Skip To Navigation Skip To Content Skip To Footer

    The MGMA membership renewal portal is experiencing intermittent issues. We are working on a fix. If you're unable to renew, please call 877.275.6462 ext. 1888 or email service@mgma.com to renew.

    Advocacy Letter
    Home > Press Statements & Advocacy Letters > Advocacy Letters

    April 25, 2024 

    Melanie Fontes Rainer
    Director
    Office for Civil Rights
    Department of Health and Human Services
    Room 509F, HHH Building
    200 Independence Avenue, SW
    Washington, DC 20201

    Re: Change Healthcare and Breach Notifications

    Dear Director Rainer:

    I write seeking your immediate assistance on a matter of utmost urgency to America’s medical group practices. With a membership of more than 60,000 medical practice administrators, executives, and leaders, the Medical Group Management Association (MGMA) represents more than 15,000 medical group practices ranging from small private medical practices to large national health systems, representing more than 350,000 physicians.

    These practices have been drastically impacted by the cyberattack on Change Healthcare. Disruption to the daily operations of medical groups has been severe and is ongoing. While MGMA appreciates the steps the Department has taken, along with the efforts of Change and its parent, UnitedHealth Group, many challenges remain. Of immediate concern is confusion surrounding the extent to which protected health information (“PHI”) and personally identifiable information (“PII”) have been improperly disclosed, to whom, and on whom the burden of providing HIPAA-required breach notifications to both your office and affected patients will fall.

    MGMA is encouraged by recent public statements from United committing to “provide appropriate notifications” and stating that it “has offered to make notifications and undertake related administrative requirements on behalf of any provider or customer.” (United Press Release April 22, 2024). At the same time, no prudent medical group can rely on vague promises in a press release containing no specifics with respect to either timing or implementation. To our knowledge, no MGMA member has actually received from Change or United the promised “offer,” in writing or otherwise.

    View the full letter


    More Advocacy Letters

    Ask MGMA
    An error has occurred. The page may no longer respond until reloaded. Reload 🗙