Information: Update on Change Healthcare service interruption
As of June 20, 2024
On February 21, 2024, Change Healthcare (CHC) took some of their services offline in response to a cybersecurity attack. CHC, which UnitedHealthcare owns through its Optum subsidiary, had impacts to their systems and services after the cyberattack in February. The incident led to outages in these services for payers, providers and other parts of the U.S. health care system, including GEHA. GEHA works with CHC to provide several services to our members and providers, including payment processing, explanation of benefit (EOB) distribution and mail services.
This disruption interrupted claims processing, payment processing and our ability to process EOBs. To safeguard member and provider data, GEHA shifted to an alternate method for processing these items. During this transition, there was a delay in sending claims payments and information, as well as EOBs.
Due to the cyberattack on CHC's system, GEHA is still unable to access some claims and EOBs sent to CHC prior to Feb. 20, 2024. The systems and processes that CHC provides GEHA were moved to an alternate method that we've diligently tested in phases before rolling out fully, culminating with all received claims (after Feb. 20) being processed by May 23, 2024.
EOB update
Your payment information will be available on geha.com when you login to your portal. Printed EOBs will be mailed but digital versions of other payment related documents are currently unavailable and at this time our Customer Care representatives don’t have access to this information. We are targeting mid-June for digital access to EOBs to resume. Please note that the new mailed EOBs have a different appearance than our previous ones, but this is because we are using an alternate method to get these processed in a timely manner. While the formatting may have changed, our focus is to ensure continuity of care and ongoing access to your health care.
Migrating to a new solution takes time and thorough quality assurance to ensure no additional unintended impacts to member and provider services. To address this, our teams have implemented a phased, and measured, rollout to resume normal operations. We thank you for your patience while this process was tested and implemented.
Additional FAQs
At this point GEHA has no knowledge of member data being compromised. UnitedHealth Group, the parent company of CHC, is offering no-cost credit monitoring to anyone impacted. Please see information in Member FAQs for details.
See below for answers to the questions we're receiving from our members and providers. We will update this page as more information becomes available.
Provider assistance
Optum Temporary Funding: Optum Temporary Funding Assistance
Optum has a simple video with step-by-step instructions on how to navigate this process:
Optum Temporary Funding Assistance Program webinar
Connection Dental Providers who work with payors other than GEHA should contact those payors directly to inquire about the status of payments.
No. This outage does not impact your access to providers. There was an interruption in prescription services from Optum immediately after the outage occurred, but this has been resolved. Please continue to get needed health care services while the back-office administrative issue is being resolved.
GEHA members have been unable to access Explanation of Benefits (EOBs) online until now. However we resumed mailing EOBs in May, and digital EOBs are available from Feb. 20 to present as of June 14 via your secure member portal on geha.com.
No. GEHA's internal technology and systems were not directly impacted by the cyberattack on Change Healthcare.
No action is needed from members.
The cyberattack on Change Healthcare took place Feb. 21, 2024. The effects of this event are still impacting the broader U.S. health care industry.
All outstanding payments for claims received were processed as of May 23, 2024. GEHA Customer Care associates unfortunately do not have access to upcoming payments.
All outstanding payments for claims received to date were processed as of May 23, 2024, and GEHA has resumed normal claims processing. You should be able to view your deductible balance through your secure member portal, and digital EOBs for claims received after Feb. 20 are now available. Printed EOBs resumed being mailed in May.
The CHC cyberattack affected GEHA's ability to view member EOBs, and our Customer Care associates have not had access to all documents. Access to EOBs resumed in May with all EOBs being mailed. Digital access to EOBs for claims dated Feb. 20 or after resumed as of June 14 via your secure member portal on geha.com. All EOBs have been processed in chronological order beginning from the last days of claims processing on Feb. 20, 2024.
In order to reinstate and re-start sending EOBs, GEHA moved to an alternate provider for EOB processing. We realize the format of the new EOBs is different and are continuing to work with the vendor to identify what elements can be refined, including enlarging the current font size. Digital EOBs are now available again via your secure member portal on geha.com, as of June 14.
While the formatting of your EOB may be an unexpected difference, the information is factually accurate. Our focus is to ensure continuity of care and ongoing access to your health care, to ensure no delays. For the time being, printed EOBs are being sent to all members. Digital EOBs are now available again via your secure member portal, effective June 14.
Some members may receive an increased volume of mailings from GEHA. Due to the cyberattack on CHC in February, many of our normal letter processes were interrupted. These have now resumed, and providers and members are starting to receive the backlog of letters that were interrupted from February to June 2024. Some of these letters are needed for documentation to process out-of-network claims and other issues. Per regulation from OPM, GEHA is obligated to mail these items.
To date, GEHA has no evidence that member data was compromised as a result of this incident. Additionally, GEHA is proactively monitoring the situation. The security of our members' data and personal health information is of utmost importance to us. We have proactively implemented a robust monitoring process. Our team of cybersecurity experts are constantly assessing if our member data has been impacted.
At this time we have no evidence that GEHA member data has been compromised in this incident. UnitedHealth Group, which owns Optum and CHC, has established a dedicated website for potentially impacted individuals at changecybersupport.com. GEHA members can visit this website to get more information and details on resources that UnitedHealth Group is offering in response to this incident. UnitedHealth Group has established a dedicated call center to offer free credit monitoring and identity theft protections for two years to anyone impacted. The call center will also include trained clinicians to provide support services. UnitedHealth Group has indicated on April 22, 2024, that, given the ongoing nature and complexity of the data review, it may take several months for them to identify and notify impacted individuals. The call center will not be able to provide any specifics on individual data impact until that time.
