How the Change Healthcare Cyberattack May Change the Future of Insurance Billing

The recent cyberattack on Change Healthcare, a major player in the healthcare billing industry, has sent shockwaves through the healthcare community. The attack in February 2024, which resulted in the freezing of claims and payment processing, has highlighted the vulnerabilities of our current billing systems and raised important questions about the future of insurance billing. While we do not know the specific changes that will occur in the insurance industry, technology industry, or revenue cycle management, some changes will be necessary to prevent an attack like this. 

What does Change Healthcare do? 

Change Healthcare is a clearinghouse that processes data between healthcare providers and Insurance companies. It is estimated to process one-third of the United States' healthcare claims. 

Clearinghouses perform several critical functions in the revenue cycle that enable the functionality of our healthcare system at a rapid pace. Without clearinghouses, the same functions done by a person would mean that claims are not processed or paid at or near the same pace that they are now. The technology allows the healthcare industry to move vast amounts of data around quickly and efficiently, taking a fraction of the human resources needed if we didn’t have a clearinghouse. 

Change Healthcare is a critical intermediary in the billing and handling of many insurance claims and payments for healthcare providers. The cyberattack that disrupted its operations has had a cascading effect, causing delays and uncertainties for healthcare providers nationwide.

How will the cyberattack influence insurance billing in the future? 

This incident has highlighted the potential risks associated with centralized billing systems. The concentration of billing processes in a few significant players makes the system more vulnerable to cyberattacks. As a result, there is likely to be a push towards decentralization and diversification of billing services in the future.

Increased Security Standards

One possible outcome of this cyberattack is increased scrutiny and regulation of billing intermediaries. Regulators and policymakers may impose stricter security standards and oversight to prevent similar incidents. This could lead to higher compliance costs for billing companies and potentially drive smaller players out of the market.

Diversified Billing Intermediaries

Healthcare providers may reevaluate their reliance on a single billing intermediary. Many providers have been scrambling to find alternative ways to submit claims and receive payments after the cyberattack. This experience may prompt them to diversify their billing services or seek more secure and resilient alternatives.

In response to this incident, Practice Solutions has offered support and solutions to affected healthcare providers. Practice Solutions, for example, has found alternate ways to submit claims and receive payments, ensuring that their clients' revenue streams remain uninterrupted.

Implementation of Risk Management Programs

It is unlikely that a practice that survives this bump in the road will look back and conclude that no change will be necessary to its billing program. Instead, providers will look at some of the following areas of their programs and review the risks associated with an outage: 

• Alternate clearinghouses for the sake of submitting claims during a cyberattack 

• Higher utilization of payer portals for eligibility checks and claim submission

• Diversifying their internal training programs on a wide array of tools needed to sustain cash flow

• Redeploying billing staff to focus on the most critical revenue cycle management demands

• A greater focus on completing notes and submitting claims promptly

• Outsourcing the entirety of billing to companies that have expertise in all of the above

Practice Solutions' Response to the Change Healthcare Cyberattack

We are continuing to evaluate different clearinghouses. It is our job to be the experts in billing, and we have a renewed commitment to expanding our education of billing tools and resources to be prepared if something like this should ever happen again.

We continue to maintain HIPAA-compliant procedures and software and take cybersecurity very seriously.

Our customers rely on us to navigate situations such as this so that they can continue to provide patient care. Our dedication to our customers is even stronger after the cyberattacks, and we thank our customers for their compassion, trust, and understanding as our billers worked to remedy the problems caused by the outage. 

Conclusion

The Change Healthcare cyberattack is a stark reminder of the importance of cybersecurity in the healthcare industry. As we move forward, we must learn from this incident and take proactive steps to secure our billing systems. By diversifying billing services, implementing stricter security measures, and fostering a culture of cybersecurity, we can help mitigate the risks and ensure the stability and security of our healthcare billing systems.