HHS offers resource guide to providers impacted by Change Healthcare cyberattack

March 27, 2024 - Healthcare providers nationwide are continuing to face financial and operational challenges in the aftermath of the Change Healthcare cyberattack, which began more than one month ago.

In Massachusetts, hospitals were losing upwards of $24 million per day as of late March, the Massachusetts Hospital Association reported. The American Hospital Association (AHA) found that 94 percent of surveyed hospitals were experiencing financial impacts from the cyberattack, and 82 percent said that the disruption had impacted their cash flow.

What’s more, nearly three-quarters of responding hospitals reported direct impacts on patient care.

New guidance from HHS, Administration for Strategic Preparedness and Response (ASPR), and CMS leaders aims to reduce that burden by connecting providers with health plan contacts who can assist them with payment flexibility and resource availability questions.

In a letter accompanying the guidance document, HHS, ASPR, and CMS leaders highlighted the steps that the Biden-Harris Administration has taken to provide flexibility for state Medicaid programs and make advance payments available to providers through Medicare. CMS also noted that it had encouraged private payers to follow suit.

However, the letter also acknowledged that HHS has continued to hear from providers about difficulties with “getting answers from healthcare plans about the availability of prospective payments or the flexibilities you may need while the Change Healthcare platform is unavailable.”

“HHS asked health plans to provide specific national contact information that providers can use when they need this information, and we are providing that information to you enclosed with this letter.”

The document outlines contact information and resources that are available to providers from health plans and payers, including CVS Health, Kaiser Permanente, Cigna Healthcare, and UnitedHealth Group itself.

Each section of the document covers a specific organization and contains links to plan-specific websites and detailed information on claims processing.

For example, the section covering Elevance Health provides information about filing requirements and gives providers a roadmap to finding more information about timeframes and processes through their provider manual. Similar information was provided for each payer throughout the document, giving providers a one-stop resource for getting more information about how this incident is impacting their processes.

As providers continue to grapple with the fallout of this large-scale cyberattack, many payers mentioned in the document were offering alternative clearinghouse options. Some offered to accept paper or faxed claims, and others extended filing requirements. Regardless of the alternatives offered, the Change Healthcare outage will require providers to change their workflows significantly to continue getting paid amid this disruption. 

The end of the document consists of a chart with contact information that each payer provided to HHS upon request. Providers who already have regional points of contact for their health plans should continue communicating with that representative, HHS advised. HHS encouraged providers to share this resource with any fellow providers who may need it.

“We appreciate your resilience and your continued commitment to your patients during the last month. And thank you for remaining engaged with us to make sure we know about the challenges you have faced in light of the Change Healthcare cyberattack,” the letter continued. “It has been helpful for us to hear directly from you to understand the scope of those challenges and to know how to tailor our response to your needs.”