The hospital is still dealing with some ongoing costs. Its revenue cycle has not fully recovered and its cyberattack insurance claim, submitted nearly two years ago, still hasn’t been paid, Dunkle said. The hospital’s annual insurance premium is up 60% since the incident.
“That is an incredible increase in cost over the last three or four years and … when your claims aren’t paid, it can be even more frustrating,” he said. “We are investing so much in cybersecurity right now that I don’t know how small hospitals will be able to afford [to operate] much longer.”
And this week, a hospital in Illinois may become the first to close down partly due to a cyberattack. St. Margaret’s Health in Spring Valley, Illinois, planned to close its doors June 16. Suzanne Stahl, chair of the hospital’s parent company, SMP Health, said it became impossible to continue the hospital’s operations “due to a number of factors, such as the covid-19 pandemic, the cyberattack on the computer system of St. Margaret’s Health, and a shortage of staff.”
The hospital suffered a ransomware attack in 2021 that left it unable to bill insurance, Medicaid, or Medicare for more than three months, according to Linda Burt, the hospital’s vice president of quality and community services. Burt said not being able to submit claims put the hospital in a “financial spiral.”
KFF Health News, formerly known as Kaiser Health News (KHN), is a national newsroom that produces in-depth journalism about health issues and is one of the core operating programs of KFF — the independent source for health policy research, polling and journalism.