UnitedHealth Group (UHG) advances $2 billion in payments to bail out health providers still struggling in the wake of a February cyberattack – and now several US insurance plans have pledged to do the same.
“We continue to make significant progress in restoring the services impacted by this cyberattack,” said Andrew Witty, CEO of UnitedHealth Group.
“We know this has been an enormous challenge for health care providers and we encourage any in need to contact us,” the CEO said in Monday’s statement.
Additionally, several major health insurance plans told the US Department of Health and Human Services (HHS) on Monday it will accelerate payments to healthcare providers on a case-by-case basis, a move the feds have been pushing for since last week.
The February 21st Change Healthcare attack disrupted healthcare and billing information operations nationwide, “posing a direct threat to critically needed patient care and essential operations of the healthcare industry,” the agency had said.
Temporary Funding for providers in place
To qualify for the insurer funding, providers would have to be in either of the government-funded health programs: Medicare, which covers patients 65 years plus and the disabled, and/or Medicaid, which covers low-income patients.
The unnamed insurance carriers pledged to expedite the loans and help providers switch to other clearing houses. "Claims are starting to flow, and we have seen significant improvement between last week and this week, but we have a last mile to go," one HHS official said to reporters in Washington.
There was no mention of private insurers following suit.
The HHS agency launched an official investigation into UHG – and its health tech subsidiary Change Healthcare – in regards to the hack last week.
The agency said it wants to ensure the healthcare conglomerate stays compliant with HIPAA’s safeguard rules (US Health Insurance Portability and Accountability Act), which are designed to protect patients' electronic health data.
Systems back online
In an update Monday, UHG announced billions in advanced funding to hospitals, medical practices, and other health entities scrambling to financially take care of bills and their employees.
“We've advanced more than $2B to care providers through our Temporary Funding Assistance Program at no cost. We want to help care providers, especially smaller practices, who have been affected by this crisis, UHG stated on its website.
The company also said it has streamlined the insurance approval process for providers when it comes to most outpatient services by suspending prior authorizations and for inpatient services, temporarily eliminating the review process for Medicare Advantage admissions.
The company said it would begin releasing its medical claims software on Monday, which will then become available to "thousands of customers" over the next several days, with its third-party attestations available to providers beforehand.
“Following this initial phase, remaining services restoration will continue through ongoing phases of activation until all customers have been connected,” UHG said.
Change Healthcare’s payments processing and ePrescribing pharmacy network services were restored last week after weeks long nationwide delays following the attack.
The cyberattack on Change Healthcare is thought to have been carried out by the ALPHV/BlackCat ransomware group, which claimed to have exfiltrated 6TB of sensitive data in the attack.
UnitedHealth is also rumored in early March to have paid a $22 million ransom to the gang.
The ALPHV/BlackCat cartel have since slyly exited the ransomware market for the time being – with the entire $22M – to the dismay of its many criminal affiliates.
In an update on the restoration process Friday, Palo Alto’s Unit 42 incident response group said its team had “reviewed and protected a large majority of infrastructure, including the server and application space, and assisted in bringing critical services back online that allowed for more than 9 million prescriptions to be filled.”
Unit 42 and Mandiant experts were brought in by UHG immediately after discovering the breach.
Your email address will not be published. Required fields are markedmarked