Healthcare Finance News May 21, 2024
Susan Morse

AMA and others want HHS to affirm that UnitedHealth Group alone bears responsibility for notifying patients of potentially stolen PHI.

The American Medical Association and more than 100 other medical organizations are asking for official affirmation that providers are not responsible for HIPAA reporting requirements due to the Change Healthcare cyberattack.

In a joint letter to Health and Human Services Secretary Xavier Becerra, the AMA and other health groups want Becerra and the Office of Civil Rights officials to confirm that no other entity other than Change or parent companies Optum and UnitedHealth Group bear responsibility for legal reporting, including notifying the countless number of patients who may have had their personal information stolen in the February ransomware attack.


Today's Sponsors


Today's Sponsor


Topics: Cybersecurity, Govt Agencies, Health IT, HHS, HIPAA, Insurance, Payer, Provider, Technology
Modernizing – and Securing – Hospital Technology Infrastructure
Apple’s New AI Security Move Explained
Productivity vs security: How CIOs and CISOs can see eye to eye
Software Projects In 2024: Three Initiatives To Pursue Now And Three To Postpone
US Hospitals Prone to Cyberattacks That Affect Patient Care

Share This Article