Cybersecurity

White House meets with UnitedHealth, industry groups on Change Healthcare cyberattack fallout

Dive Brief:

  • Officials from the White House and the U.S. Department of Health and Human Services held a meeting on Tuesday with UnitedHealth and other industry groups to discuss the cyberattack at Change Healthcare, which has disrupted the healthcare sector for three weeks. 
  • HHS Secretary Xavier Becerra and White House Domestic Policy Advisor Neera Tanden argued the government and the healthcare industry need to work together to support providers, and that insurers should help providers as they face mounting financial strain. 
  • At the roundtable, the Centers for Medicare & Medicaid Services said it will provide guidance to states on how to support Medicaid providers during the ongoing outage at the technology firm, which has impacted claims processing and other critical operations. 

Dive Insight:

The cyberattack on Change, a technology firm owned by insurer UnitedHealth Group, has snarled the healthcare industry since it was first disclosed on Feb. 21. 

Providers have reported a range of challenges since the outage began, including problems receiving payment from patients and insurers, verifying coverage, submitting prior authorization requests and exchanging clinical records.

Change processes 15 billion healthcare transactions each year and touches 1 in 3 patient records nationwide. Last week, UnitedHealth said electronic payments are expected to come back online beginning March 15, and the technology company will start testing its claims network and software on March 18. 

During the meeting, providers noted “gaps” in the response from payers, arguing they need more immediate payment options, direct communication and relaxed billing and claims processing requirements. Administration officials called on payers to cut red tape and offer advance payments and other funding opportunities. 

The CMS has previously rolled out flexibilities, including applications for advanced payments, that aim to keep providers afloat as they face mounting financial strain.

In a letter sent on Monday to the HHS and the Department of Labor, the American Medical Association urged the government to build upon the payment program and address other provider concerns. 

The group asked regulators to build an inventory of health plans that offer advance payments, ensure Medicare administrative contractors accept paper claims and waive deadlines for filing claims and appeals, among other requests. 

Cybersecurity has become a mounting challenge for the healthcare sector. In recent months, the HHS released its strategy to bolster cybersecurity in the industry. Regulators also put out voluntary safeguards for healthcare organizations. 

At the roundtable, Anne Neuberger, White House deputy national security advisor for cyber and emerging technologies, urged the sector to build resilience against attack by implementing the HHS’ voluntary cybersecurity performance goals, noting the “interconnectedness” of the healthcare industry. 

Earlier this week, the Biden administration proposed its fiscal year 2025 budget, which included funds to help hospitals build up their cyber protections, as well as penalties for those that don’t follow requirements.