Topics
Reimbursement
Hospitals sue HHS over disproportionate share hospital payment
Hospitals sue HHS over DSH hospital payments
Revenue Cycle Management
Hospitals are leveraging AI to improve revenue cycle
Hospitals are leveraging AI to improve revenue cycle
Strategic Planning
Walgreens considering selling all of its VillageMD business
Walgreens considering selling all of its VillageMD business
Capital Finance
Risant Health to invest $1 billion in Cone Health
Risant Health to invest $1 billion in Cone Health
Supply Chain
FDA tells providers to prepare for supply chain disruptions
FDA to providers: Prepare for supply chain disruptions
Accounting & Financial Management
Advocate Health forgives medical debt linked to real estate liens
Advocate Health forgives medical debt linked to real estate liens
Budgeting
Insurers likely to pay $1.1 billion in rebates this fall
Insurers likely to pay $1.1 billion in rebates this fall
Quality and Safety
Free COVID-19 tests are now available
Free COVID-19 tests are now available
Billing and Collections
CMS reports over 12,000 No Surprises Act violations 
CMS reports over 12,000 No Surprises Act violations 
Claims Processing
Johns Hopkins Health Plans announces multi-payer portal
Johns Hopkins Health Plans announces multi-payer portal
Workforce
Feds grant $100 million to grow healthcare workforce
Feds grant $100M to grow healthcare workforce
Operations
Dana-Farber CEO and president to step down
Dana-Farber CEO and president to step down
Medical Devices
Healthcare chatbots may promote racist misinformation
Healthcare chatbots may promote racist misinformation
Hospital/physician relations
Hospitals, physicians submit opposing views to FTC ruling on noncompetes
Hospitals, physicians submit opposing views to FTC ruling
Construction & Facilities Management
Christus Health to see $25 million expansion at Texas hospital
Christus to see $25M expansion at Texas hospital
Compliance & Legal
CVS' Oak Street Health paying $60M over alleged Medicare Advantage kickbacks
CVS' Oak Street paying $60M over alleged MA kickbacks
Policy and Legislation
HHS investing $75 million in rural healthcare infrastructure
HHS investing $75 million in rural healthcare infrastructure
Community Benefit
Nonprofit hospitals' charity care falling behind tax breaks, report shows
Report: Hospitals' charity care falling behind tax breaks
Accountable Care
ACO REACH changes more negative than positive, says participant
ACO REACH changes not positive, says participant
Acute Care
AHA: Hospitals improve patient safety measures above pre-pandemic levels
AHA: Hospitals improve patient safety measures
Ambulatory Care
Walmart announces closing of clinics and virtual care
Walmart is closing clinics and virtual care
Analytics
Interoperability in healthcare moving forward despite challenges
Interoperability in healthcare moving forward despite challenges
Business Intelligence
Mass General, Tampa General deepen affiliation to advance specialty care
Mass General, Tampa General team on advance specialty care
ICD-10 & Coding
Physician practices examine risk adjustment coding in wake of federal lawsuits
Practices keeping close watch on risk adjustment coding
Meaningful Use
Financial disincentives for providers who commit information blocking 
Financial disincentives for providers who commit information blocking 
Medicare & Medicaid
Average premiums for Medicare Advantage, Medicare Part D to decrease, CMS says
CMS: MA and Part D premiums to decrease in 2025
Patient Engagement
Patients see narrow networks in ACA marketplace plans, KFF finds
KFF: Patients see narrow networks in ACA marketplace plans
Pharmacy
Novo Nordisk CEO grilled on high prices of Ozempic and Wegovy
Novo Nordisk CEO grilled on high prices of Ozempic and Wegovy
Population Health
Demand for age-friendly care soars as older population grows
Older population creating demand for age-friendly care
Risk Management
UPMC for You partners to offer Medicaid redetermination coverage in laundromats
UPMC for You offers Medicaid redetermination coverage in laundromats
Telehealth
Patients less likely to seek virtual behavioral care when paying out-of-pocket
Patients who pay cost-sharing less likely to seek virtual care
Mergers & Acquisitions
Cardinal Health to acquire Integrated Oncology Network for $1.1B
Cardinal Health to acquire Integrated Oncology Network for $1.1B
View more
May 17 More on Compliance & Legal

Ascension faces class action lawsuits for Black Basta ransomware attack

The cyberattack that brought down the Ascension IT Systems was "foreseeable and preventable," complaints say.

Susan Morse, Executive Editor

Photo: eclipse_images/Getty Images

Ascension is facing two class action lawsuits for the May 8 ransomware attack that reportedly continues to disrupt operations due to disconnection from the Epic EHR and cause long ER wait times for some of the health system's 140 hospitals.

On May 12, Katherine Negron filed a class action complaint against Ascension in the U.S. District Court for the Northern District of Illinois. On May 13, Ana Marie Turner filed a similar lawsuit in federal court for the Western District of Texas. Both civil suits, filed by the Law Offices of T.J. Jesky in Chicago, seek monetary damages and demand a jury trial.

The Black Basta ransomware attack brought down the Ascension IT Systems, the complaints said, citing the FBI and Cybersecurity and Infrastructure Security Agency (CISA).

The lawsuits allege that Ascension failed to safeguard personal identifying information and protected health information. Because of the cyberattack, the plaintiffs were unable to effectively communicate with their healthcare providers through the MyChart patient portal or receive the requisite medical care and attention they needed, the complaint said. 

WHY THIS MATTERS

The ransomware attack resulted in the unauthorized disclosure of PHI, including names, dates of birth, patient records and Social Security numbers, the lawsuits said.

"Plaintiff and the Class also now forever face an amplified risk of further misuse, fraud and identity theft due to their sensitive Personal Information falling into the hands of cybercriminals as a result of the tortious conduct of the defendant," said the Negron lawsuit.

Ascension failed to implement "reasonable and industry standard data security practices," the lawsuit said. "The Data Breach was a direct result of Defendant's failure to implement adequate and reasonable cyber-security procedures and protocols necessary to protect patients' Private Information from a foreseeable and preventable cyberattack."

In addition, according to the complaint, "(the) Defendant maintained the Private Information in a reckless manner. In particular, the Private Information was maintained on Defendant's computer network in a condition vulnerable to cyberattacks."

The plaintiffs also want improvements to Ascension's data security systems, future annual audits and adequate credit-monitoring services.

THE LARGER TREND

The cyberattack affected one of the largest health systems in the country on the heels of a February ransomware attack that continues to impact Change Healthcare. Change is owned by Optum, which is affiliated with the largest insurer in the nation, UnitedHealthcare.

Change, which offers claims management, was immediately taken offline after the ransomware attack. While systems are coming back online, the disruption continues to affect hospital and physician practice revenue due to delays in claims payment.

UnitedHealth Group CEO Andrew Witty confirmed the company paid a $22 million ransom in bitcoin to protect personal health information.

Email the writer: SMorse@himss.org

News
Ending racism in healthcare often begins with medical education - and is the target of a new national project Ending racism in healthcare often begins with medical education - and is the target of a new national project Inequities can be found in every facet of the industry, but targeting medical students and residents can help stem the tide.