MGMA asks HHS to help mitigate impact of Change’s cybersecurity attack | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Photo: skaman306/Getty Images

MGMA, the Medical Group Management Association, said it is getting alarming feedback about how physician practices have been impacted by the Change Healthcare cybersecurity attack.

Change confirmed today that ALPHV/Blackcat perpetrated the cybercrime.

MGMA has sent a letter to the Department of Health and Human Services asking for guidance, financial resources and enforcement discretion to avoid an escalation of what it called the harmful impact on medical groups. 

“Given the size of Change Healthcare and the breadth of services it provides to physician groups and the healthcare sector, the fallout from this malicious cyberattack is rippling across the country,” MGMA told HHS Secretary Xavier Becerra in the February 28 letter.

The full extent of the cyberattack and a comprehensive understanding of its effects on the healthcare system currently remain unknown, MGMA said.
Issues include:

  • Substantial billing and cash flow disruptions, such as a lack of electronic claims processing; 
  • Delays in both paper and electronic statements;
  • Some groups going without any outgoing charges or incoming payments for the duration of the outage;
  • Limited or no electronic remittance advice from health plans with groups having to manually pull and post from payer portals;
  • Prior authorization submissions that have been rejected or have not been transmittable at all. This further exacerbates what is routinely ranked the number one regulatory burden by medical groups and jeopardizes patient care, MGMA said.
  • Groups have been unable to perform eligibility checks for patients.
  • Many electronic prescriptions have not been transmitted, resulting in call-in prescriptions to pharmacies or paper prescriptions for patients. Subsequently, patients’ insurance information cannot be verified by pharmacies, and they are forced to self-pay or go without necessary medication.
  • Lack of connectivity to important data infrastructure needed for success in value-based care arrangements, and other health information technology disruptions.


MGMA is asking Becerra to have HHS use all the tools at its disposal to mitigate the impacts, so medical groups do not have to take drastic actions to remain in operation. 

“Physician groups have been diligently instituting workarounds for issues that have arisen but given the already significant financial constraints practices are facing — ongoing cuts to Medicare reimbursement, high inflation, staffing shortages — significant delays in payment and other impediments could further weaken their ability to operate,” MGMA said. “Overall, most practices (especially those outside of health systems) have a line of credit, but many don’t carry reserves from year to year given their tax status. Credit is essential at the beginning of the year before practices are able to accrue enough revenue to pay salaries and expenses. The timing could not be worse.”

MGMA represents more than 15,000 group medical practices ranging from small private medical practices to large national health systems, representing more than 350,000 physicians. 


Change Healthcare, which was acquired by Optum in 2022, reported a cyberattack on February 21 and disconnected its systems.

The American Hospital Association then advised affected hospitals to disconnect from Optum.

The Optum Status Report has ssserted that “based on its ongoing investigation, there’s no indication that except for the Change Healthcare systems, Optum, UnitedHealthcare and UnitedHealth Group systems have been affected by this issue.” 

It said in an update that some applications are experiencing connectivity issues.

“Our experts are working to address the matter and we are working closely with law enforcement and leading third-party consultants, Mandiant and Palo Alto Network, on this attack against Change Healthcare’s systems. We are actively working to understand the impact to members, patients and customers. 

Email the writer: [email protected]


Click Here For The Original Source.

National Cyber Security