Healthcare Finance News May 21, 2024
Susan Morse

AMA and others want HHS to affirm that UnitedHealth Group alone bears responsibility for notifying patients of potentially stolen PHI.

The American Medical Association and more than 100 other medical organizations are asking for official affirmation that providers are not responsible for HIPAA reporting requirements due to the Change Healthcare cyberattack.

In a joint letter to Health and Human Services Secretary Xavier Becerra, the AMA and other health groups want Becerra and the Office of Civil Rights officials to confirm that no other entity other than Change or parent companies Optum and UnitedHealth Group bear responsibility for legal reporting, including notifying the countless number of patients who may have had their personal information stolen in the February ransomware attack.

While...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, HHS, HIPAA, Insurance, Payer, Provider, Technology
Related Articles:
Feds warn of Ghost ransomware targeting healthcare
1 year later: The Change Healthcare cyberattack and its lasting impact on healthcare
A Proactive Blueprint For Modern Cybersecurity
FBI Says Backup Now—Advisory Warns Of Dangerous Ransomware Attacks
How A Security Incident Response Plan Saves Money In Case Of A Cyberattack

Share This Article