Dinsmore & Shohl LLP
  March 7, 2024 - Louisville, Kentucky

Prescribing Security: Why Healthcare Companies Should Take Note of Recent Ransomware Attack
  by Craig S. Horbus, Laura F. Fryan

At any hour, your company is vulnerable to cybercriminals aiming to cripple your operations. The repercussions are vast, from productivity loss to compromising sensitive information, which erodes trust with customers and employees alike. The financial toll and reputational harm can be severe and lasting. Whether facing a widespread assault or a precise strike, these attacks are escalating in frequency, sophistication and financial impact.

On February 21, 2024, Change Healthcare, a healthcare technology company under Optum and owned by UnitedHealth Group, disclosed enterprise-wide connectivity issues and service application interruptions, attributing them to the ALPHV/Blackcat ransomware as a service (Raas) threat actor. This incident affected tools used for healthcare payment and revenue cycle management across various healthcare provider customers in the United States.

Consequences of this incident include disruptions in pharmacy and health system operations nationwide, prompting the American Hospital Association (AHA) to advise healthcare organizations potentially affected to disconnect from Change Healthcare applications until the situation resolves. To mitigate the impact, over 90% of U.S. pharmacies have implemented modified electronic claims processing methods, while the remaining have resorted to offline processing systems. This, according to UnitedHealth Group.

In the event of compromised patient data, affected organizations may face legal obligations under HIPAA and state breach notification laws, leading to regulatory scrutiny or privacy-related lawsuits. The incident is part of a broader trend, with the FBI identifying over 1,000 global victims of ALPHV Blackcat ransomware and data extortion, with healthcare being a primary target.

A report from Health-ISAC suggests potential exploitation of certain ConnectWise ScreenConnect vulnerabilities may be behind the attack, with predictions of more organizations falling victim due to the exploit's simplicity. Impacted Change Healthcare customers are advised to communicate with payors for payment workarounds, monitor official updates, follow AHA advisories and review recommendations from various entities including Health-ISAC, CISA, HFMA and HHS.

Potential Business Impacts

Additional steps for impacted companies include the following:

These measures aim to navigate the aftermath of the incident and prevent similar occurrences in the future.

How Dinsmore Can Help

Every organization should prioritize cybersecurity and data privacy. There has been a noticeable increase in the enforcement of regulatory fines and penalties for mishandling data processing and we continue to see daily impacts across the nation with cyberattacks.  It is crucial to prioritize your organization's cybersecurity protocols and adhere to relevant data processing requirements. Dinsmore & Shohl's Cybersecurity and Data Privacy team offers the expertise and resources necessary to safeguard against cyber threats, secure consumer data and ensure compliance with data privacy regulations. Our cybersecurity team offers a variety of data privacy and cybersecurity services, including pre-breach and cybersecurity planning, cybersecurity and data privacy transactional services, data regulatory compliance services, breach response and disclosure obligation services, cyber liability insurance review and any related litigation issues regarding cybersecurity and data breaches (investigation, defense and response). Please contact us for more information and to learn how we can partner with you.




Read full article at: https://www.dinsmore.com/publications/prescribing-security-why-healthcare-companies-should-take-note-of-recent-ransomware-attack/