Class action legal action by pharmacists, providers ramps up against Change Healthcare/UnitedHealth Group

More litigants in a legal pile-on in Minnesota. The National Community Pharmacists Association (NCPA), with 19,000 pharmacy members, and around 40 providers have filed suit against UnitedHealth Group, Optum, and Change Healthcare in the US District Court for the District of Minnesota. The 140-page document charges that UHG/Optum/Change had substandard network security in their clearinghouse operations, leading to the Blackcat/ALPHV breach, and that the plaintiffs might have chosen another clearinghouse and revenue cycle management platform had they known this. The pharmacists and providers all suffered monetary damages from the outage that are still unresolved.

From the press statement, NCPA CEO B. Douglas Hoey: “NCPA was against UnitedHealth’s acquisition of Change from the start. This breach proves that bigger is not better and that consolidation often leads to inefficiencies. Companies are so big they cannot protect every entry point and cannot respond quickly due to internal bureaucracy. The fact issues remain unresolved is a testament to this point. This breach has cost our members a significant amount of money and time and it is still not resolved months later.” He also pointed to the pharmacies’ losses remaining unpaid, financial losses, and taking losses for vulnerable patients with high-cost prescriptions.

According to Healthcare Dive, the multiple lawsuits against UHG must be centrally filed in Minnesota, as ordered by a Federal judicial panel, since UHG is headquartered there. Nothing will move quickly, as class action suits typically take two or more years to be heard and then appealed.

Change started its HHS-OCR mandated process of notifications around 20 June with hospitals, insurers, and other customers. Individuals and practices were not scheduled to be notified until late July but no date has been announced. The Change website also contains a very carefully worded ‘HIPAA Substitute Notice’ that reads like a consumer data breach notification. TTA 21 June

Categories: Latest News.