There have been 48 updates since Optum’s Change Healthcare first identified a malicious attack on its systems from a suspected nation-state on Feb 21, an attack that hat has crippled its ability to process payments.
Most of the recent updates reiterate that they are “experiencing a cybersecurity issue” and express confidence that “Optum, UnitedHealthcare and UnitedHealth Group systems have not been affected by this issue.” But these updates are not satisfying one customer: Tampa General Hospital CEO John Couris. The nonprofit hospital uses Change Healthcare as a clearing house to get claims processed and paid by payers.
While being ever sympathetic to Change’s plight having been a victim of a cyber-attack of its own, though much smaller in scope, Couris said he actually went up to Optum CEO Amar Desai in the speaker room at the ViVE conference in Los Angeles on Monday to get some details.
“So I said to him, ‘Listen, my heart goes out to you because you didn’t ask for this. You didn’t do something wrong…. So I asked him, I said, ‘So when do you think we’ll be back up?’ And his answer to me was, ‘We’ll have an update in two days.’ So I don’t think he knows. I’m a CEO too. I get it. He’s not going to say something for the sake of just saying it. He wants to understand really what’s going on. I can appreciate that. But after a couple of more days, he’s going to have to come out. They’re going to have to come out with real definitive answers because the whole industry is affected by this. The government, pharmacy, health systems. It’s a big deal.”
The breach has impacted business operations for all military pharmacies across the world, as well as some retail pharmacies across the U.S, according to an earlier story from MedCity News.
“I can’t speak for United, but it sounds like [Change Healthcare] has been compromised,” Couris speculated. “These actors got all the way to the brain of their system, captured it and has encrypted it and is ransoming it.”
He noted that he believes Change Healthcare is not going to pay the ransom because there are no guarantees that the people behind the attack would dutifully release the hold on the system. Nor is there any assurance that they wouldn’t drop some malicious code in there that becomes a problem a few months later.
“I don’t think they’re going to pay anything,” said the CEO of Tampa General Hospital, a nonprofit system with 1,040 beds, referring to Change Healthcare’s stance toward the bad actors. “They’re going to rebuild their systems.”
Which means it will take time and could create a cash crunch for the hospital.
“What we used them for is they are a clearing house for claims. So all of our claims would go to them, they’d adjudicate and then they’d send it to the payer. Well, we can’t do that right now. So it will probably, probably — we’re looking at it now — probably impact cash flow. So we have to eat into our daily cash on hand. That’s a problem.”
Given that so much time has elapsed and the systems are not back online made Couris think of switching vendors, but that’s not possible, he said.
“To switch clearing houses would take several months and be incredibly disruptive,” he said. “So we need to hang with Optum. We need to hang with them and let him get through this. This could take two or three or four weeks and claims will be paid. They’re just hung up right now. And so it’s an impact on day’s cash on hand, and pivoting to another company doesn’t make much sense.”
Even if they decided to switch vendors, Couris said he wouldn’t know who to go to.
“… Even the people that we would go to actually indirectly uses [Change Healthcare] as well in some respects,” Couris declared, although he noted that some recently-acquired hospitals of Tampa General Hospital don’t use Change Healthcare.
But he was unable to name the vendor that they use instead. What Couris is convinced is that this attack was no ordinary attack.
“This wasn’t a little hack,” he said.
Photo: anyaberkut, Getty Images