“The Change outage was disruptive to the business of my practice, but most importantly it was disruptive to my patients,” Dr. Bruggeman testified. “Every minute my staff spent trying to reconcile [electronic remittance advice] with received payments, assessing which patients received incorrect bills, [and] resubmitting prior authorizations is time taken away from patient care.”
Robust Cybersecurity Can Safeguard Practices
By Alisa Pierce Texas Medicine June 2024
Data held hostage
. . . cautions that ransomware attacks can be delivered via multiple platforms, such as in email attachments or links within an email. Malicious attachments can include documents, zip files, and executable applications, and suspicious email links can bring users directly to websites that are used to place malware on a system.
Similarly, “phishing” email scams can give hackers access to internal business systems that could reveal confidential information like credit card numbers, personal identity data, and passwords. Often these emails appear to come from real companies or trusted individuals.
From there, hackers steal electronic patient data, even encrypted information; block the practice from accessing it; and demand a ransom for its return, much like “a hostage situation,” according to Shannon Vogel, TMA’s associate vice president of health information technology.
If that data aren’t backed up, practices don’t have much leeway. At that point, they can either hope the data can be retrieved by law enforcement or move forward without patient records.
“It’s vital that practices talk to their [electronic health record] and other vendors about redundant systems so that all is not lost,” Ms. Vogel said. “Otherwise, it would be like starting from scratch.”