On Friday, Arkansas Attorney General Tim Griffin issued a statement announcing that his office is initiating an investigation of Change Healthcare, a unit of UnitedHealth Group, under the Arkansas Personal Information Protection Act and the Arkansas Deceptive Trade Practices Act.
This comes after the February cyberattack of unprecedented magnitude that Change Healthcare was victim to. Change Healthcare provides technology used to submit and process insurance claims. It handles about 14 billion transactions a year and works with claims from several insurers. The company said that the ransomware group ALPHV, or Blackcat, gained access to some of its information technology systems.
Additionally, my office will look into whether Change Healthcare used reasonable security procedures and practices to protect this information as required by Arkansas law, Griffin said. He noted that ransomware attack disrupted billing and healthcare information systems across the country and has threatened hospitals ability to care for patients and pay physicians. Protecting Arkansans personal information and holding organizations accountable for data breaches are two of my responsibilities under Arkansas law.”
UnitedHealth said Monday that it is expanding temporary funding to support doctors and other care providers affected by the attack.
WebReadyTM Powered by WireReady® NSI