Read from Biden-Harris administrations’ follow-up meeting with insurers on change healthcare cyber attack

Leaders from HHS, the White House and health insurance companies met to discuss ways to mitigate the harm to patients and providers caused by the cyber attack.

On Monday, March 18, US Department of Health and Human Services (HHS) Secretary Xavier Becerra and Assistant Secretary Andrea Palm led a meeting of payers to discuss concrete actions to mitigate harm to patients and providers caused by the cyber attack at Change Healthcare. White House Domestic Policy Advisor Neera Tanden and White House Deputy National Security Advisor (DNSA) for Cyber ​​and Emerging Technologies Anne Neuberger and others from the federal government also participated. This was a follow up to last weeks meeting.

Since the last meeting, HHS surveyed payers for data and information related to the actions they were taking to help providers address issues arising from the cyber attack. HHS teams worked over the weekend to review the responses.

During the meeting, Secretary Becerra and Director Tanden discussed adjustments made to improve claims processing, but urged more support for providers who continue to be in need, especially those serving vulnerable populations, rural hospitals and smaller institutions. They made it clear that the government and the private sector must continue work together to help providers make payroll and provide timely care to the American people.

Deputy Secretary Palm acknowledged continued progress in restoring claims processing and urged insurers to target advanced payments to small, rural and safety net health care providers who still have cash flow concerns.

DNSA Neuberger noted the interconnectedness of the national healthcare ecosystem and the urgency of strengthening cybersecurity resilience across the sector. He urged insurers to implement voluntary HPH cyber performance targets (CPGs). Noting that many payers and providers will require third-party certification of Change Healthcares cybersecurity system before reconnecting, he encouraged United Health Group (UHG) to communicate to providers about efforts to ensure secures claims systems and the timeline for these third-party assessments.

Secretary Becerra and Deputy Secretary Palm also urged United Health Group (UHG) to connect providers with the necessary supports. Director Tanden urged insurers to assess their own data to determine which providers need additional support and engage them directly.

Representatives from participating insurance providers provided updates on their efforts to date and outlined specific actions they will take to resolve outstanding issues. HHS and White House leadership pressed insurers to be targeted and specific in pursuing solutions, including increasing advanced payments where needed to providers and communities still in need.

List of participants from the Administration:

  • HHS Secretary Xavier Becerra
  • HHS Under Secretary Andrea Palm
  • Neera Tanden, White House domestic policy adviser
  • Anne Neuberger, White House Deputy National Security Advisor for Cyber ​​and Emerging Technology
  • Chiquita Brooks-LaSure, Administrator, Centers for Medicare and Medicaid Services (CMS)
  • Jonathan Blum, Principal Deputy Administrator and Chief Operating Officer, CMS
  • Melanie Fontes Rainer, Director of the HHS Office of Civil Rights
  • Brian Mazanec, Deputy Assistant Secretary and Assistant Director for Readiness, Administration for Strategic Readiness and Response
  • Bertha Alisia Guerrero, director of the Office of Intergovernmental and Foreign Affairs

List of stakeholders participants:

  • Alliance for Community Health Plans (ACHP)
  • American Health Insurance Plans (AHIP)
  • AmeriHealth Caritas
  • Association of Plans Affiliated to the Community (ACAP)
  • Blue Cross Blue Shield Association (BCBSA)
  • Hundred
  • The Cigna Group
  • CVS Health/Aetna
  • Elevation
  • Corporation of Health Services
  • human
  • Kaiser Permanente
  • Medicaid America’s Health Plans (MHPA)
  • Molina
  • UnitedHealth Group

These efforts are part of HHS’s broader cybersecurity strategy. HHS continues to urge everyone to implement the CPGs listed above designed to help healthcare organizations strengthen cyber preparedness, improve cyber resiliency, and ultimately protect patient information and health security.

HHS actions to change health care to date

Once the US Department of Health and Human Services (HHS) was notified of the February 21, 2024 cyber attack on healthcare systems, HHS acted to address the impacts. Below are additional key actions taken by HHS since the last reading on Tuesday, March 12.

Additional key actions:

  • On March 13, CMS released a set of answers to frequently asked questions about the availability of accelerated and advance payments for Part A and Part B providers and suppliers, respectively.
  • On March 13, HHS sent a survey to healthcare payers who participated in a March 12 call about the Change Healthcare cybersecurity incident.
  • On March 13, the HHS Office for Civil Rights (OCR) issued a Dear Colleague letter addressing the cybersecurity incident that affected Change Healthcare, a unit of UnitedHealthcare Group (UHG), and many other healthcare entities . Given the unprecedented size of the attack and the public interest, OCR announced in the letter that it has opened an investigation into the cyberattack on Change Healthcare and United Health. The letter also made it clear to the thousands of other covered entities affected by the breach that they are not targeted by OCR. OCR enforces the HIPAA Security Rule, which is law enforcement’s tool for departments to protect protected health information from cyber attacks.
  • On March 15, CMS reopened the 2023 Merit-Based Incentive Payment System (MIPS) Extreme Uncontrollable Circumstances (EUC) Exception Application to provide relief to physicians affected by this cybersecurity incident in the deadlines for reporting requirements.
  • On March 15, CMS announced important flexibilities to help state Medicaid agencies provide needed relief to Medicaid providers and protect access to health care coverage. In particular, CMS announced flexibilities to ensure states can begin making interim payments to providers affected by the Change Healthcare cybersecurity incident.

#Read #BidenHarris #administrations #followup #meeting #insurers #change #healthcare #cyber #attack
Image Source :

Leave a Comment