AG Griffin investigating Change Healthcare cyberattack response

by Talk Business & Politics staff ([email protected]) 803 views 

Arkansas Attorney General Tim Griffin announced Thursday (March 21) that his office is investigating Change Healthcare, Inc., which was hit with a major ransomware cyberattack in February.

Change Healthcare, a unit of UnitedHealth Group, was hit by a ransomware attack that disrupted billing and healthcare information systems across the country and has threatened hospitals’ ability to serve patients and pay physicians.

Earlier this month, the U.S. Department of Health & Human Services announced it would investigate the cyberattack, citing its “unprecedented magnitude.”

Griffin said he has concerns about personal information and patient privacy and indicated he was also operating under the state’s Deceptive Trade Practices Act.

“I am initiating an investigation into Change Healthcare, Inc., a unit of UnitedHealth Group, to determine whether the confidential medical information of Arkansans was compromised in the late February cyberattack against Change Healthcare and whether any laws were violated,” Griffin said.

“Additionally, my office will look into whether Change Healthcare used reasonable security procedures and practices to protect this information as required by Arkansas law. Protecting Arkansans’ personal information and holding organizations accountable for data breaches are two of my responsibilities under Arkansas law.”