Healthcare Finance News May 21, 2024
Susan Morse

AMA and others want HHS to affirm that UnitedHealth Group alone bears responsibility for notifying patients of potentially stolen PHI.

The American Medical Association and more than 100 other medical organizations are asking for official affirmation that providers are not responsible for HIPAA reporting requirements due to the Change Healthcare cyberattack.

In a joint letter to Health and Human Services Secretary Xavier Becerra, the AMA and other health groups want Becerra and the Office of Civil Rights officials to confirm that no other entity other than Change or parent companies Optum and UnitedHealth Group bear responsibility for legal reporting, including notifying the countless number of patients who may have had their personal information stolen in the February ransomware attack.

While...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, HHS, HIPAA, Insurance, Payer, Provider, Technology
Related Articles:
A unified front: Cybersecurity's role in healthcare operations and patient safety | Viewpoint
3 leadership lessons we can learn from ethical hackers
Demonstrating Cybersecurity ROI: How To Get The C-Suite On Board With Zero Trust
Hospital cybersecurity spend to rise in 2025: 4 details
GAO: HHS falls short on healthcare cybersecurity

Share This Article