Security News > 2024 > March > US to probe Change Healthcare's data protection standards as lawsuits mount
Change Healthcare is being investigated over the alleged 6 TB data theft by the ALPHV ransomware group as it continues recovery efforts.
The US Department of Health and Human Services Office for Civil Rights wrote to the healthcare IT company this week informing it that a formal inquiry into its data protection practices will soon begin.
"OCR is committed to helping health care entities understand health information regulations and to collaboratively working with entities to navigate the serious challenges we face together," said Melanie Fontes Rainer, OCR director, in the letter to Change Healthcare.
Over the past seven days, Change Healthcare has slowly started bringing services back online following the attack.
Change Healthcare announced that its pharmacy network and associated payment systems were reinstated on March 13, and that it was managing 99 percent of the claim volume as it was doing before the cyberattack.
Change Healthcare is facing an investigation from the OCR and may also soon be up to its neck in legal woes as at least six class action lawsuits have been filed against it, relating to the attack.
News URL
Related news
- Healthcare attacks spread beyond US – just ask India's Star Health (source)
- US healthcare org admits up to 400,000 people's personal info was snatched (source)
- Hacker gets 10 years in prison for extorting US healthcare provider (source)
- Mega US healthcare payments network restores system 9 months after ransomware attack (source)