Some Change Healthcare systems have been operational since Friday, and others will be online by mid-March as the response continues to cyberattacks that have disrupted operations for weeks, according to an update from the parent company UnitedHealth Group.
“UnitedHealth Group continues to make substantial progress to mitigate the impact on consumers and healthcare providers of the unprecedented cyberattack on the U.S. healthcare system and Change Healthcare’s claims and payment infrastructure,” UnitedHealth said in a press release. statement posted Thursday evening.
Change Healthcare’s e-prescription services for pharmacies are “now fully functional,” said UnitedHealth, which owns the company through its Optum division. Pharmaceutical claims submission and payment transmission are available, the release said.
Other aspects of the Change Healthcare system still need work after a cyberattack in late February disrupted it and caused problems all over the country for pharmacies, hospital systems, physician networks and other healthcare organizations. Users were unable to properly request and receive insurance payments.
The broader payment platform will work again on March 15, UnitedHealth said. As for its medical claims technology, officials plan to “begin testing and re-establish connectivity” during the week of March 18.
“We are committed to providing relief to those impacted by this malicious attack on the U.S. healthcare system,” Andrew Witty, CEO of UnitedHealth, said in the statement. “At UnitedHealth Group, we all feel a deep sense of responsibility in recovery and work tirelessly to ensure that providers can care for their patients and run their practices, and that patients can get their medications. We are determined to remedy this situation as quickly as possible.
UnitedHealth also said it would continue to provide financial support to users. Large healthcare providers reported cash flow problems hundreds of millions of dollars because they were unable to receive payments for their claims.
The statement did not include information about the investigation into the attack, which the company has blame on the AlphV/BlackCat ransomware group.
Company officials continued to refuse to comment whether the company paid a ransom. Reports indicate that the cybercriminal gang may have received a $22 million payment.
AlphV/BlackCat, meanwhile, has come under scrutiny as cybersecurity experts noticed activity earlier this week suggesting executives were trying to launch an elaborate scam on group affiliates.
The incident continues to attract Washington’s attention. Senators wrote Friday to leaders of the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services (HHS) to request that the agencies create “enhanced contingency plans for outages within the healthcare ecosystem health” and expand public-private activities Joint Cyber Defense Collaboration (JCDC) “to ensure that key healthcare entities proactively receive actionable threat intelligence.”
Future saved
Intelligence cloud.