Agencies urge UHG, others to step up aid to providers after cyberattack 

Mar 11, 2024 - 03:01 PM
FDAcybersecurity

In a letter March 10 to health care providers, the departments of Health and Human Services and Labor called on UnitedHealth Group to expedite payments and provide greater transparency to health care providers impacted by the recent cyberattack on its Change Healthcare unit. The departments also called on other commercial insurance companies and payers to make interim payments and ease administrative burdens for impacted providers.

“We welcome the letter from the Department of Health and Human Services and Department of Labor that recognizes the unprecedented nature of the Change Healthcare cyberattack and its far-reaching impacts on hospitals, physicians and the health care sector,” said AHA President and CEO Rick Pollack. “We particularly appreciate the federal government’s call on UnitedHealth Group for increased transparency about this incident and urging the company to step up to take needed actions to provide meaningful payments to hospitals, physicians and other providers so that they can continue timely care for patients.

“It’s critical that all payers help providers during this incident to ensure patient care is not compromised. That includes easing administrative burdens, pausing prior authorizations and requirements on timely billing, and providing advanced payments to hospitals and physicians, among other things, until this issue is fully resolved. Just like the impacted providers, these payers are not responsible for the cyberattack; however, as hospitals and doctors have not wavered from their responsibility to care for their patients despite significant hardship, all payers must too honor their responsibility to support hospitals, physicians and patients for care delivered without delay.

“We recognize that the federal government does have statutory limitations to require private payers to take all the actions that may be needed, and Congress may need to take specific steps to ensure the health care system is not disrupted for patients. We will continue to work with Congress and policymakers as the impacts from the cyberattack persist.”

On March 9, the Centers for Medicare & Medicaid Services released additional information on Medicare Accelerated and Advance Payments for hospitals, physicians and other providers impacted by the Change Healthcare cyberattack, including eligibility requirements, repayment terms and how their Medicare Administrative Contractor will determine the payment amount. 
 

Related News Articles

Headline
Agencies issue advisory on threat of China-based cyber group 
A joint advisory issued the week of July 8 by the Cybersecurity and Infrastructure Security Agency, National Security Agency, FBI and several international…
Headline
AHA comments on CIRCIA’s cyber incident reporting requirements 
The AHA July 2 submitted comments to the Cybersecurity and Infrastructure Security Agency on its proposed rule establishing reporting requirements for…
Headline
HHS issues cyber alert on critical vulnerability in ‘MOVEit,’ file transfer platform
The Department of Health and Human Services Health Sector Cybersecurity Coordination Center June 27 issued an alert about a critical vulnerability in MOVEit, a…
Headline
Agencies issue joint report on memory safety vulnerabilities in open source projects
A joint report released June 26 by the Cybersecurity and Infrastructure Security Agency, FBI, the Australian Cyber Security Centre and Canadian Centre for…
Headline
Bulletin alerts health sector to cyberthreat exploits on TeamViewer
The Health Information Sharing and Analysis Center June 27 issued a threat bulletin alerting the health sector to active cyberthreats exploiting TeamViewer. H-…
Headline
FBI, HHS issue advisory on cyberthreat actors targeting health care to divert payments
The FBI and Department of Health and Human Services June 24 released an advisory about cyberthreat actors targeting health care organizations in attempts to…