(Reuters) – The Department Of Health and Human Services has opened an investigation into UnitedHealth Group following a cyberattack on its unit Change Healthcare, it said on Wednesday.
The probe would focus on identifying the extent of the breach and compliance by UnitedHealth and the unit with the Health Insurance Portability and Accountability Act, or HIPAA, a federal law that protects sensitive patient health information.
UnitedHealth said it would cooperate with the investigation. “Our immediate focus is to restore our systems, protect data and support those whose data may have been impacted,” it said.
The cyberattack at Change, disclosed on Feb. 21 and initially attributed to “suspected nation-state associated cybersecurity threat actor”, was later blamed on hackers who identified themselves as the “Blackcat” ransomware group.
The hack disrupted electronic pharmacy refills and insurance transactions as the Change unit processes about 50% of medical claims in the United States.
(Reporting by Sriparna Roy in Bengaluru; Editing by Arun Koyyur)
Comments