US health department states UnitedHealth has permission to inform patients regarding data breach

AndyC 13 June 2024

US healthcare providers are able to request UnitedHealth Group to alert individuals whose information was compromised during a breach on the company’s Change Healthcare division in February, according to an announcement on the health departmen

US health dept says UnitedHealth can notify patients of data breach

US healthcare providers are able to request UnitedHealth Group to alert individuals whose information was compromised during a breach on the company’s Change Healthcare division in February, according to an announcement on the health department’s site.




US health department states UnitedHealth has permission to inform patients regarding data breach










The announcement brings comfort to US hospitals and healthcare providers who had requested the Department of Health and Human Services (HHS) to transfer the notification responsibility to UnitedHealth and its division.

“Impacted covered entities interested in having Change Healthcare manage breach notifications on their behalf should get in touch with Change Healthcare,” stated the HHS’ Office for Civil Rights (OCR) in an update released on May 31.

US legislation mandates that data breaches need to be disclosed to affected individuals within 60 days of being discovered.

An official from UnitedHealth expressed gratitude for the clarification provided by OCR, emphasizing their preference to simplify the reporting tasks for their clients.

Earlier this month, the CEO of the healthcare conglomerate, Andrew Witty, informed a Congressional committee that hackers might have accessed a significant portion of Americans’ information during the cyber breach on February 21, resulting in delays in processing medical claims.

The company is actively working on resolving the processing issues.

Witty also mentioned that the company is conducting further investigations to determine the extent of the data breach and expects it to be quite significant.

UnitedHealth cautioned that the breached data may include sensitive details like names, addresses, medical codes, and insurance identifiers, as reported by the Wall Street Journal, citing the company’s responses to queries from the Senate Finance Committee.

The breach at the division handling healthcare billing, data systems, and various other services has led to widespread disruptions in claims processing, affecting patients and providers nationwide.



About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , ,

More Stories

Australian Red Cross CIO departs

Chief Information Officer Resigns from Australian Red Cross

AndyC 7 April 2025
Australian Red Cross CIO departs

Chief Information Officer steps down from Australian Red Cross

AndyC 7 April 2025
Meta releases new AI model Llama 4

Meta reveals cutting-edge AI model Llama 4

AndyC 7 April 2025
Meta releases new AI model Llama 4

Meta unveils cutting-edge AI model Llama 4

AndyC 7 April 2025
Microsoft, turning 50, dials up Copilot actions to stay in AI game

Microsoft, celebrating half a century, boosts Copilot maneuvers to remain competitive in the AI sector

AndyC 7 April 2025
Microsoft, turning 50, dials up Copilot actions to stay in AI game

Microsoft, reaching half a century, ramps up Copilot maneuvers to remain competitive in AI arena

AndyC 7 April 2025

You may have missed

4 Pillars of Network Risk Reduction: A Guide to Network Security Risk Management

NCC Group Taps Qualys to Extend Managed Security Service into Shadow IT Realm

AndyC 20 December 2025
4 Pillars of Network Risk Reduction: A Guide to Network Security Risk Management

NCC Group Taps Qualys to Extend Managed Security Service into Shadow IT Realm

AndyC 20 December 2025
4 Pillars of Network Risk Reduction: A Guide to Network Security Risk Management

NCC Group Taps Qualys to Extend Managed Security Service into Shadow IT Realm

AndyC 20 December 2025
4 Pillars of Network Risk Reduction: A Guide to Network Security Risk Management

NCC Group Taps Qualys to Extend Managed Security Service into Shadow IT Realm

AndyC 20 December 2025
4 Pillars of Network Risk Reduction: A Guide to Network Security Risk Management

NCC Group Taps Qualys to Extend Managed Security Service into Shadow IT Realm

AndyC 20 December 2025

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.