The response to the cyberattack on Change Healthcare exemplifies the healthcare industry’s capacity for resilience and adaptability in the face of adversity. UnitedHealth Group’s swift action to restore services, coupled with legislative initiatives aimed at strengthening cybersecurity, reflects a proactive approach to addressing emerging threats. Legal challenges and investigations serve as crucial avenues for accountability and learning, underscoring the industry’s commitment to protecting patient data and upholding cybersecurity standards. As stakeholders collaborate and innovate, the healthcare sector is poised to emerge stronger, more resilient, and better equipped to navigate the evolving landscape of cybersecurity threats.
Amidst the daunting challenges posed by cybersecurity threats, the healthcare industry continues to demonstrate resilience and determination in safeguarding patient data and ensuring uninterrupted care delivery. The recent cyberattack on Change Healthcare, a unit of UnitedHealth Group, underscored the critical need for robust cybersecurity measures. Despite facing significant disruptions, stakeholders have shown remarkable unity and resolve in mitigating the impact of the attack. This paper explores the proactive measures taken by UnitedHealth Group, legislative responses, legal actions, and ongoing investigations, highlighting the industry’s collective efforts to overcome adversity and emerge stronger in the face of cybersecurity threats.
Change Healthcare is set to commence processing a $14 billion backlog of claims as it reinstates its clearinghouse platforms.
UPDATE: March 24 at 1:15 p.m.
In its most recent update regarding the response to the cyberattack on Change Healthcare, UnitedHealth Group announced on Friday that its primary clearinghouse, Relay Exchange, will be operational again by the end of the weekend. Consequently, the company will initiate the processing of $14 billion worth of medical claims.
UnitedHealth Group has also outlined a tentative timeline for the restoration of its systems following the cyberattack on February 21.
This ransomware incident resulted in widespread disruptions in reimbursement and pharmacy services for hospitals, health systems, and medical practices. To date, the company has extended $2.5 billion in assistance to affected providers.
The projected dates provided by the company are based on current information and may be subject to change as further details emerge. UnitedHealth Group emphasized that the reconnection process for products will occur in phases, including launch, testing, and scaled reconnection. It clarified that the absence of a product from the schedule does not imply a delay of more than three weeks. Instead, it indicates that the company is awaiting clarity on the restoration timeline.
As of March 7, UnitedHealth had restored 99% of Change Healthcare’s pharmacy network services. By March 15, Change Healthcare’s electronic payments platform had been reinstated, and payer implementations were underway. Additionally, Assurance, the company’s medical claims preparation software, resumed operations on March 18. Providers are currently progressing through testing and reconnection phases, addressing their respective claim backlogs.
As of March 22, claims totaling over $14 billion in charges have been queued for processing through the Assurance software.
UnitedHealth anticipates that Relay Exchange, its largest clearinghouse, will be back online by the weekend of March 23, accompanied by relevant third-party documentation.
In the upcoming week, UnitedHealth aims to restore Change Healthcare’s eligibility processing capabilities, benefits verification, and authorization determination services, including pharmacy electronic claims for medical purposes through MedRx and its reimbursement manager.
Upon establishing sufficient payer connectivity, UnitedHealth will activate claims processing for Assurance customers automatically. Subsequently, attention will turn to the reactivation of all other Relay Exchange claims submitters. Throughout this process, the company will prioritize establishing payer connectivity to ensure seamless processing for incoming claims.
Looking ahead, the company targets the week of April 1 for the restoration of its clinical exchange service, payer connectivity, and hosted payer services. By April 8, UnitedHealth plans to reinstate its Risk Manager and Health QX products.
UPDATE: March 22 at 3 p.m.
In response to the cyberattack on Change Healthcare, U.S. Sen. Mark Warner, D-Virginia, introduced legislation on Friday proposing financial incentives for healthcare providers to enhance cybersecurity measures.
The Health Care Cybersecurity Improvement Act of 2024 seeks to facilitate advance and accelerated payments to healthcare providers in the event of a cyber incident, provided they meet minimum cybersecurity standards.
Warner emphasized the importance of bolstering cybersecurity in the healthcare sector, particularly in light of the recent attack on Change Healthcare. The proposed legislation aims to incentivize providers and vendors to enhance their cybersecurity posture.
