Reader TTS

AARP (Source: Getty Images (2)) Facebook Twitter LinkedIn

Criminals have hacked the data of millions of Americans this year in cyberattacks on health insurance companies and hospital systems, and AARP is urging more action to protect consumers.

​We wrote to the head of the Department of Health and Human Services (HHS) to express our deep concern over the recent spate of cyberattacks, calling them “a wake-up call” for the industry. 

​“Persistent vulnerabilities in the American health care system are putting our sensitive personal, financial and health information at risk of being exposed and exploited,” AARP Senior Vice

President for Government Affairs Bill Sweeney wrote in a July 31 letter to HHS Secretary Xavier Becerra.

​An attack on the Ascension health  system in May delayed appointments, disrupted access to medical tests and forced some emergency rooms to divert ambulances to other hospitals, according

to news reports. 

AARP is your fierce defender on the issues that matter to people 50-plus. Read more about how we’re fighting for you every day in Congress and across the country.

​In February, cybercriminals stole what has been described as a substantial amount of data in a ransomware attack on UnitedHealth Group subsidiary Change Healthcare. The company is still

determining how many people were affected, but HHS has called the impact on patient care and privacy "unprecedented.."

​“We are particularly concerned that after the recent attacks, some consumers still have not been directly notified or encouraged to take steps to protect themselves,” Sweeney told HHS in

the letter. “People cannot afford to wait months until an investigation verifies their data was compromised.”

Sign up to become an AARP activist on financial security and other issues important to people 50 and older.

​AARP called on HHS and the health care industry to take a number of actions in response to the attacks. They include: rapid notification whenever consumers are impacted; a holistic analysis

of IT vulnerabilities within health care systems that handle consumer data; and an examination of laws and regulations to make sure patients are protected.

​HHS and health care companies should focus not only on preventing future attacks, we wrote, but also on developing notification and contingency plans to lessen the impact on patients when

they do occur.

​Read our letter and learn more about how to protect yourself from identity theft and fraud.

Natalie Missakian covers federal and state policy and writes AARP’s Fighting for You Every Day blog. She previously worked as a reporter for the New Haven Register and daily newspapers in

Ohio. She has also written for the AARP Bulletin, the Hartford Business Journal and other publications.

Unlock Access to AARP Members Edition

Join AARP to Continue Already a Member? Login

AARP NEWSLETTERS

%{ newsLetterPromoText  }%

%{ description }%

Privacy Hub