Topics
Reimbursement
Elevance, UnitedHealth among insurers accused of alleged price fixing
Elevance, UnitedHealth among insurers accused of alleged price fixing
Revenue Cycle Management
Mary Washington Healthcare latest to outsource revenue cycle 
Mary Washington Healthcare latest to outsource revenue cycle 
Strategic Planning
Two CFOs see promise of AI, but have yet to build a dedicated budget
Two CFOs see promise of AI, but have yet to build a dedicated budget
Capital Finance
Cigna nixes speculation of a Humana merger
Cigna nixes speculation of a Humana merger
Supply Chain
Feds shore up healthcare supply chain in wake of hurricanes Helene and Milton
Feds shore up supply chain in wake of hurricanes
Accounting & Financial Management
Labor expenses continue to challenge hospitals
Labor expenses continue to challenge hospitals
Budgeting
Health system operating margins declined in August
Health system operating margins declined in August
Quality and Safety
US healthcare system ranks last in equity, access
US healthcare system ranks last in equity, access
Billing and Collections
CFPB warns of illegal tactics by medical debt collectors
CFPB warns of illegal tactics by medical debt collectors
Claims Processing
Denials top reason for eroding provider-payer relationship
Denials top reason for eroding provider-payer relationship
Workforce
Elevance laying off 123 California employees
Elevance laying off 123 California employees
Operations
UAB, Press Ganey launch certificate program for healthcare leaders
UAB, Press Ganey launch certificate program for healthcare leaders
Medical Devices
Healthcare chatbots may promote racist misinformation
Healthcare chatbots may promote racist misinformation
Hospital/physician relations
Hospitals, physicians submit opposing views to FTC ruling on noncompetes
Hospitals, physicians submit opposing views to FTC ruling
Construction & Facilities Management
University Hospitals expanding with $3.2 million donation
University Hospitals expanding with $3.2M donation
Compliance & Legal
Johnson and Johnson sues HRSA for blocking 340B plan
J&J sues HRSA for blocking 340B plan
Policy and Legislation
Planned Parenthood, other groups decry executive power in House bill
Planned Parenthood, other groups decry House bill
Community Benefit
AMA pushes for stricter standards for hospital charity care policies
AMA pushes for stricter standards for hospital charity care policies
Accountable Care
NAACOS pushes ACO REACH extension after $1.54B in savings
NAACOS pushes ACO REACH extension
Acute Care
SDOH, tech key to advancing value-based care, says UHG
SDOH, tech key to advancing value-based care
Ambulatory Care
Cleveland Clinic and Amazon One Medical collaborate on primary care clinics
Cleveland Clinic and Amazon One Medical collaborate
Analytics
Interoperability in healthcare moving forward despite challenges
Interoperability in healthcare moving forward despite challenges
Business Intelligence
UPMC, Vanderbilt join Aegis Ventures in digital consortium
UPMC, Vanderbilt join Aegis Ventures in digital consortium
ICD-10 & Coding
Physician practices examine risk adjustment coding in wake of federal lawsuits
Practices keeping close watch on risk adjustment coding
Meaningful Use
Financial disincentives for providers who commit information blocking 
Financial disincentives for providers who commit information blocking 
Medicare & Medicaid
Trump picks Dr. Mehmet Oz to head CMS
Trump picks Dr. Mehmet Oz to head CMS
Patient Engagement
HHS, Illinois reach agreement on disability rights laws
HHS, Illinois reach agreement on disability rights
Pharmacy
CerpassRx, Waltz team on AI platform to manage specialty drug spend
CerpassRx, Waltz team on AI to manage specialty drug spend
Population Health
Reproductive care, including abortion, facing challenges
Reproductive care, including abortion, facing challenges
Risk Management
UPMC for You partners to offer Medicaid redetermination coverage in laundromats
UPMC for You offers Medicaid redetermination coverage in laundromats
Telehealth
Telehealth prescribing of controlled drugs extended through 2025
Telehealth prescribing of controlled drugs extended
Mergers & Acquisitions
Cardinal Health set to acquire two companies for combined $3.9B
Cardinal Health set to acquire two companies for combined $3.9B
View more
Mar 19 More on Operations

HHS seeks input from payers on Change cyberattack response

HHS surveyed payers for data relating to actions they were taking to help providers resolve issues.

Jeff Lagasse, Editor

Photo: Weiquan Lin/Getty Images

U.S. Department of Health and Human Services Secretary Xavier Becerra and Deputy Secretary Andrea Palm convened a meeting of payers on Monday to discuss actions they could take to mitigate the harm caused by the Change Healthcare cyberattack.

In the follow-up to another meeting last week, White House Domestic Policy Advisor Neera Tanden and White House Deputy National Security Advisor (DNSA) for Cyber and Emerging Technologies Anne Neuberger, and others from the federal government, also participated.

Since the last meeting, HHS surveyed payers for data and information relating to actions they were taking to help providers resolve issues stemming from the cyberattack. The teams then worked over the weekend to review the responses.

During the meeting, Becerra and Tanden discussed the adjustments made to improve claims processing, but urged more support to providers who remain in need, particularly those serving vulnerable populations, rural hospitals and smaller institutions. They made clear the government and private sector must continue to work together to help providers make payroll and deliver timely care.

