Healthcare firms communicate with affected users about security after third-party hacks

Change Healthcare, a company that provides tools and technologies to healthcare facilities and insurance plans owned by UnitedHealth Group through its Optum unit, experienced a ransomware attack that widely affected the digital healthcare landscape this February. The attack made numerous headlines, with major news outlets such as Bloomberg and CNBC reporting on it.

“It is definitely the worst [hack] to ever hit the healthcare sector in the US . . . It’s one that has an immediate and deleterious impact on patient care.”
James Rundle, Reporter, The Wall Street Journal

Change Healthcare offers revenue and payment cycle management for thousands of healthcare providers, pharmacies and clinics across the United States. The cybersecurity incident has halted revenue flow for providers and interrupted the patient experience. UnitedHealth Group has released statements in the weeks following the cyberattack regarding its progress in restoring Change’s services. Affected digital systems include claims management, appointment scheduling, payment services, and billing and data exchanges. The data breach has caused payment outages affecting both patients and providers.

Corporate Insight tracks and analyzes how healthcare firms communicate with their members about security incidences and data breaches. Many firms in our coverage set have communicated with members whose experiences may be affected by the outage. Most prominent are announcements on public site homepages. UnitedHealthcare issued a prominent alert across the top of its public site homepage linking to an extensive Information on the Change Healthcare Cyber Response page detailing resources for funding assistance and a timeline of the latest updates.

UnitedHealthcare Homepage Alert


UnitedHealthcare Information on the Change Healthcare Cyber Response Page

BCBS of Illinois also published an alert on its homepage linking to a new Some Pharmacies Are Experiencing Systems Issues page and extending an apology for any delays users may face in filling medications due to the outage.

BCBS of Illinois Homepage Alerts Section


BCBS of Illinois Some Pharmacies Are Experiencing Systems Issues Page

Highmark BCBS added a similar alert to its public site Provider Resource Center page. So too did Mass General Brigham Health Plan with a new alert on their Providers page informing users of the incident. A Read Our Response link directs to an Incident Detail page where users can learn more about the breach and how it affects members. While Aetna’s response was delayed relative to the aforementioned firms, the Change Healthcare Interruption alert on its public site Health Care Professionals page offers a more in-depth approach. The alert houses a link to a PDF providing a comprehensive overview of the firm’s progress mitigating the attack and alternative methods for providers to submit claims.

Mass General Brigham Health Plan Recent Public Site Providers Page Alert


Mass General Brigham Health Plan Public Site Responding to the Change Healthcare Cybersecurity Incident Page


Aetna Health Care Professionals Page Alert

Horizon Blue introduced a new public site Security Incidents page that offers a consolidated location for updates regarding recent data security events in the healthcare industry. The localization of security news enhances user’s experience by guaranteeing straightforward navigation to information that could potentially impact their coverage and care. Further, the incident details page provides customer service information for consumers that may be seeking immediately actionable resources.

Horizon Blue New Public Site Security Incidents Page (Truncated)

Pharmacies were compelled to respond as well. Prime Therapeutics, a pharmacy benefit manager, published an alert notifying users about a national system outage that impacts some pharmacies’ abilities to process prescription drug claims. The alert links to a dedicated page with more details about alternative pharmacy options.

Prime Therapeutics Alert and Dedicated Page

The ramifications of the cyber-attack are spreading beyond Change Healthcare to independent firms, as users seek out secure digital pharmacies to obtain their prescriptions. Rx Outreach, an online pharmacy site unaffected by the breach, posted a homepage announcement addressing a surge in demand for medications following pharmacy cyber-attacks, resulting in an unprecedented volume of calls. The announcement provides guidance for new patients registering for accounts and ordering refills.

RxOutreach Announcement Lightbox

Corporate Insight has also taken note of the disruption of some member site experiences caused by the hack. Several of the member site experiences in our coverage set have had non-functioning cost estimator tools. While these tools are down, members are unable to determine costs for their care, hindering price transparency from healthcare providers and interrupting an integral member site experience. Across the top of the page, an alert informs members that the tool is nonfunctioning due to a “network interruption at a vendor.”

BCBS of Massachusetts Provider Locator Tool Message

Having created significant challenges for both patients and providers, the cyberattack is spurring new questions and actions in the insurance space regarding digital healthcare security. While the industry response is continuing to evolve, we’ll likely see increasingly robust notifications efforts from insurers and health systems as they attempt to keep users in the loop. Healthcare firms must communicate with users after a security incident.

To stay updated about trends arising from the industry’s cyber response, make sure to check back on CI’s research. For more insights into digital innovation in the healthcare space, check out our research services in four areas: Health Plan, Medicare, Health System and Pharmacy. For deep dives into specific topics, check out our Healthcare Briefings. Don’t forget to visit our Insights section for more industry trends and best practices across the healthcare industry.

Margaret Bannon

Margaret Bannon is an analyst on CI's healthcare research team.

Christal Oji

Christal Oji is an analyst on CI's healthcare research team.