On June 6, the American Hospital Association (AHA) participated in a Wall Street Journal Tech Live Cybersecurity event to discuss the historic cyberattack on Change Healthcare that occurred on February 21. The discussion featured Stacey Hughes, AHA executive vice president of government relations and public policy, Erik Decker, vice president and chief information security officer for Intermountain Health, and WSJ Reporter James Rundle.
During the event, Hughes commented on the government’s response to the cyberattack, stating that it took some time for policymakers to fully grasp the severity of the incident. She attributed this delay to UnitedHealth Group’s initial underestimation of the impact, which led to a slower reaction from government officials. Hughes highlighted the need for improvement in how the government responds to cyberattacks and emphasized the importance of understanding the role of government in such situations.
Following the event, the Department of Health and Human Services announced that hospitals and health systems could compel UnitedHealth Group to notify patients if their data was compromised during the cyberattack. This development underscores the ongoing impact of cybersecurity breaches on the healthcare industry and
