Moffitt Cancer Center was one of many health systems impacted by the Change Healthcare ransomware attack earlier this year. The organization's VP of RCM operations explains how she navigated the disaster.
In part one of this interview, Lynn Ansley, vice president of revenue cycle management at the Moffitt Cancer Center and a HealthLeaders Exchange member, explains how the health system imitially reacted to the Change Healthcare cyberattack.
In part two, Ansley walks us through the process of manually keying claims, leaning on other leaders and organizations who'd been impacted, and getting their processes back online.
Responses have been edited from their original length for brevity.
HealthLeaders: How many claims would you manually key a day?
Ansley: Our average count was 3000 per day. It took about an hour to see one inpatient claim during this downtime. There were a lot of just initial rejections, so we'd go back, figure out what we did wrong, and rework it.
When you have a new piece of technology, you have months of training and testing, and implementation and refinement. You've got vendors holding your hand through the process. We had none of that. We were going to figure it out on our own, and we did.
HL: Were you able to lean on or share insights with colleagues at other organizations?
Ansley: We made a lot of connections across the country. The healthcare industry--and revenue cycle specifically-- were all in it together, so we're leaning on each other. Some were able to share more than others, but what was evident is no two providers were in the same exact situation, because we just have such a mixed bag of technologies that we normally use.
UnitedHealthcare was trying to triage how bad things were on their side to figure out systems impacted and there wasn't a lot of information that was coming to the providers. Some of that can be expected, but it felt like we were in limbo, and nobody liked that because of the uncertainty.
We reached out to other vendors we partner with to see what solutions they could offer us in the interim. We had some existing vendors that were able to expand services for us and set up other clearinghouses for us to be able to escalate that process.
What really resonates with me during this time is those industry partners that really leaned in to help us when we didn't know which way to go.
HL: When was Moffitt able to get things back online?
Ansley: With us shifting over to a new partner in the technical clearinghouse space, we were back up in a very infant stage around March 13th (roughly three weeks after the cyberattack was discovered).
They were an existing partner for us, so they really leaned in and tried to help providers get into that solution from a patient payment portal perspective. We were actually on an old platform that UnitedHealth had stopped supporting, so we had no solution coming back online in that regard.
We were actually able to flip a switch and give us a less than desirable patient payment solution in the interim.
HL: What are some things you've learned through this experience?
Ansley: It really taught us we need to be ready for the unexpected, to the level that even our board wants to know what our plan is. We're actually running a host of tabletop exercises, looking at the worst-case scenario of similar situations. And we're not just talking about revenue cycle; we're talking about clinical care as well.
The more we do them and the more comfortable we can get with the uncertainty, the more prepared we are for when that time comes. You hear people say, ‘It's not if, it's when,' and I think everybody's a believer in that at this point. It's better to be prepared.
The HealthLeaders Exchange is an executive community for sharing ideas, solutions, and insights. Please join the community at our LinkedIn page.
To inquire about attending a HealthLeaders Revenue Cycle Exchange event, email us at exchange@healthleadersmedia.com.
Jasmyne Ray is the revenue cycle editor at HealthLeaders.
KEY TAKEAWAYS
Following the Change Healthcare cyberattack, RCM staff at the Moffitt Cancer Center had to manually keyed an average of 3000 claims a day.
Leaders from affected organizations came together, sharing knowledge and insights..
Some of the organization's vendors were able to expand their services to help with their processes.