Change Healthcare Cyberattack: What Social Workers Should Know

Mar 27, 2024

By Denise Johnson, LCSW-C
NASW Senior Practice Associate

In February 2024, a major healthcare cybersecurity attack occurred, affecting many patients and providers including clinical social workers (CSWs). The attack targeted UnitedHealth Group’s subsidiary Change Healthcare, a technology clearinghouse that manages billing and administrative tasks for healthcare organizations.

The attack, known as ransomware, involved hackers gaining access to healthcare payment systems, encrypting files, and demanding payment in exchange for a decryption key. As a result, Change Healthcare became temporarily paralyzed, causing payment disruptions and delays in patient care. The attack on Change Healthcare affected multiple healthcare organizations, leading to concerns about the security of sensitive patient data. In response, Change Healthcare shut down their systems and launched an investigation to determine the extent of the attack and any potential data breaches. Change Healthcare provides status updates on the cyberattack.

Experts recommend that individuals who may have been affected by the attack closely monitor their health records and credit reports for any suspicious activity. Healthcare organizations are also reviewing their security measures and implementing additional precautions to prevent future attacks.[1]

The Centers for Medicare & Medicaid Services (CMS) issued a statement and is actively monitoring the impact of the cyberattack on Change Healthcare and how it affects various providers and suppliers. CMS has announced that it is considering applications for advance payments for Part B providers and suppliers due to the cyberattack.

CMS is also working with health plans, providers, and suppliers to address their concerns and is expediting necessary actions for changes to the clearinghouse that providers use and paper claims processing. CMS is also urging Medicaid plans to make prospective payments to those affected. Medicare Administrative Contractors (MACs) are providing public instructions on how to request for a Medicare accelerated or advance payment.

The cyberattack serves as a reminder for healthcare organizations and CSWs to regularly update and strengthen their security protocols to protect against potential attacks. NASW has developed a uniform set of technology standards to guide social workers in their practice. CSWs can also visit the Healthcare and Public Health Cybersecurity Performance Goals for more information on ways to stay protected.

NASW will monitor this situation for future changes. Questions may be directed to clinical.practice@socialworkers.org

_______

[1] Smith-Schoenwalder, C. (2024) EXPLAINER: What to Know About the Change Healthcare Cyberattack, usnews.com. Available at: https://www.usnews.com/news/health-news/articles/2024-03-04/explainer-what-to-know-about-the-change-healthcare-cyberattack(Accessed: 12 March 2024).

Child Abuse Prevention Month

Child Abuse Prevention Month

April Ferguson LCSW-C Senior Practice Associate Children and Adolescents April 2024 The National Association of Social Workers (NASW) acknowledges April as Child Abuse Prevention Month. The Child Abuse Prevention and Treatment Act (CAPTA) defines child abuse and...

Salute Your Graduate with an NASW Press Book Gift

Salute Your Graduate with an NASW Press Book Gift

The NASW Code of Ethics is a set of standards that guide the professional conduct of social workers. The 2021 update includes language that addresses the importance of professional self-care. Moreover, revisions to the Cultural Competence standard provide more...

Categories