Federal officials who protect people's rights are checking if private health information was revealed in the recent computer attack on Change Healthcare.
The Office for Civil Rights announced on Wednesday that they will also check if Change Healthcare followed laws that keep patients' information private.
Change Healthcare provides technology used to send and handle insurance claims — and processes about 14 billion transactions annually.
The investigation was triggered by the “unprecedented magnitude” of the attack, according to Office for Civil Rights Director Melanie Fontes Rainer's letter.
The Office for Civil Rights, a part of the U.S. Department of Health and Human Services, enforces federal regulations that establish privacy and security requirements for patient health information.
UnitedHealth Group, the owner of Change Healthcare, said it would cooperate. Spokesman Eric Hausman also mentioned that UnitedHealth Group is collaborating with law enforcement to determine the extent of the attack.
Intruders accessed some of Change Healthcare’s information technology systems last month, causing disruptions in billing and care-authorization systems nationwide.
The American Hospital Association recently reported that some patients have experienced delays in getting prescriptions, and hospitals have had difficulties with processing claims, billing patients, and verifying insurance coverage.
Change Healthcare stated on Wednesday that all of its major pharmacy and payment systems were back online. Last week, the company said it expects to begin reestablishing connections to its claims network and software on March 18.
The company also mentioned late last month that the ransomware group ALPHV, or Blackcat, was behind the breach.
Experts in cybersecurity say ransomware attacks have significantly increased in recent years, particularly in the health care industry.
