Skip to Content

Hospital Lobby Leverages Cyberattack to Push Their Agenda and Avoid Reform


All involved should focus on completing the “last mile” of recovery and on taking the actions needed to protect the system and patients in the future.

Published Apr 12, 2024 • by AHIP

By Mike Tuffin, AHIP President and CEO

Since the very moment when the impact of the unprecedented cyberattack on Change Healthcare became known, health plans have taken meaningful action to support and work with providers to ensure continuity of care for patients. These actions include taking the lead on workarounds, providing ongoing operations support, offering targeted advanced payments, and granting flexibilities to providers of all sizes and specialties. Health plans have also worked to accommodate those providers whose operations were impacted by the cyberattack but who have chosen not to implement the now widely available alternative solutions and workarounds to ensure timely claims processing and payment.

Each plan and provider have been impacted differently, and individual physician practices are still experiencing financial and operational hurdles. It is also important to acknowledge that health plans have also had to tend to their own challenging recoveries from the impact of the cyberattack.

That is why our members remain focused on doing everything possible to establish new processes and supports that can serve patients and their provider partners. As a result, health plans report that patients have broad access to essential and routine medical services and prescriptions without disruption and that the overwhelming majority of providers have resumed claim submissions, received timely payments, and maintained their operations. One reassuring signal came last month when several leading hospital companies publicly reported to their investors that the effect of the cyberattack is “transitory” and “unlikely to have a material impact on their businesses.”

The response from health plans stands in stark contrast to the ongoing opportunistic rhetoric from the hospital lobby on the current state of recovery. At a time when all stakeholders across the health system have been partnering hand in hand, around the clock to restore operations in the face of the worst cyberattack in the history of the system, hospital lobbyists told STAT that the “crisis was another talking point that the hospital industry used to argue that now wasn’t the time to pass policies the industry didn’t like,” such as common-sense, site-neutral reforms that would protect patients from excessive, hidden, and unjustified hospital fees.

In fact, when faced with the reality that some hospitals need to take overdue steps to prevent widespread disruption to patient care from cyberattacks, hospital lobbyists flatly rejected even the consideration of reforms, such as basic cybersecurity requirements, that would improve our collective response to breaches moving forward. Insisting on maintaining the status quo simply makes the health care system a more inviting target for the ever-more sophisticated hacking operations targeting the sector. Instead of taking a constructive leadership role in what can be done to protect consumers and the system moving forward, the hospital lobby chooses to use the moment to point fingers and shirk responsibility.

Instead of playing politics, all involved should focus on completing the “last mile” of recovery and on taking the actions needed to protect the system and patients in the future.

We’re looking ahead to what can be done to protect the system from widespread disruption, such as establishing clearer lines of communication across the private and public sectors. Steps also need to be taken to create resiliency and redundancy in operations to ensure an attack on a single entity does not disrupt the entire system.

We are encouraged by the progress being made across the system and are committed to doing our part until the final stage of recovery is complete – and then to collaborating with policymakers and stakeholders to both prevent and prepare for future cyberattacks.