When thinking about ways to ensure your practice thrives and clients get the best hearing care possible, cybersecurity is probably not going to be at the top of the list, or even come to mind, for most hearing care professionals (HCPs). But that doesn’t mean it isn’t an important component of effective care. The U.S. government and major corporations need to do more to safeguard patient data and keep cyberattacks from shutting down healthcare facilities.

A Major Incident

In February, a cyberattack on medical claims processor Change Healthcare affected a large number of healthcare professionals across the country, including those in hearing care. Thankfully, healthcare facilities were not shut down as a result of this cyberattack. But Change Healthcare was forced to shut down its systems, which meant hospitals and other healthcare facilities couldn’t pay their vendors or employees. 

This ransomware attack was a reminder of how much we rely on digital systems, and how much of a problem it is when all of a sudden those systems are not accessible. 

Shortly after the cyberattack on Change Healthcare occurred, I spoke with an audiologist in New York whose practice had been affected. She and her colleagues were still seeing patients, but they had to submit all insurance claims manually, which was slowing down the claims process. In addition to creating a mountain of paperwork for her billing department that was taking much longer to complete than digital claims, the delay was also concerning from a cashflow perspective. 

Further reading: CMS Giving Providers Affected by Change Cyberattack Assistance

An Ongoing Problem

It’s now months later, and not all of the issues caused by the cyberattack have been resolved. I checked in with the same audiologist, and she said matters are improving, and her office is starting to be able to catch up. The billing department is now only having to enter some data manually, and payments for claims that were submitted months ago are now starting to come in. 

What she found most frustrating was the fact that the situation was completely out of her control. She says she hopes Change Healthcare has learned from the experience and will be able to prevent such a thing from happening in the future. But this cyberattack is just one of many that keep occurring.

Melanie Hamilton-Basich, Chief Editor, The Hearing Review

A Wake-Up Call

Because the cyberattack on Change Healthcare was so far reaching and affected cashflow for so many entities, it’s made the public and the healthcare industry take notice. This incident has called attention to the seriousness of the healthcare sector’s cybersecurity vulnerabilities and the need for better safeguards when so many others incidents did not. 

Sen. Mark Warner (D-VA), a longtime proponent of shoring up cybersecurity for healthcare, has introduced a bill that would help to alleviate these problems and prevent such cyberattacks from happening in the first place. The ‘‘Health Care Cybersecurity Improvement Act of 2024’’ would “require entities to meet minimum cybersecurity standards to be eligible for Medicare accelerated and advance payment programs if the reason for the need for such payments is due to a cybersecurity incident.” It’s designed to improve cybersecurity at the vendor level by tying minimum cybersecurity requirements to government funding.   

I hope the bill passes and is able to make a meaningful impact. And I hope to see more being done to protect HCPs and their patients from the effects of cyberattacks. 

   Melanie Hamilton-Basich

Original citation for this article: Hamilton-Basich M, Cybersecurity Takes Center Stage. Hearing Review. 2024;31(5):06-07.