The Department of Health & Human Services announced this week that it will investigate the recent cyberattack on UnitedHealth Group's (UHG's) Change Healthcare, given "the unprecedented magnitude" of the breach, according to the agency. The investigation is being led by HHS's Office for Civil Rights, which enforces HIPAA rules.
"The cyberattack is disrupting health care and billing information operations nationwide and poses a direct threat to critically needed patient care and essential operations of the health-care industry," the agency said in a letter announcing the probe. The office asked organizations associated with Change or UnitedHealth to notify HHS of any potential breaches as required by health privacy rules.
"In close to 90% of the cases where there has been a civil money penalty or settlement related to HIPAA Security Rule violations, a primary violation involved failure to conduct risk analysis," according to office's latest guidance.
Complete your profile to continue reading and get FREE access to BenefitsPRO, part of your ALM digital membership.
Your access to unlimited BenefitsPRO content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking benefits news and analysis, on-site and via our newsletters and custom alerts
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical converage of the property casualty insurance and financial advisory markets on our other ALM sites, PropertyCasualty360 and ThinkAdvisor
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.