Business

Preventing the Next Big Cyberattack on U.S. Health Care

Five actions that can help avoid a repeat of the Change Healthcare debacle.

May 01, 2024

Flavio Coelho/Getty Images



Post



  • Post



  • Share



  • Annotate



  • Save



  • Print

  • The cyberattack on Change Healthcare that devastated the U.S. health care sector made painfully clear that much more needs to be done to address vulnerabilities that exist throughout the ecosystem. This article offers five actions that can go a long way to improving cybersecurity throughout the sector and make it much more resilient.

    This past February, a ransomware attack on a company called Change Healthcare brought medical billing in the United States to a standstill and propelled hundreds of financially strapped health systems and medical practices to the brink of bankruptcy. The breach paralyzed the cash flow of many of the organizations that collectively account for a fifth of the U.S. economy, potentially compromised as many as 85 million patient records, and cost billions of dollars. Recovery is still in progress as we write, and it may be months or years before the final toll is known.

    New!

    HBR Learning

    Digital Intelligence Course

    Accelerate your career with Harvard ManageMentor®. HBR Learning’s online leadership training helps you hone your skills with courses like Digital Intelligence . Earn badges to share on LinkedIn and your resume. Access more than 40 courses trusted by Fortune 500 companies.

    Excel in a world that’s being continually transformed by technology.

    Start Course

    Learn More & See All Courses


    • Erik Decker is a vice president and the chief information security officer at Intermountain Health. He chairs the Health Sector Coordinating Council’s Cybersecurity Working Group, an industry-led council of more than 400 healthcare organizations that advises the government and health sector on how to protect against and recover from cyberthreats. He also co-leads the 405(d) Task Group, a collaborative effort between the Health Sector Coordinating Council and the U.S. government to align the health care sector’s security practices.


    • John Glaser is an executive in residence at Harvard Medical School. He previously served as the CIO of Partners Healthcare (now Mass General Brigham), a senior vice president at Cerner, and the CEO of Siemens Health Services. He is co-chair of the HL7 Advisory Council and a board member of the National Committee for Quality Assurance.


    • Janet Guptill is president and CEO of the Scottsdale Institute, a not-for-profit organization dedicated to helping its more than 60 large, integrated health systems leverage information and technology to create effective, affordable, and equitable health care centered on whole person care.



    Post



  • Post



  • Share



  • Annotate



  • Save



  • Print

  • New!


    HBR Learning

    Digital Intelligence Course

    Accelerate your career with Harvard ManageMentor®. HBR Learning’s online leadership training helps you hone your skills with courses like Digital Intelligence . Earn badges to share on LinkedIn and your resume. Access more than 40 courses trusted by Fortune 500 companies.

    Excel in a world that’s being continually transformed by technology.

    Related Articles

    Back to top button