CareCredit - Women's Health April 2024

UnitedHealth Tackles $14 Billion Claims Backlog From Cyberattack

Change Healthcare will begin processing more than $14 billion in claims following last month’s cyberattack.

UnitedHealth Group (UHG), Change’s parent company, said on its website Friday (March 22) that it expected its biggest clearinghouses to be back online during the weekend, “and we expect more than $14 billion in claims referenced to start flowing soon after.”

The company has spent the last month working to resume services at Change following a breach on Feb. 21 that disrupted the healthcare payment system around the country and prompted a federal investigation.

UnitedHealth said it has made payments of upwards of $2.5 billion so far to offer assistance to healthcare providers impacted by the disruption. 

“We recognize the event has caused different levels of impact among providers; therefore, we continue to offer temporary funding assistance at no cost,” the company said. “We know many providers, especially smaller practices, are struggling, and we encourage those who need further assistance to access these resources.”

The company announced this month that it had restored critical services at Change Healthcare, some three weeks after the attack.

That same week, the U.S. Department of Health and Human Services (HHS)’s Office for Civil Rights (OCR) — which enforces HIPAA privacy, security and breach notification rules — said it was investigating the breach.

“Given the unprecedented magnitude of this cyberattack, and in the best interest of patients and health care providers, OCR is initiating an investigation into this incident,” OCR said in a “Dear Colleague” letter that addresses the incident.

“OCR’s investigation of Change Healthcare and UHG will focus on whether a breach of protected health information occurred and Change Healthcare’s and UHG’s compliance with the HIPAA Rules.”

UnitedHealth has said it would cooperate with the investigation.

PYMNTS this month examined the fallout of the cyberattack, apparently the work of the BlackCat ransomware group.

“Healthcare, like any other segment of the economy, has its own supply chains,” PYMNTS wrote at the time. “And any supply chain needs to have backups, redundancies and emergency measures in place.”

The American Hospital Association has said organizations should use the event to test the security of their own network, and recommended “backup technology which renders the backups ‘immutable’ — unable to be deleted, altered or encrypted.”