Home Article OCR investigates Change Healthcare cyberattack

OCR investigates Change Healthcare cyberattack

By HME News Staff

Updated 8:55 AM CDT, Thu March 14, 2024

WASHINGTON – The Office of Civil Rights, which administers and enforces HIPAA private, security and breach notification rules, has announced that it will investigate the cyberattack on Change Healthcare to determine whether patient health information was compromised.

The agency will also investigate whether Change Healthcare and UnitedHealth Group were compliant with HIPAA rules.

“We are committed to ensuring access to care, while enforcing laws that bolster patient privacy and security,” the agency stated. “Safeguarding protected health information is a top priority.”

OCR reminded health care providers, health plans and business associates tied to or impacted by the attack that, while they are of “secondary” concern, they also have regulatory obligations and responsibilities, including ensuring that business associate agreements are in place and that timely breach notification to the U.S. Department of Health and Human Services and affected individuals occurs as required by HIPAA rules.

The agency also provided links to a number of resources to help these entities protect their records systems and patients from cyberattacks, including factsheets, webinars and videos.

Comments

To comment on this post, please log in to your account or set up an account now.

Sponsored Stories

SOS Achieves Remarkable 400% Growth in 2023, Bolsters Team with Director Appointment

By Strategic Office Support

Cyber Siege: The Financial Vulnerability Healthcare Didn't See Coming

By Strategic Office Support

A new staffing model that delivers ready-to-work pros, boosting efficiency and lowering costs.

By Tactical Back Office

3 Best Practices for Surviving an Audit as a DME Supplier

By John Koch, COO and co-founder, MediStreams

OCR investigates Change Healthcare cyberattack

Sponsored Stories

Related Articles