Healthcare Finance News May 21, 2024
Susan Morse

AMA and others want HHS to affirm that UnitedHealth Group alone bears responsibility for notifying patients of potentially stolen PHI.

The American Medical Association and more than 100 other medical organizations are asking for official affirmation that providers are not responsible for HIPAA reporting requirements due to the Change Healthcare cyberattack.

In a joint letter to Health and Human Services Secretary Xavier Becerra, the AMA and other health groups want Becerra and the Office of Civil Rights officials to confirm that no other entity other than Change or parent companies Optum and UnitedHealth Group bear responsibility for legal reporting, including notifying the countless number of patients who may have had their personal information stolen in the February ransomware attack.

While...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, HHS, HIPAA, Insurance, Payer, Provider, Technology
Related Articles:
The Hidden Cost Savings of Security Risk Assessments in Healthcare
The Cybersecurity Cat-And-Mouse Game
Vice President Harris' track record provides tea leaves for her potential cyber agenda
iOS 18—New iPhone Security And Privacy Features Arriving In Days
The changing role of chief privacy officers

Share This Article