I’ve written quite a bit about UnitedHealth Group being a generally malignant force in healthcare — for their propensity to acquire businesses (and then not integrate them); for their acquisition of Change Healthcare; and for their pursuit of cost-cutting at the expense of patients’ lives (not my article, but a shocking one). As I wrote in The American Prospect 4 years ago, UHG was (is?) the closest thing American healthcare has had to a single payor system, as it controls so many parts of the healthcare apparatus. 

But I didn’t anticipate how UHG would start flailing this year. After a rough 2024, with the Change Healthcare hack and the murder of its CEO, UHG is now contending with a difficult financial environment. Stock prices are down sharply, and the Wall Street Journal ran an article calling insurers (not just UHG) “chronically uninvestable.” Meanwhile, the DOJ is investigating UHG’s Medicare Advantage practices.

Despite all this, UHG’s approach to managing this combination of crises is confusing. Rather than try to seem like a benevolent (if struggling) company, they’ve chosen to go after the two groups they’re accused of having the most control over — providers and individual patients.

Going after doctors

In January 2021, UnitedHealth Group announced its intention to acquire Change Healthcare, a medical reimbursements company that already had what I would call anti-provider practices (for example, sending reimbursements in the form of prepaid credit cards with processing fees attached — and requiring that practices request individual paper checks if they wanted to avoid those processing fees). 

In early 2022, the Department of Justice and attorneys general of Minnesota and New York sued to block the acquisition. The judge ultimately ruled against the suit (and the DOJ dropped its appeal in 2023), clearing the way for the two companies to become one.

Then, in February 2024, the size of the combined UHG and Change became a huge, public liability when Change was hacked. Change was handling an estimated half of all medical transactions in the U.S. when a group calling itself ALPHV/BlackCat stole the sensitive medical information of an estimated one-third of all Americans. 

UHG ended up paying a ransom of $22 million in Bitcoin (without any verification from the hackers that they didn’t have the sensitive data stored elsewhere), but it took weeks for Change to start running again.

In the meantime, doctors weren’t getting reimbursement for the insurance claims they filed, making it difficult for practices — especially small and independent ones — to make payroll. UHG offered loans through Optum to help bridge practices that were struggling financially. Then-CEO Andrew Witty of UHG told the Senate Finance Committee in May 2024 that these loans were interest-free, and that UHG wouldn’t call up the loans until after the practices reported back to Optum that their financial situation had stabilized. Then, he said, the practices would have 45 business days to repay their loans.

But that’s not what happened. Starting at the end of 2024, UHG started calling up loans. And they didn’t allow providers 45 business days for repayment, as they promised the Senate Finance Committee. They started calling up loans to be paid back within just a few days, or they threatened to garnish the providers’ reimbursements.

In April of this year, the American Medical Association sent a letter to Optum, asking for more information about this practice and highlighting the pressure that physicians are under as a direct result of the Change hack:

Physician practices are still suffering severe financial distress as a result of the cyberattack nearly 14 months after the breach was first discovered [...] 

Multiple reports from our members detail how Optum has instituted a loan repayment process that unexpectedly calls for immediate repayment of sizeable loans—sometimes amounting to hundreds of thousands of dollars. If the practice does not repay the specified amount within five business days, Optum threatens to completely withhold practices’ current claims payments until the balance has been repaid.

UHG/Change made the lives of medical practices extremely difficult because…a low level customer support employee had a single password (with no multi-factor authentication) that the hacker group accessed. Then instead of owning up to it, they paid a Bitcoin ransom, took months to notify people that their data was stolen (I just got my letter a few months ago!), and acted like predatory lenders toward the doctors whose lives they had ruined.

Going after individuals

Earlier this month, the New York Times reported that UHG had hired an aggressive legal firm (the firm self-refers as “media assassins”) to shut down individuals who publicly criticized UHG. 

One person who received a threatening letter from this law firm is a doctor in Austin, whose crime was posting a TikTok detailing how UHG representatives had called her operating room phone in the middle of a surgery to discuss whether UHG would cover a patient’s hospital stay. The law firm demanded that she take down the TikTok and apologize. Bill Ackman, the financier, reposted the video and got a letter from the law firm himself. (He posted about it in detail on Twitter).

Meanwhile, the doctor, Dr. Elisabeth Potter, had recently opened her own surgery center. Shortly after she posted the TikTok, UHG stopped responding to her attempts to get in-network status for her surgery center. 

This aggressive approach by UHG seems to have backfired, at least in terms of public relations (Dr. Potter was worried her surgery center might have to close, as of the time of the publication of the NYT article in mid-July). Representative Lloyd Doggett, whose district includes the Austin area, announced in July that he and Rep. Greg Murphy (R-NC) were requesting a GAO investigation into UHG’s consolidation and power over the healthcare industry. 

Takeaways

I’m not trying to turn this into (just) a screed against UHG. If you’re going to be one of the biggest companies in American healthcare and then do a bad job because you couldn’t do basic IT security, why are you going after the doctors whose lives you ruined? If you’re going to call doctors in the operating room to bother them about their patients’ insurance coverage, why hire “media assassins” to go after them?

Healthcare is complicated, and the American system makes it even more so. But UHG is doing a poor job of convincing the public that it isn’t a massive corporate consolidator that’s using its power to go after individuals.