OSP News

Change Healthcare Cybersecurity Incident

Posted: 03/19/2024

This is a compilation of communications that The Michigan State Medical Society (MSMS) has received regarding the Change Healthcare cyberattack on February 21, 2024. You may have received some of this information directly from health plans or the Centers for Medicare & Medicaid Services (CMS).

CMS has met with health plans, physicians/providers, and suppliers to hear about their most pressing concerns. CMS has directed Medicare Administrative Contractors (MACs) to expedite actions needed for physicians/providers and suppliers to change the clearinghouse they use and to accept paper claims if physicians/providers need to use that method. CMS will continue to respond to physicians/providers and suppliers’ inquiries regarding MAC processes.

CMS also recognizes that many Medicaid physicians/providers are deeply affected by the impact of the cyberattack. CMS continues to work closely with States and are urging Medicaid managed care plans to make prospective payments to impacted physicians/providers, as well.

CMS has created a fact sheet that outlines eligibility requirements for accelerated and advanced payments. Wisconsin Physician Services (WPS) issued a Medicare eNews on March 4, 2024, providing options to physicians/providers for submitting Medicare claims to WPS.

CMS also has created an FAQ relating to the payment disruption.

The American Medical Association (AMA) sent a letter to Secretary Becerra and Acting Secretary Su urging HHS and the Department of Labor (DOL) to use all regulatory flexibilities to continue supporting physicians and tackle the enormous interruption in day-to-day physician practice operations that has impeded physicians’ ability to care for patients. The AMA also created a dedicated webpage on this issue, which you are encouraged to visit as it is being regularly updated as information becomes available.

Health Alliance Plan (HAP) is using Availity to accept claims as a temporary clearinghouse during the Change Healthcare outage, for HAP Commercial and Medicare Advantage claims. If you are interested in establishing a connection with Availity, you can find more information here.

Physicians can submit claims to Physicians Health Plan (PHP) through the Trizetto Provider Solutions (TTPS) clearinghouse.

United Health Group (UHG) has created a website to provide updates on the cyberattack.

Change Healthcare is posting updates on the status of the cyberattack.

Just recently, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced it has opened an investigation into the Change Healthcare cyberattack.

OCR enforces the HIPAA Privacy, Security, and Breach Notification Rules, which sets forth the requirements that HIPAA covered entities and their business associates must follow to protect the privacy and security of protected health information and the required notifications to HHS and affected individuals following a breach.

The CMS is continuing to monitor and assess the impact that the cyberattack on UnitedHealth Group’s subsidiary Change Healthcare has had on all physician/provider and supplier types.

We value your privacy. We use cookies and other technologies to keep the web site reliable and secure, tailor your experience, and measure web site performance, as described in our Privacy Policy.


OSP Technical Support