Dennis Dahlen: Of Blackcats and the dark web: The value of HFMA in times of crisis 

The repercussions from the large-scale cyberattack perpetrated by ALPHV Blackcat on Change Healthcare — a company that touches one out of three patient records — likely will be felt for months, the American Hospital Association (AHA) suggests. That’s why it was so important that HFMA take a lead role in getting answers for members and organizing a response. 

In the first days after the Feb. 21 outage, there was much providers didn’t know about the security breach: Could hospitals safely connect to UnitedHealth Group, which owns Change Healthcare, or Optum, a key provider of revenue cycle and other services to the industry? Was the cyberattack isolated to Change Healthcare? How long would the outage last — and what would the long-term impact be? Were we as customers directly exposed or at risk from the same actors? 

HFMA took immediate action. On Feb. 22, we initiated a call with healthcare finance executives nationally so members could learn what their peers were seeing and how they planned to respond. We also surveyed members and worked to facilitate a collaborative response. In addition, HFMA Senior Editor Nick Hut launched a daily blog on the crisis, providing updates as he received them. 

By early March, three more roundtable discussions took place. These discussions were vital, given that no one knew how long the outage would last or the extent to which it would disrupt payment. Meanwhile, Hut’s blog updates became the most-read content in the history of hfma.org, with thousands of views daily. 

Just as important, HFMA leaned into its role as the leading advocate for healthcare finance. We initiated communication with the FBI and HHS within a day of the cyberattack. Short-term remedies resulting from these discussions included Medicare advance and accelerated payments, advance payments through UnitedHealthcare and loans through UnitedHealth Group. 

Now that recovery is underway, there’s still much we don’t know. An AHA survey, which was conducted March 9-12, found 74% of hospitals were still contending with the patient care impact of the cyberattack, including authorization delays. There is also the important work needed to protect ourselves against the next cyberattack, adding redundancy and safeguards to the transactional channels we use. 

It is during times like these that the value and potential of HFMA become clear. We can be a vital resource to exchange information and develop a collaborative response. We’re a force for bringing issues like this to the attention of lawmakers, federal officials and legislators to find the right solutions — solutions that protect patient care. And we’re an advocate for actions that limit providers’ vulnerability to attack. 

It’s time to acknowledge the value of HFMA, its collective voice and the power of association.