The UnitedHealth Group has announced the allocation of over $2 billion in recovery efforts following the Change Healthcare cyberattack that occurred last month. In a press release issued on March 18, 2024, the healthcare conglomerate acknowledged the ramifications of the incident and encouraged affected parties to seek assistance through Optum.
Change Healthcare is also in the process of recovery, with the introduction of medical claims preparation software being a significant step towards service restoration.
This software will be gradually implemented for thousands of customers in the coming days, with third-party validations anticipated before full-service resumption.
In February 2024, Change Healthcare, a prominent U.S. healthcare technology provider, confirmed a cyberattack on its systems, resulting in widespread disruptions to healthcare services nationwide.
Described as an “enterprise-wide connectivity issue,” the cyberattack prompted immediate measures from the company, including the disconnection of its systems to mitigate further impact.
Nevertheless, with the ongoing recovery plan, the medical facility is progressing toward restoration, which will be executed in phases until all customers are operational again.
Change Healthcare Cyberattack Updates
Andrew Witty, CEO of UnitedHealth Group, expressed optimism about the progress made: “We continue to make significant progress in restoring the services impacted by this cyberattack. We know this has been an enormous challenge for healthcare providers, and we encourage any in need to contact us.”
Recent milestones include the restoration of Change Healthcare’s electronic payments platform on March 15, along with ongoing payer implementations. Additionally, as of March 7, 99% of Change Healthcare pharmacy network services have been restored, with efforts ongoing to resolve the remaining issues highlighted during the Change Healthcare cyberattack.
“Change Healthcare works across the health system to make clinical, administrative, and financial processes simpler and more efficient for payers, providers, and consumers. Change Healthcare has experienced a cybersecurity issue, and we have multiple workarounds to ensure provider claims are addressed and people have access to the medications and care they need”, reads the official press release.
Moreover, Change Healthcare announced that it made significant progress in restoring the pharmacy network services, reaching 99% functionality. Assurance, its medical claims preparation software, is operational, with testing and implementation for initial providers starting on March 18.
Reconnection efforts with thousands of providers are ongoing, aiming for full functionality by week’s end. Relay Exchange, its largest clearinghouse, is anticipated to be online soon. Efforts continue into the week of March 25, with no capacity challenges expected.
Change Healthcare is assisting claims submitters lacking Relay Exchange connectivity and providing support for cash-strapped providers. Security measures for its systems, including Amazon cloud services, have been rigorously enhanced to ensure safety.
UnitedHealth Group Shares Mitigation Strategies
Recognizing the financial strain on care providers, UnitedHealth Group has proactively provided over $2 billion in advance through various initiatives. Acknowledging the fragmented nature of the U.S. healthcare system, the company has streamlined access to funding support and suspended certain administrative hurdles, such as prior authorizations for outpatient services and utilization reviews for Medicare Advantage plans.
Care providers seeking financial assistance are encouraged to register at www.optum.com/temporaryfunding for pre-populated funding assistance levels. The organization has also opted for additional support and eligibility inquiries that can be made through the temporary funding assistance inquiry form or by calling 1-877-702-3253.
To ensure transparent communication, UnitedHealth Group will host detailed update calls with customers, care providers, and their information security teams. Educational resources, including on-demand webinars, have also been made available to guide providers and customers through the reconnection process and explain the temporary funding assistance programs.
The Change Healthcare Cyberattack: What Happened?
The cyberattack on Change Healthcare was confirmed to be orchestrated by the ALPHV ransomware group, and caused widespread disruption to operations, according to the official announcement. While the exact method of entry into Change Healthcare’s network remains undisclosed, ALPHV is known for tactics such as exploiting Microsoft’s remote desktop protocol and Active Directory brute-force attacks. The attack, which occurred on February 21, 2024, affected millions of Americans relying on Change Healthcare’s services.
Following the attack, Change Healthcare disconnected over 111 services to contain the damage and engaged law enforcement and cybersecurity firms for remediation. The American Hospital Association and the Medical Group Management Association sought government assistance due to the attack’s impact on healthcare services.
The attack severely disrupted patient care services, claims processing, hospital finances, and revenue cycle management. The U.S. federal government, through agencies like HHS and CMS, offered assistance to affected organizations.
Efforts are underway to restore connectivity for providers affected by the cybersecurity incident. Optum is facilitating the transition of affected providers to its iEDI Clearinghouse over the next few weeks, ensuring continuity of claims and ERA transactions. Change Healthcare has also activated Rx Connect services and is actively restoring full connectivity for claim traffic.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.