UnitedHealth’s response to ongoing problems from a ransomware attack are being criticized by the American Hospital Association (AHA) and American Medical Association (AMA). Both organizations have issued letters or press releases.
Modern Healthcare reports:
AHA President and CEO Richard Pollack said Change Healthcare parent company UnitedHealth Group’s temporary loan program misses the mark in a letter sent Monday to UnitedHealth Group President and Chief Operating Officer Dirk McMahon. Pollack criticized the initiative for what he described as its limited eligibility criteria and unfair contract terms and conditions.
“Regrettably, the Temporary Funding Assistance Program that your company announced on Friday is not even a band-aid on the payment problems you identify,” Pollack said on behalf of the association’s members.
While AHA calls on Congress, the AMA is calling on HHS:
As the cyber-takedown of Change Healthcare has forced medical practices to go without revenue for a twelfth day, the American Medical Association (AMA) urged U.S. Department of Health and Human Services (HHS) Secretary Xavier Becerra to use all its available authorities to ensure that physician practices can continue to function, and patients can continue to receive the care that they need.
An AMA letter (PDF) sent to Secretary Becerra outlines ongoing concerns of physicians amidst the cybersecurity incident that has impacted Change Healthcare and the unprecedented disruptions that have severely hampered physicians’ ability to care for patients.
“This massive breach and its wide-ranging repercussions have hit physician practices across the country, risking patients’ access to their doctors and straining viability of medical practices themselves,” said AMA President Jesse M. Ehrenfeld, M.D., M.P.H. “Against the backdrop of persistent Medicare cuts, rising practice costs and spiraling regulatory burdens, this unparalleled cyberattack and disruption threatens the viability of many practices, particularly small practices and those in rural and underserved areas. This is an immense crisis demanding immediate attention.”
Yesterday, an affiliate of the BlackCat ransomware group went public with claims that Change Healthcare paid $22 million to get a decryptor and to secure their data would be deleted, but the money was not given to the affiliate who had earned it. It was allegedly drained from the crypto wallet by BlackCat administration who suspended the affiliate from their account and access. The affiliate claims that they still have a copy of the data BlackCat had sworn to delete if they were paid.
The news about BlackCat’s alleged treachery means that BlackCat, whose servers had been seized in December, never really recovered from the law enforcement action and is taking some money and running. Someone associated with BlackCat informed DataBreaches.net that although they were an admin for BlackCat, they, too, had been locked out of some things and had left the group. DataBreaches.net was told to expect a re-branding of BlackCat and for more victims of BlackCat to be re-extorted. Change Healthcare did not provide a substantive response to inquiries about the developments.