The bill proposes modifications to existing Medicare payment programs to accommodate payments necessitated by cyber incidents, contingent upon compliance with specified cybersecurity standards.
UPDATE: March 20 at 12:54 p.m.
Amid proposed class action lawsuits from patients, providers are also taking legal action against UnitedHealth Group following the cyberattack on Change Healthcare.
Lawsuits have been filed across the country, alleging negligence in cybersecurity protocols and significant financial harm to medical providers. One such lawsuit from California-based Gibbs Law Group represents Bay Area Therapy Group, asserting negligence on the part of the healthcare giant.
Providers like Advanced Obstetrics & Gynecology PC in Mississippi have also filed suits, highlighting financial struggles and potential bankruptcy resulting from payment delays.
Additionally, multiple proposed class actions represent patients who claim financial harm and express concerns over the exposure of personal data.
UPDATE: March 18 at 12:34 p.m.
UnitedHealth Group announced the rollout of medical claims preparation software on Thursday, marking a critical step in restoring services impacted by the cyberattack on Change Healthcare.
The software deployment will extend to thousands of customers in the coming days, with third-party attestations to be provided before full service restoration.
CEO Andrew Witty emphasized the company’s commitment to addressing the challenges posed by the cyberattack and ensuring continued care provision for patients.
Furthermore, UnitedHealth has advanced over $2 billion in payments through relief initiatives following the cyber incident. The company has suspended prior authorizations for outpatient care and is reviewing similar measures for inpatient admissions under Medicare Advantage.
UnitedHealth’s subsidiary, Optum, has launched a how-to video to assist providers in accessing funding assistance programs.
UPDATE: March 14 at 12:09 p.m.
Change Healthcare’s Pharmacy Network has been successfully restored, according to the latest update from UnitedHealth Group.
The company reported that all major pharmacy and payment systems are operational again, with 99% of pre-incident claim volume processing smoothly. However, some challenges persist for specific pharmacy sectors and Medicaid fee-for-service customers.
Additionally, UnitedHealth provided an interim report on its ongoing investigation with Mandiant and Palo Alto Networks to identify the breach’s origins.
UPDATE: March 13 at 4:11 p.m.
The Office for Civil Rights (OCR) has initiated an investigation into Change Healthcare, a unit of UnitedHealth Group, following the February cybersecurity incident.
OCR’s investigation will focus on potential breaches of protected health information and compliance with HIPAA rules. Providers and plans partnered with Change Healthcare are reminded to adhere to business associate agreements and breach notifications.
UPDATE: March 12 at 1:31 p.m.
Federal officials, including HHS Secretary Xavier Becerra, urged UnitedHealth Group and other insurers to provide additional financial support to struggling providers affected by the cyberattack on Change Healthcare.
At a meeting attended by UHG CEO Andrew Witty and provider representatives, officials emphasized the urgency of addressing payment challenges stemming from the attack.
UPDATE: March 7 at 9:30 p.m.
UnitedHealth Group outlined a timeline for restoring Change Healthcare’s systems, indicating progress in reinstating electronic prescribing and claim submission services. Additionally, UnitedHealth extended funding assistance to affected providers through its Temporary Funding Assistance Program.
UPDATE: March 6 at 4:30 p.m.
Lawsuits have emerged in response to the cyberattack on Change Healthcare, with patients seeking class actions over data protection failures. Law firms are exploring potential legal actions against UnitedHealth Group.
UPDATE: Feb. 29 at 11:28 a.m.
Optum confirmed that a cybercrime group called BlackCat or ALPHV is responsible for the cyberattack on Change Healthcare. Efforts to restore impacted systems continue.
UPDATE: Feb. 26 at 1:01 p.m.
Change Healthcare’s cybersecurity incident is expected to extend for at least another day, impacting pharmacies and healthcare services nationwide.
UPDATE: Feb. 23 at 12:37 p.m.
UnitedHealth Group disclosed a suspected nation-state cyber threat behind the attack on Change Healthcare. Efforts to restore affected systems are ongoing.
UPDATE: Feb. 23 at 10:50 a.m.
The American Hospital Association recommends disconnecting from Optum’s services until the cybersecurity incident at Change Healthcare is resolved. The disruption is expected to persist.