On April 10, the AMA released its survey findings regarding the Change Healthcare cyberattack. According to respondents, the cyberattack on Change, a UnitedHealth Group (UHG) subsidiary, threatens the viability of physician practices nationwide and has profound implications for patient care. 

The survey shows that the cyberattack has hit practices with 10 physicians or fewer the hardest. More than 1,400 respondents filled out the AMA survey, with 78% (1,097) coming from practices with fewer than 10 physicians. The survey, conducted from March 26 to April 3, showed that 36% of respondents reported suspension in claim payment, 32% were unable to submit claims, and 22% were unable to verify eligibility for benefits. 

“The disruption caused by this cyberattack is causing tremendous financial strain,” AMA President Jesse M. Ehrenfeld, MD, MPH, said in a statement. “These survey data show, in stark terms, that practices will close because of this incident, and patients will lose access to their physicians. The one-two punch of compounding Medicare cuts and inability to process claims as a result of this attack is devastating to physician practices that are already struggling to keep their doors open.”

While significant progress has been made in restoring systems, the attack could prove further-reaching than initially thought.

In a press release on Monday, UHG said that the hackers who orchestrated the attack may have stolen the personal data of a “substantial proportion” of Americans in its systems. Change Healthcare processes about 50% of U.S. medical claims.

Due to the complex nature of the data review, UHG said it is “likely to take several months of continued analysis before enough information will be available to identify and notify impact customers and individuals," but there is no evidence to suggest that physicians’ charts or full medical histories of individuals were stolen.

“The company, along with leading external industry experts, continues to monitor the internet and dark web to determine if data has been published,” the release states. “There were 22 screenshots, allegedly from exfiltrated files, some containing PHI and PII, posted for about a week on the dark web by a malicious threat actor. No further publication of PHI or PII has occurred at this time.”

UHG said it’s continuing to work with law enforcement and multiple cybersecurity firms on the issue.

ISMA will continue to monitor the situation and send members special alerts as more information is available. 

Additional resources

Change Healthcare/Optum Payment Disruption (CHOPD) Accelerated Payments to Part A Providers and Advance Payments to Part B Suppliers (Fact sheet)

Department of Health and Human Services resource page

CMS Statement on Continued Action to Respond to the Cyberattack on Change Healthcare 

Information on the Change Healthcare Cyber Response 

HHS Statement Regarding the Cyberattack on Change Healthcare 

Change Healthcare Client Services Assistance: Email client_assistance@optum.com.

If you work with a client manager, please contact them directly.

Chief Information Security Officers:Optum Solution Status Updates.

UnitedHealthcare & Optum Consumers: Contact numbers can be found on the back of your member ID card.

Vendors, for Accounts Payable inquiries: Email apinquirieslchc@optum.com.