$2 billion allocated to recovery from healthcare cyberattack


UnitedHealth Group announced more than $2 billion in recovery efforts following the Change Healthcare cyberattack last month. In a press release issued on March 18, 2024, the healthcare conglomerate acknowledged the ramifications of the incident and encouraged affected parties to seek assistance through Optum.

Change Healthcare is also recovering, with the introduction of medical claims preparation software an important step towards restoring services.

This software will be gradually rolled out to thousands of customers in the coming days, with third-party validations expected before full service resumption.

In February 2024, Change Healthcare, a leading US healthcare technology provider, confirmed a cyberattack on its systemsleading to widespread disruptions to health services across the country.

Described as an “enterprise-wide connectivity issue,” the cyber attack prompted the company to take immediate action, including disconnecting its systems to mitigate further impact.

Nonetheless, with the recovery plan underway, the medical facility is progressing toward restoration, which will be executed in stages until all customers are operational again.

Edit updates on healthcare cyberattacks

Andrew Witty, CEO of UnitedHealth Group, was optimistic about the progress being made: “We continue to make significant progress in restoring services impacted by this cyberattack. We know this presents a huge challenge for healthcare providers, and we encourage anyone who needs it to contact us.

Changing Healthcare Cyberattack
Source: UnitedHealth Group

Recent milestones include the restoration of Change Healthcare’s electronic payment platform on March 15, as well as ongoing payer implementation. Additionally, as of March 7, 99% of Change Healthcare pharmacy network services have been restored, and efforts are underway to resolve remaining issues highlighted during the Change Healthcare cyberattack.

“Change Healthcare works across the healthcare system to make clinical, administrative and financial processes simpler and more efficient for payers, providers and consumers. Change Healthcare has encountered a cybersecurity issue and we have several workarounds to ensure provider claims are processed and people have access to the medications and care they need,” the press release reads official.

Additionally, Change Healthcare announced that it has made significant progress in restoring pharmacy network services, reaching 99% functionality. Assurance, its medical claims preparation software, is live, with testing and implementation for the first providers starting March 18.

Reconnection efforts with thousands of providers are underway, aiming for full functionality by the end of the week. Relay Exchange, its largest clearinghouse, should be online soon. Efforts continue through the week of March 25, with no capacity issues expected.

Change Healthcare helps applicants who do not have Relay Exchange connectivity and provides assistance to cash-strapped providers. The security measures of its systems, including Amazon cloud services, have been rigorously strengthened to ensure safety.

UnitedHealth Group shares mitigation strategies

Recognizing the financial pressure on healthcare providers, UnitedHealth Group proactively provided more than $2 billion in advance through various initiatives. Recognizing the fragmented nature of the U.S. healthcare system, the company streamlined access to financial support and suspended certain administrative hurdles, such as prior authorizations for outpatient services and utilization reviews for Medicare Advantage plans.

Healthcare providers seeking financial assistance are encouraged to register with www.optum.com/temporaryfunding for pre-populated funding assistance levels. The organization has also opted for additional support and eligibility requests which can be made through the Temporary Funding Assistance Request Form or by calling 1-877-702-3253.

To ensure transparent communication, UnitedHealth Group will conduct detailed update calls with customers, care providers and their information. security teams. Educational resources, including on-demand webinars, have also been made available to guide providers and customers through the reconnection process and explain temporary financing assistance programs.

The Cyberattack of Change in Healthcare: What Happened?

The cyberattack on Change Healthcare has been confirmed to have been orchestrated by the ALPHV ransomware group, and caused widespread disruption to operations, according to the official announcement. Although the exact method of entry into Change Healthcare’s network remains unknown, ALPHV is known for tactics such as exploiting Microsoft’s Remote Desktop Protocol and brute force Active Directory attacks. The attack, which occurred on February 21, 2024, affected millions of Americans who relied on Change Healthcare services.

Following the attack, Change Healthcare disconnected more than 111 services to limit damage and engaged law enforcement and cybersecurity companies for remediation. The American Hospital Association and the Medical Group Management Association have requested government assistance due to the attack’s impact on health care services.

The attack severely disrupted patient care services, claims processing, hospital finances and revenue cycle management. The U.S. federal government, through agencies like HHS and CMS, has offered assistance to affected organizations.

Efforts are underway to restore connectivity to providers affected by the cybersecurity incident. Optum is facilitating the transition of affected suppliers to its iEDI clearing center over the coming weeks, ensuring continuity of claims and ERA transactions. Change Healthcare has also enabled Rx Connect services and is actively restoring full connectivity for claims traffic.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only and users take full responsibility for their reliance on it. The Cyber ​​Express assumes no responsibility for the accuracy or consequences of the use of this information.

Leave a comment