top of page
Search

Can Patients Expect a Data Breach Notice from UnitedHealth?

Parv Jain
Data Breach

U.S. healthcare providers can ask UnitedHealth Group to notify people whose data was exposed in a February hack on the company's Change Healthcare unit, according to an update from the health department's website.


This news is a relief for U.S. hospitals and healthcare providers, who had urged the Department of Health and Human Services (HHS) to allow UnitedHealth to take responsibility for notifying affected individuals.


The HHS' Office for Civil Rights (OCR) stated on May 31 that "affected covered entities that want Change Healthcare to provide breach notifications on their behalf should contact Change Healthcare." U.S. law requires data breaches to be reported to affected individuals within 60 days of discovery.


A UnitedHealth spokesperson welcomed the OCR's clarification, saying it aligns with the company's goal to ease the reporting burden on its customers.


In May, UnitedHealth CEO Andrew Witty informed a Congressional committee that hackers might have stolen data from one-third of Americans in the February 21 cyber attack, which disrupted medical claims processing. The company is still addressing these issues.


Witty also mentioned that the extent of the data breach is still under investigation and is likely significant.


UnitedHealth warned that the breached data might include sensitive information such as names, addresses, medical codes, and insurance numbers. The breach has caused widespread disruptions in healthcare billing and data systems, affecting patients and providers nationwide.


Key points

  • Notification Shift: UnitedHealth Group can now notify individuals affected by the data breach, lightening the notification responsibility for healthcare providers.

  • Regulatory Compliance: The Department of Health and Human Services (HHS) allows this shift, aligning with U.S. law requiring data breaches to be reported within 60 days of discovery.

  • Impact and Investigation: CEO Andrew Witty revealed the breach potentially affects a third of Americans, prompting ongoing investigations into the extent of compromised data and disruptions in healthcare services.


FAQs

Q1. Who can notify individuals affected by the data breach?

UnitedHealth Group can now notify individuals whose data was exposed in the breach, upon request from healthcare providers.


Q2.  How can healthcare providers request notifications for their patients?

Healthcare providers can ask Change Healthcare to provide breach notifications on their behalf, according to the guidance from the HHS Office for Civil Rights (OCR).


Q3.  What is the legal requirement for reporting data breaches?

U.S. law mandates that data breaches be reported to affected individuals within 60 days of discovery.


Q4. What information could be compromised in the breach?

The breached data may include sensitive information such as names, addresses, medical codes, and insurance numbers.


Reference

0 views0 comments

Kommentare


Best Local Logo.png

Best Local Internet provides the tools and knowledge you need to discover the best internet service providers available in your area. Use our resources to compare internet plans, prices, speeds, and provider types like Fiber, Wireless, DSL, Satellite, and more

Quick Links

Home
Speed Test
Service Areas
News
Resources

Internet Providers

AT&T
Verizon
T-Mobile
Viasat
Speednet

HughesNet
Century Link
Spectrum
Starlink
EarthLink

Support Resources

Contact us

About us

Privacy Policy 
Terms & Conditions

Best Local Internet.

©2024 Best Local Internet. All rights reserved

  • Instagram
  • Youtube
bottom of page