Tracewell, the practice manager for Central Oregon Pathology Consultants, asked the senator to enact cybersecurity standards, particularly for health care companies and their subsidiaries. That’s because the company her practice uses for billing was hacked in a cybersecurity attack in February, which she said has caused financial devastation and concern among patients.
The town hall meeting at Ridgeview High School drew a crowd of 80 people. Questions from audience members covered topics ranging from the Israel-Hamas war, term limits for U.S. Supreme Court justices and protecting the Owyhee Canyonlands, which Wyden said ought to be done through the legislative process rather than via a national monument designation.
But Wyden said issues stemming from the Feb. 21 cybersecurity attack on Change Healthcare, the local pathology practice’s billing company, is among the most important issues he is working on.
The attack was attributed to the company’s lack of multifactor authentication, which adds an additional security step to password-protected accounts. It left millions of Americans’ sensitive health information vulnerable. The local pathology consultants practice that Tracewell manages was one of many affected.
Now, the 18,000-claim backlog at the local practice, which serves all of Central Oregon and much of Eastern Oregon, has left Tracewell no choice but to speak up.
“People may not understand that it isn’t just about the money we receive in our revenue but the impact to our patients and our clients as well,” she said at the town hall meeting.
The practice’s billing system has been down since Feb. 21, so it has been doing the work for free, and the practice has vowed to not send people’s bills to collection agencies, Tracewell said.
Hundreds of patients have called worried. Some have said their Health Savings Account cards are frozen.
Wyden called Tracewell’s account “exceptionally important.”
He told the audience, “What was just described to you is the face of what American health care is going to become if I, and others, can’t stop it.”
Ultimately, Tracewell and the senator agreed that requirements for cybersecurity standards and accountability for health care conglomerates ought to exist. Wyden added that the U.S. Department of Health and Human Services and the Biden Administration hasn’t moved fast enough on the issue.
“We’re going to make it a national effort because it’s time to have a deterrent against these kinds of scofflaws. It’s just that serious,” Wyden said.
He added that Change Healthcare has been lying to federal officials. The health care company has said that people aren’t in the situation Tracewell described.
Change Healthcare, which is a subsidiary of UnitedHealth Group, processes one third of all medical claims in the United States, which totals 15 billion health care transactions annually, according to the American Hospital Association.
Wyden repeated the phrase he used at a Senate Finance Committee hearing at which UnitedHealth Group CEO Andrew Witty appeared.
“They flunked cybersecurity 101,” he said at the town hall meeting.
Wyden vowed to work with Tracewell until the pathology practice gets paid.
He said to her, “You have said something that Mr. Witty needs to hear, and he’s gonna hear about it from me.”
©2024 The Bulletin, Distributed by Tribune Content Agency, LLC.