When a national healthcare clearinghouse was hit by a cyberattack in February 2024, it halted the processing of veterans’ medical claims and put their access to healthcare in jeopardy.
As a trusted advisor to the Department of Veterans Affairs (VA), Tria Federal swiftly took action to help VA develop a safe and secure way to continue processing claims. Tria worked as part of a team led by King Street Technology Partners (KSTP), comprising Eleven09 and SBG Technology Solutions, as well as major partners Guidehouse and IBM.
“The two big areas of concern were: one, provider attrition, because providers could leave the VA network if they weren’t paid in a timely manner; and two, veteran access to care,” said Jay Lahiri, a senior Tria advisor.
Veterans enrolled in VA can choose to be treated at VA facilities or, under certain circumstances, seek outside treatment through VA’s Community Care Network (CCN). VA covers veterans’ medical bills by reimbursing third-party administrators (TPAs) for what they’ve paid to CCN healthcare providers.
The ransomware attack led to nationwide outages for the clearinghouse that processed veterans’ medical claims. The clearinghouse immediately disabled its connection with VA. With claims processing shut off, it was critical to quickly establish a new solution so that payments could continue to be processed while a long-term solution was being developed.
The KSTP team, led by Tria, worked with VA stakeholders to make code changes and implement a short-term solution. In just two weeks after the attack occurred, they established an interim process that seamlessly routed the claims to the Community Care Reimbursement System (CCRS), which Tria had custom-built for VA six years earlier. VA was then able to continue to pay TPAs without implementing complicated financial workarounds.
“We helped VA deal with the data breach with minimal impact to claims payments and veterans’ access to care,” Lahiri said. “We were able to act quickly to make changes in our system to enable it to accept historic claim batches thanks to the subject matter expertise and ability of developers.”
The long-term solution within CCRS was activated in April 2024. Within one month, it processed more than 5 million claims to clear the backlog that had accumulated since the data breach. These batches of claims underwent thorough testing and review by systems and humans.
“It was important to first process claims in a test environment to check that results were as expected and do our due diligence to ensure that no additional cleanup was going to be needed,” said Elizabeth Curfman, the Tria project manager on Claims Processing System Support.
Following several months of successful claims processing in a test environment, the CCRS long-term solution became fully automated in August 2024. Besides enabling reimbursement of TPAs with limited human oversight, the automated long-term solution allows VA to receive and process claims in direct collaboration with TPAs.