The U.S. Department of Health and Human Services (HHS) acknowledges the cybersecurity incident that impacted Change Healthcare, a unit of UnitedHealth Group, in late February. Recognizing the widespread effects on healthcare operations, HHS prioritizes coordination to minimize disruptions in the healthcare system. HHS collaborates with UHG leadership, state partners, and external stakeholders, leading interagency efforts with entities like the FBI and CISA to provide credible threat intelligence. Amid concerns raised by healthcare providers regarding cash flow disruptions due to the inability to submit claims, HHS takes immediate steps through the Centers for Medicare & Medicaid Services (CMS) to assist providers and ensure continuous patient service.
CMS offers flexibilities, including expediting electronic data interchange (EDI) enrollment for Medicare providers changing clearinghouses, encouraging payers to waive or expedite solutions, and issuing guidance to Medicare Advantage organizations and Part D sponsors. Additionally, CMS advises Medicaid and CHIP managed care plans to adopt similar strategies. Providers experiencing difficulties in filing claims are urged to contact their respective MACs, with CMS prepared to accept paper claims if necessary. The announcement emphasizes the interconnectedness of the healthcare ecosystem, underlining the need to enhance cybersecurity resilience. HHS reiterates its commitment to ongoing communication with the healthcare sector and collaboration with UHG to address the incident effectively.
