CMS has contacted all of the MACs to make sure they are prepared to accept paper claims from providers who need to file them.If Medicare providers are having trouble filing claims or other necessary notices or other submissions, they should contact their MAC for details on exceptions, waivers, or extensions, or contact CMS regarding quality reporting programs.CMS strongly encourages Medicaid and CHIP managed care plans to adopt the same strategies of removing or relaxing prior authorization and utilization management requirements, and consider offering advance funding to providers, on behalf of Medicaid and CHIP managed care enrollees to the extent permitted by the State.CMS is also encouraging MA plans to offer advance funding to providers most affected by this cyberattack. CMS will issue guidance to Medicare Advantage (MA) organizations and Part D sponsors encouraging them to remove or relax prior authorization, other utilization management, and timely filing requirements during these system outages.CMS is strongly encouraging other payers, including state Medicaid and Children’s Health Insurance Program (CHIP) agencies and Medicaid and CHIP managed care plans, to waive or expedite solutions for this requirement. CMS has instructed the MACs to expedite this process and move all provider and facility requests into production and ready to bill claims quickly. The MAC will provide instructions based on the specific request to expedite the new EDI enrollment. Medicare providers needing to change clearinghouses that they use for claims processing during these outages should contact their Medicare Administrative Contractor (MAC) to request a new electronic data interchange (EDI) enrollment for the switch.Providers should continue to work with all their payers for the latest updates on how to receive timely payments.Īffected parties should be aware of the following flexibilities in place: CMS will continue to communicate with the health care community and assist, as appropriate.
Today, HHS is announcing immediate steps that the Centers for Medicare & Medicaid Services (CMS) is taking to assist providers to continue to serve patients. HHS has heard these concerns and is taking direct action and working to support the important needs of the health care community. However, numerous hospitals, doctors, pharmacies and other stakeholders have highlighted potential cash flow concerns to HHS stemming from an inability to submit claims and receive payments. HHS refers directly to UHG for updates on their incident response progress and recovery planning. HHS is also leading interagency coordination of the Federal government’s related activities, including working closely with the Federal Bureau of Investigations (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the White House, and other agencies to provide credible, actionable threat intelligence to industry wherever possible. HHS has made clear its expectation that UHG does everything in its power to ensure continuity of operations for all health care providers impacted and HHS appreciates UHG’s continuous efforts to do so. HHS is in regular contact with UHG leadership, state partners, and with numerous external stakeholders to better understand the nature of the impacts and to ensure the effectiveness of UHG’s response. HHS’ first priority is to help coordinate efforts to avoid disruptions to care throughout the health care system.
HHS recognizes the impact this attack has had on health care operations across the country. Department of Health and Human Services (HHS) is aware that Change Healthcare – a unit of UnitedHealth Group (UHG) – was impacted by a cybersecurity incident in late February.