The U.S. Department of Health and Human Service (HHS) on Tuesday released a statement listing the steps that the Centers for Medicare & Medicaid Services (CMS) is taking to assist providers in the wake of the cybersecurity attack, which is now entering its second week. But the steps aren’t adequate, according to the American Hospital Association (AHA).
The Blackcat ransomware attack has crippled Change Healthcare’s systems since February 21, disrupting the health care technology company’s ability to process transactions, including payments and requests for insurance authorizations. The AHA calls the attack the “most significant and consequential incident of its kind against the U.S. health care system in history.” It’s made it difficult for hospitals to provide patient care, fill prescriptions, submit insurance claims, and receive payment for the services they provide, the organization said.
RELATED: Change Healthcare cyberattack fallout: Steps organizations can take to protect their systems
In a statement released Tuesday, HHS said its first priority is to help coordinate efforts to avoid disruptions throughout the health care system. As part of those efforts, HHS encouraged hospitals facing significant cash flow problems to submit accelerated payment requests to their Medicare Administrative Contractors (MACs) for consideration. Although the expedited payments aren’t guaranteed, HHS said it is working to provide additional information to the MACs about specific information the request should include, and the MACs will make it available to organizations this week.
“Numerous hospitals, doctors, pharmacies, and other stakeholders have highlighted potential cash flow concerns to HHS stemming from an inability to submit claims and receive payments. HHS has heard these concerns and is taking direct action and working to support the important needs of the health care community,” HHS said.
Furthermore, CMS will allow Medicare providers who need to change clearinghouses that they use for claims processing to contact their MACs to request a new electronic data interchange (EDI) enrollment for the switch. CMS has told MACs to expedite the process and move all provider and facility requests into production and ready to bill claims quickly. CMS is also encouraging other payers, including state Medicaid and Children’s Health Insurance Program (CHIP) agencies and Medicaid and CHIP managed care plans, to waive or expedite solutions for this requirement.
In addition, CMS will issue guidance to Medicare Advantage (MA) organizations and Part D sponsors encouraging them to remove or relax prior authorization, other utilization management, and timely filing requirements during these system outages. CMS is also encouraging MA plans to offer advance funding to providers most affected by this cyberattack. The agency said it is also encouraging Medicaid and CHIP managed care plans to adopt the same strategies of removing or relaxing prior authorization and utilization management requirements, and consider offering advance funding to providers, on behalf of Medicaid and CHIP managed care enrollees to the extent permitted by the State.
If Medicare providers are having trouble filing claims or other necessary notices or other submissions, they should contact their MAC for details on exceptions, waivers, or extensions, or contact CMS regarding quality reporting programs.
CMS has contacted all MACs to make sure they are prepared to accept paper claims from providers who need to file them. “While we recognize that electronic billing is preferable for everyone, the MACs must accept paper submissions if a provider needs to file claims in that method,” HHS said.
But the AHA said in its statement that the measures the federal government has taken don’t go far enough. “The magnitude of this moment deserves the same level of urgency and leadership our government has deployed to any national event of this scale before it. The measures announced today do not do that and are not an adequate whole of government response,” wrote Rick Pollack, AHA's president and CEO, adding that the organization will continue to work with Congress on meaningful solutions.