Medicare Compliance & Reimbursement

A UHG spokesperson has confirmed to multiple press outlets that the company did indeed pay a ransom, although they didn’t specify the amount. “A ransom was paid as part of the company’s commitment to do all it could to protect patient data from disclosure,” according to a shared statement.

UnitedHealth also reveals in an April 22 release that the hacked data “could cover a substantial proportion of people in America.” It’s offering a website to connect concerned people with resources such as credit monitoring and identity theft protections.

UHG also gives an update on Change Healthcare’s operations in the release, noting that “Change Healthcare has made continued strong progress restoring services impacted by the event.” For example, “medical claims across the U.S. health system are now flowing at near-normal levels,” the company says.

But that’s not what on-the-ground providers are reporting, says KFF Health News. “We are still desperately struggling,” a Minnesota therapist told the news outlet. “This was way more devastating than COVID ever was,” she said.

“Look, I am freaking out,” a New York City urologist told KFF. “Everyone is freaking out. We are like monkeys in a cage. We can’t really do anything about it.”

UnitedHealth has issued $7 billion so far in relief funds, the company points out.

Remember: You may be entitled to administrative relief from Medicare medical review if the attack has affected you, says Medicare Administrative Contractor (MAC) CGS. “Any provider or supplier impacted by the CHOPD may request administrative relief from MR activities (e.g., extension for MR additional documentation requests [ADRs], reschedule MR education sessions, etc.),” the MAC says in a recent post.

Up next: While UnitedHealth officials skipped an April 16 hearing on the issue, UnitedHealth CEO Andrew Witty is scheduled to testify before a U.S. House subcommittee about the cyberattack.

UHG continues to offer updates on the cyberattack as the story evolves.