Palm acknowledged steady progress in reestablishing claims processing, and urged insurers to target advanced payments to small, rural and safety net healthcare providers who are still voicing concerns over cash flow.

Neuberger noted the interconnectedness of the domestic healthcare ecosystem and the urgency of strengthening cybersecurity resilience across the sector, and urged insurers to implement HHS' voluntary HPH Cyber Performance Goals (CPGs). Saying many payers and providers will require third party certification of the cybersecurity of Change Healthcare's system before reconnecting, she encouraged UnitedHealth Group (UHG) to communicate to providers about efforts to safely secure claims systems and the time frame for those third-party assessments.

Becerra and Palm also urged UHG to connect providers to needed supports. Tanden urged insurers to assess their own data to determine which providers are in need of additional support, and to directly engage them.

Representatives from the participating insurers offered updates on their efforts to date and outlined specific actions they will be taking to resolve outstanding issues. HHS and White House leadership pressed insurers to be targeted and specific in carrying out solutions, including increasing advanced payments where needed to the providers and communities still most in need.

WHAT'S THE IMPACT?

Late last week, Dr. Jesse Ehrenfeld, president of the American Medical Association criticized insurer group AHIP's lack of response to the cyberattack.

"It is dumbfounding that following weeks of silence and a lack of assistance to struggling practices in the wake of the Change Healthcare cyberattack, AHIP's response is a 'business as usual' approach to prior authorization," said Ehrenfeld. This approach is particularly galling since service outages have exacerbated the administrative burdens and care delays already associated with this process. Prioritizing profits over the stability and solvency of our care delivery system starkly contrasts with the Biden Administration's appeal to health plans to 'meet the moment.'"

HHS was notified of the cyberattack on Change Healthcare systems on February 21. HHS and other federal agencies have taken a number of actions since:

  • On March 13, the Centers for Medicare and Medicaid Services released a set of answers to Frequently Asked Questions regarding the availability of accelerated and advance payments for Part A and Part B providers and suppliers, respectively. 
  • On March 13, HHS sent a survey to payers that participated in a March 12 convening on the Change Healthcare cybersecurity incident. 
  • On March 13, HHS' Office of Civil Rights (OCR) issued a "Dear Colleague" letter addressing the cybersecurity incident impacting Change Healthcare, a unit of UHG, and other healthcare entities. Given the unprecedented size of the attack and public interest, OCR announced in the letter that it opened an investigation of the cyberattack on Change Healthcare and United Health. The letter also made clear to the thousands of other covered entities affected by the breach that they are not OCR's target. OCR enforces the HIPAA Security Rule, which is the department's law enforcement tool to safeguard protected health information from cyberattacks.
  • On March 15, CMS reopened the 2023 Merit-based Incentive Payment System (MIPS) Extreme and Uncontrollable Circumstances (EUC) Exception Application to provide relief to clinicians impacted by the cybersecurity incident on reporting requirement time frames.  
  • On March 15, CMS announced flexibilities to help state Medicaid agencies provide needed relief to Medicaid providers and protect access to healthcare coverage. In particular, CMS announced flexibilities to ensure that states can start making interim payments to providers affected by the Change Healthcare cybersecurity incident.

THE LARGER TREND

Minnesota Hospital Association and Minnesota Attorney General Keith Ellison said this week that scammers are taking advantage of the Change Healthcare cyberattack to steal credit card information. People claiming to be representatives from various healthcare providers are telling patients they will receive refunds if they provide their credit card number, said the notice from the Minnesota AG's office.

Some of the scam reports involve alleged payments, rebates or refunds related to drugs or other health services, the MHA said.

In its latest update, Change, owned by Optum, a subsidiary of UnitedHealth Group said, "We are working to restore access for providers that lost claims and ERA connectivity during the Change Healthcare cybersecurity issue. Over the next several weeks, Optum is working with government payers and intermediaries to transition providers enrolled in Change Healthcare connections to the Optum iEDI Clearinghouse (Exchange claims and ERAs, Change Healthcare OKC Clearinghouse claims and ERAs, Assurance Reimbursement Management, Revenue Performance Advisor). This transition includes both claims and ERA transactions. Our payers will maintain dual enrollment for claims to ensure an easy transition as our platforms come online."

Change said it was enabling for customers the Rx CardFinder Service.

"We have completed standing up a new instance of Change Healthcare's Rx CardFinder Service in a new environment," Change said. "Testing was successful with Surescripts and Relay Health on both commercial and TROOP queries. As a result, we are enabling this service for all customers effective 6 p.m. CT, Friday, March 15."

It has launched a new instance of the Rx Connect (Switch) service and is actively working to restore full service and connectivity claim traffic. Rx Connect, Rx Edit, and Rx Assist are now expected to be enabled and available for customers who have configured direct internet access connectivity.
 

Jeff Lagasse is editor of Healthcare Finance News.
Email: jlagasse@himss.org
Healthcare Finance News is a HIMSS Media publication.

News
Healthcare organizations ask HHS to delay quality measure reporting for ACOs Healthcare organizations ask HHS to delay quality measure reporting for ACOs The American Hospital Association and American Medical Association are among the 11 organizations signing the letter.