UnitedHealth Group's call center can be reached at 866.262.5342 and further details can be found on the website.
Yes. Based on the services Change Healthcare provides to GEHA, GEHA is experiencing disruptions to things like member and provider letter print and mail services, Explanation of Benefit (EOB) retrieval and payment processing for dental providers, out of network medical providers and members. At this time GEHA has no evidence that member data has been compromised.
No. GEHA's internal technology and systems were not directly impacted by the cyberattack on Change Healthcare.
It isn't necessary for providers to contact GEHA. GEHA has implemented an alternate method to restore both provider and member payment processing and access to impacted member and provider documents. Payment processing was accelerated in May and completed for claims received to date on May 23, 2024. GEHA will proactively communicate with providers and members on updates, including any actions providers or members should take. Please monitor this webpage for updates. The GEHA Customer Care team is unable to view all documents impacted during the time frame of the outage. Notification of e-payments will be normal confirmation and more information on payment method is available in your provider portal. Your form of payment will be the same as previously elected.
All outstanding payments for claims received after Feb. 20 were processed as of May 23, 2024, and GEHA has resumed normal claims processing. You should be able to view processed payments through your secure provider portal, and digital EOB access resumed June 14 via your secure portal on geha.com.
GEHA is not paying interest per OPM and GEHA contracts. This was an industry-wide event.
We have our normal provider dispute process where you can write in to appeal a claim. Currently the time frame for claims dispute is six months from the original date of the claim. Claim disputes must be received in writing.
If nothing has changed on your end, we do not need updated info. Please see your Provider Portal for contact information if you need to enroll or update your VCC/ACH payment information to our payment processing system.
As part of GEHA's recovery efforts, we are working to remediate outstanding payments issued by VCC that are now expired. These are payments issued prior to the cyber-event at Change Healthcare. At this time, we are unable to provide a specific date for the release, however, rest assured that our teams continue to work towards this final step in our recovery process. There is no further action needed from you at this time for payment reissue. We sincerely apologize for the extended delay and inconvenience.
We have identified an issue where the "other plan payment" amount on some EOBs is incorrect. However, please be assured the actual payment from GEHA is correct and has been processed accurately. We are working on getting this corrected so that that future EOBs will reflect the correct "other plan payment" amount. If you notice other inconsistencies, please inform GEHA.
GEHA commenced EOB processing and payments on out-of-network provider claims to members on April 29, 2024, and the backlog was completed on May 23, 2024.
Given UnitedHealthcare’s relationship with Optum, are their payments impacted by the CHC cyberattack
Payments facilitated by UnitedHealthcare to providers in the UnitedHealthcare medical networks are not impacted by this incident. However, GEHA is not currently able to facilitate payments to providers within the Aetna network, to out-of-network providers, or related to claim adjustments to in-network UnitedHealthcare network providers. All dental network payments and payments to reimburse members are also impacted at this time.
If the claim is submitted to GEHA or one of GEHA's partners (such as UHC or Aetna) using a clearinghouse other than CHC, GEHA can accept and process the claim as normal. However, GEHA is processing claims in chronological order as described in the FAQ immediately above.
There was a disruption to clearinghouse services experienced as a result of the Feb. 20, 2024, Change Healthcare (CHC) cyber incident. We are pleased to announce that the clearinghouse services have been restored as of June 12, and claims can now be submitted to GEHA-ASA Payer ID 06603 and received by Aetna Signature Administrators. Please note the following:
Claims with a 2023 service date
If you attempted to submit an electronic claim to for the GEHA-ASA Payer ID 06603 CHC between the dates of Feb. 20, 2024 – May 15, 2024, CHC will not have a record of that transaction, and you would not have received a rejection notice. You may now resubmit any claims with a 2023 service date.
Claims with a 2024 service date
Effective for the 2024 plan year, GEHA now partners with UnitedHealthcare's Choice Plus network across our five medical plans. Claims with a service date in 2024 should be submitted per the EDI information on the back of the member's ID card, and should not be submitted through the GEHA-ASA Payer ID.
In order to get EOPs flowing again, GEHA has moved to an alternate provider for EOP processing. We realize the format of the new EOPs is different. We anticipate digital EOPs to be available via your secure member portal by the end of June.
Due to the cyberattack on CHC in February, many of our normal letter processes were interrupted. These have now resumed and providers and members are starting to receive the backlog of letters that were interrupted from February to June 2024. Some of these letters are needed for documentation to process out-of-network claims and other issues. In some cases, catching up on the backlog has resulted in a higher concentration of letters than is typical. We apologize for any inconvenience this may cause.
Connection Dental Providers who work with payors other than GEHA should contact those payors directly to inquire about the status of payments. Additional information, if provided, can be found on the payor tab at connectiondental.com.
United Health Group has also provided access to the following information and resources:
UHG Cyber Event Information: Information on the Change Healthcare Cyber Response — UnitedHealth Group
Specifically, for providers who receive payments from payers that were processed by Change Healthcare, there is a temporary funding assistance support program to help with short-term cash flow needs. New applications for this program will not be accepted after July 12, 2024.
Optum Temporary Funding: Optum Temporary Funding Assistance