Minnesota Attorney General Keith Ellison is pushing UnitedHealth Group to provide more help for health care providers and patients affected by the cyberattack at the company's subsidiary, Change Healthcare.
Ellison and 21 other state attorneys general sent a letter Thursday to the Minnetonka-based health care giant outlining concerns, including allegations that UnitedHealth Group has been unfairly providing more assistance to clinics that it owns and operates.
The cyberattack response from both Change Healthcare and UnitedHealth Group has so far been inadequate, the attorneys general wrote. They said health care providers have been unable to reach staff who can provide timely information about everything from the data that has been breached to whether systems have ongoing cyber vulnerabilities.
"You must do more than you are currently to avoid imposing further harm to our states' health care infrastructure and the patients who rely on it ...," the attorneys general wrote in the letter to UnitedHealth Chief Executive Andrew Witty. "We are also deeply concerned by the perception that practices owned by United may be getting more immediate relief and more favorable terms from the financial assistance program."
UnitedHealth Group said in a statement that ever since the incident surfaced, the company has prioritized patient access to care as well as providing resources and support to individuals, health care providers and customers.
"We continue to offer financial assistance to those providers who need it and encourage them to contact us," the company said.
The February cyberattack targeted a UnitedHealth subsidiary that runs a widely used clearinghouse for electronic claims data that processed about half of all claims in the U.S. The impact has been felt at pharmacy counters, where patients initially struggled to fill prescriptions, and at hospitals and clinics, where the system for filing claims for payment from health insurers has been severely disrupted.
This week, UnitedHealth Group said a substantial proportion of Americans may have had their personal data compromised in the cyberattack and offered free credit monitoring and identity theft protection.
The company said it likely will take several months of continued analysis to identify and notify affected customers and individuals. IT services are continuing to recover, UnitedHealth Group said, with pharmacy systems back to near-normal levels and medical claims flowing at near-normal levels.