Attack on Change Healthcare

Change Healthcare, a widely used platform for managing customer payments and insurance claims, was crippled by a ransomware attack. Consequently, the company had to take most of its systems offline to prevent the attack from spreading. As a result, this outage has severely impacted small and midsize healthcare providers, hindering electronic prescriptions and insurance reimbursements.

The Impact

The attack on Change Healthcare disrupted 15 billion annual transactions and impacted a third of US patient records. Consequently, thousands of pharmacies have had to resort to offline processing workarounds. As a result, over 90% of U.S. pharmacies using Change Healthcare now process payments differently.

The Response

In response to the attack, the U.S. Department of Health and Human Services (HHS) has been coordinating efforts to avoid disruptions to care throughout the healthcare system. The HHS leads coordination of related Federal activities, working with the FBI, CISA, and the White House.

Conclusion

The cyberattack on Change Healthcare underscores the growing cybersecurity risks facing the health insurance industry. It underscores the necessity for strong cybersecurity and constant alertness against changing threats. As health insurance digitizes, it must innovate and adapt cybersecurity to safeguard sensitive data.