Skip to main content

Cyberattacks Emphasize Importance of Proactive Protection Efforts

Analysis  |  By Jasmyne Ray  
   April 18, 2024

Organizations are considering new measures to protect patient information.

In the aftermath of the Change Healthcare ransomware attack, affected providers are doing their best to resume normal operations and looking for proactive measures to protect them in the future.

The attack was a major disruptor to the revenue cycles of providers throughout the country, leaving them unable to submit claims or process payments. The gravity of the disruption emphasizes the importance of having a business continuity plan in place.

“We’re in the business of treating patients, so a lot of the time, if you don’t have people that are focused on this type of stuff and know its importance, it gets thrown by the wayside,” Joi Lee, manager of cyber governance, risk, and compliance for Moffitt Cancer Center, previously told HealthLeaders.

She noted that healthcare is behind other industries when it comes to making cybersecurity a priority. According to Lee, many companies either don’t have a business continuity plan, don’t have an updated plan, haven’t tested it, or haven’t communicated it to the necessary individuals.

The increasing frequency of cyberattacks has made cybersecurity a priority for organizations, particularly as it relates to revenue cycle management solutions. In some organizations, information technology specialists are included in the decision-making process for finding and implementing RCM solutions.

“There is a newer wave of IT leaders that grew up from the operational side of business and weren’t just tech people,” Bill Arneson, director of business operational transformation at Moffitt, previously told HealthLeaders.

“I think those are the people that you need, someone that can speak business and IT, to bridge those gaps,” he said. “Those are the people getting stuff done.”

Organizations can be proactive in protecting their data by ensuring their tech infrastructure is secure and appropriate controls in place prior to implementing a new solution or integrating a new platform. Additionally, organizations should inquire about antivirus and data protection controls in conversations with potential vendors and RCM partners.

Jasmyne Ray is the revenue cycle editor at HealthLeaders. 


Organizations should have a business continuity plan in place and ensure that necessary individuals have thorough knowledge of it.

The healthcare sector is behind other industries when it comes to cybersecurity.

Organizations should inquire about antivirus and data protections when considering different vendors for RCM solutions.

Get the latest on healthcare leadership in your inbox.