We are aware some members are receiving generic letters from CHC indicating they may have data impacted by the CHC cyberattack that occurred in February 2024. At this point GEHA has no knowledge of member data being compromised. It is important to note that providers, labs, pharmacies or other elements of the health care ecosystem that are used by GEHA members may have contracts with CHC that are impacted by the CHC event, which could result in those members receiving letters regarding this incident.

UnitedHealth Group, the parent company of CHC, is offering no-cost credit monitoring to anyone who may have been impacted. For additional information on the CHC cyberattack, visit changehealthcare.com.

No. This outage does not impact your access to providers. There was an interruption in prescription services from Optum immediately after the outage occurred in February 2024, but that was resolved quickly. Please continue to get needed health care services while the back-office administrative issue is being resolved.

GEHA members have been unable to access Explanation of Benefits (EOBs) online until June. However, we resumed mailing EOBs in May, and digital EOBs are available from February 20 to present as of June 14 via your secure member portal on geha.com. There may also be a delay in claims processing for payments to health care providers or to members who paid out-of-pocket.

No. GEHA's internal technology and systems were not directly impacted by the cyberattack on Change Healthcare.

No action is needed from members.

The cyberattack on Change Healthcare took place February 21, 2024. The effects of this event are still impacting the broader U.S. health care industry.

All outstanding payments for claims received were processed as of May 23, 2024.

All outstanding payments for claims received to date were processed as of May 23, 2024, and GEHA has resumed normal claims processing. You should be able to view your deductible balance through your secure member portal, and digital EOBs for claims received after February 20 are now available. Printed EOBs resumed being mailed in May.

The CHC cyberattack affected GEHA's ability to view member EOBs, and our Customer Care associates have not had access to all documents. Access to EOBs resumed in May with all EOBs being mailed. Digital access to EOBs for claims dated February 20 or after resumed as of June 14 via your secure member portal on geha.com. All EOBs have been processed in chronological order beginning from the last days of claims processing on February 20, 2024.

While the formatting of your EOB may be an unexpected difference, the information is factually accurate. Our focus is to ensure continuity of care and ongoing access to your health care, to ensure no delays. For the time being, printed EOBs are being sent to all members. Digital EOBs are now available again via your secure member portal, effective June 14.

Some members may receive an increased volume of mailings from GEHA. Due to the cyberattack on CHC in February, many of our normal letter processes were interrupted. These have now resumed and providers and members are starting to receive the backlog of letters that were interrupted from February to June 2024. Some of these letters are needed for documentation to process out-of-network claims and other issues. Per regulation from OPM, GEHA is obligated to mail these items. In some cases, catching up on the backlog has resulted in a higher concentration of letters than is typical. We apologize for any inconvenience this may cause.

To date, GEHA has no evidence that member data was compromised as a result of this incident. Additionally, GEHA is proactively monitoring the situation. The security of our members' data and personal health information is of utmost importance to us. We have proactively implemented a robust monitoring process. Our team of cybersecurity experts are constantly assessing if our member data has been impacted.

At this time we have no evidence that GEHA member data has been compromised in this incident. UnitedHealth Group, which owns Optum and CHC, has established a dedicated website for potentially impacted individuals at changecybersupport.com. GEHA members can visit this website to get more information and details on resources that UnitedHealth Group is offering in response to this incident. UnitedHealth Group has established a dedicated call center to offer free credit monitoring and identity theft protections for two years to anyone impacted. The call center will also include trained clinicians to provide support services. UnitedHealth Group has indicated on April 22, 2024, that, given the ongoing nature and complexity of the data review, it may take several months for them to identify and notify impacted individuals. The call center will not be able to provide any specifics on individual data impact until that time.

UnitedHealth Group's call center can be reached at 866.262.5342 and further details can be found on the website.

We are aware some providers and members are receiving generic letters from CHC indicating they may have data impacted by the CHC cyberattack that occurred in February 2024. At this point GEHA has no knowledge of member data being compromised. It is important to note that providers, labs, pharmacies, or other elements of the health care ecosystem that are used by GEHA members may have contracts with CHC that are impacted by the CHC event, which could result in those members receiving letters regarding this incident.

UnitedHealth Group, the parent company of CHC, is offering no-cost credit monitoring to anyone who may have been impacted. For additional information on the CHC cyberattack, visit changehealthcare.com.

Yes. Based on the services Change Healthcare provides to GEHA, GEHA is experiencing disruptions to things like member and provider letter print and mail services, Explanation of Benefit (EOB) retrieval and payment processing for dental providers, out of network medical providers and members. At this time GEHA has no evidence that member data has been compromised.

No. GEHA's internal technology and systems were not directly impacted by the cyberattack on Change Healthcare.

It isn't necessary for providers to contact GEHA. GEHA has implemented an alternate method to restore both provider and member payment processing and access to impacted member and provider documents. Payment processing was accelerated in May and completed for claims received to date on May 23, 2024. GEHA will proactively communicate with providers and members on updates, including any actions providers or members should take. Please monitor this webpage for updates. Notification of e-payments will be normal confirmation and more information on payment method is available in your provider portal. Your form of payment will be the same as previously elected.

All outstanding payments for claims received after February 20 were processed as of May 23, 2024, and GEHA has resumed normal claims processing. You should be able to view processed payments through your secure provider portal, and digital EOB access resumed June 14 via your secure portal on geha.com.

GEHA is not paying interest per OPM and GEHA contracts. This was an industry-wide event.

We have our normal provider dispute process where you can write in to appeal a claim. Currently the time frame for claims dispute is six months from the original date of the claim. Claim disputes must be received in writing.

If nothing has changed on your end, we do not need updated info. Please see your Provider Portal for contact information if you need to enroll or update your VCC/ACH payment information to our payment processing system.

As part of GEHA's recovery efforts, we are working to remediate outstanding payments issued by VCC that are now expired. These are payments issued prior to the cyber-event at Change Healthcare. At this time, we are unable to provide a specific date for the release, however, rest assured that our teams continue to work towards this final step in our recovery process. There is no further action needed from you at this time for payment reissue. We sincerely apologize for the extended delay and inconvenience.

We have identified an issue where the "other plan payment" amount on some EOBs is incorrect. However, please be assured the actual payment from GEHA is correct and has been processed accurately. We are working on getting this corrected so that that future EOBs will reflect the correct "other plan payment" amount. If you notice other inconsistencies, please inform GEHA.

GEHA commenced EOB processing and payments on out-of-network provider claims to members on April 29, 2024, and the backlog was completed on May 23, 2024.

Due to the cyberattack on CHC in February, many of our normal letter processes were interrupted. These have now resumed and providers and members are starting to receive the backlog of letters that were interrupted from February to June 2024. Some of these letters are needed for documentation to process out-of-network claims and other issues. In some cases, catching up on the backlog has resulted in a higher concentration of letters than is typical. We apologize for any inconvenience this may cause.

Connection Dental Providers who work with payors other than GEHA should contact those payors directly to inquire about the status of payments. Additional information, if provided, can be found on the payor tab at connectiondental.com.

United Health Group has also provided access to the following information and resources:

UHG Cyber Event Information: Information on the Change Healthcare Cyber Response — UnitedHealth Group