<- Back to Insights
April 22, 2024
Change Healthcare Cybersecurity Incident Frequently Asked Questions
Summary
The U.S. Office for Civil Rights (OCR) has issued a Dear Colleague letter and initiated a comprehensive investigation into Change Healthcare and UnitedHealth Group (UHG) following a significant cybersecurity incident, analyzing the possible breach of protected health information (PHI) and compliance with HIPAA regulations. The investigation also extends to entities associated with Change Healthcare and UHG, underscoring the importance of maintaining business associate agreements and the necessity for timely breach notifications. OCR has provided various resources to aid healthcare entities in improving cybersecurity measures and complying with the HIPAA Security Rule, emphasizing the necessity of risk analysis and breach protocols to protect patient information.
Explore Related Topics