Latest news with #ChangeHealthcare
Forbes
15-07-2025
- Business
- Forbes
Sovereign Cloud Is the Next Big Infrastructure Bet. Meet SpaceTime.
SpaceTime Founder and CEO, Antti Penannen As ransomware, regulation, and geopolitical instability strain traditional cloud systems, Finland's SpaceTime is rethinking infrastructure from first principles—designed not only to scale, but to survive. While most apps using cloud platforms are busy serving personalized ads, optimizing dating swipes, or reminding you to hydrate and buy more toilet paper, SpaceTime is focused on something more urgent: protecting the data we actually can't afford to lose. The Cloud Illusion Is Cracking For over a decade, cloud computing was considered bulletproof. Amazon Web Services, Microsoft Azure, and Google Cloud marketed a near-religious faith in scalability, uptime, and global availability. But that confidence is no longer warranted. When Tietoevry, a cornerstone of Nordic IT, was hit by a ransomware attack earlier this year, it wasn't just websites that went down. Hospitals diverted patients, banks froze operations, and entire public sector workflows were paralyzed. In Sweden, municipalities were forced to communicate offline using paper memos. In the U.S., the Change Healthcare breach disrupted medical payments for weeks, showing that 'cloud resilience' still translates to 'someone else's problem… until it becomes yours.' The lesson is uncomfortable: cloud convenience has outpaced cloud safety. SpaceTime Happy Servers The irony? These outages happened in cloud-connected environments sold as unbreakable—right up until they broke, spectacularly. For all the breathless promises of infinite uptime and disaster-proof design, cloud infrastructure still depends on the same old magic trick: someone else's servers, someone else's problem, until it becomes everyone's problem. Even hyperscalers are not immune to catastrophic failures. In May 2024, Google Cloud accidentally deleted the entire account of UniSuper, a $125 billion Australian pension fund. The incident stemmed from a provisioning error on Google's end, wiping out both live services and backups. It took two weeks to restore access. Fortunately, UniSuper had invested heavily in data protection and maintained third-party disaster recovery systems—without them, the company likely would have ceased to exist. For millions of retirees, one of the world's largest cloud platforms had nearly erased their financial infrastructure. This incident underscores that scale does not equate to safety, and even the biggest names in tech are susceptible to errors that carry existential consequences. Cloud Sovereignty: The Infrastructure Bet Geopolitics Just Made Inevitable The sovereign cloud market is projected to grow from $3.2 billion in 2023 to $21.5 billion by 2030, expanding at a 31.5% CAGR, making it one of the fastest-growing infrastructure categories globally. Growth is being fueled by stringent data localization laws, cyberattacks targeting national infrastructure, regulatory fragmentation, and increasing demand from governments and critical sectors, including healthcare, energy, and defense. High-growth regions, including Europe, the Middle East, and the Asia-Pacific, are where digital sovereignty is becoming a top policy priority. But SpaceTime isn't just riding a market wave. It's building for a systemic shift, where digital infrastructure has become national infrastructure, and resilience now outweighs scalability. While mainstream cloud providers like AWS, Azure, and Google Cloud generate over $500 billion in annual revenue, their size is irrelevant to Spacetime's mission. In today's fractured, high-risk environment, sovereign infrastructure may not be bigger, but it is more important. The Sovereign Cloud Arms Race Across Europe and beyond, sovereign cloud and infrastructure offerings are proliferating, especially in sectors where data sensitivity is existential. In healthcare, Corti has launched what it calls Europe's first sovereign AI infrastructure, placing data centers in Switzerland to meet regulatory pressures across Europe and the Middle East. Startups like Allonia in Germany and Owkin in France are building privacy-preserving AI systems for highly regulated use cases. However, many of these companies focus on adapting applications to sovereign environments, not rebuilding infrastructure from scratch. Corti, for instance, emphasizes localization but lacks public documentation of global security certifications, such as ISO/IEC 27001/27022 or HIPAA. Switzerland, while strong on privacy, is actively revising its surveillance laws, raising concerns about potential backdoors in encrypted services. By contrast, SpaceTime physical facilities have been audited for Katakri TI-3 military certification as well as sustainability certifications such as: ISO 27001, ISO 9001, ISO 14001, ISO 45001 and PCI DSS. Additionally, the company is actively certifying its operations under ISO 27001/22. Its approach is not to conform infrastructure to regulation, but to build it in a way that makes compromise and compliance an inherent property. Where Others Retrofit, SpaceTime Reinvents Even sovereign cloud efforts from telecom giants—such as Bleu (a partnership between Microsoft and Orange), T-Systems' partnership with Google Cloud, or the GAIA-X consortium—often retrofit existing U.S.-based hyperscaler infrastructure to meet European compliance requirements. SpaceTime is different: its systems are sovereign by design, not adaptation. Its infrastructure is immutable, jurisdictionally locked, and physically decentralized—built to survive attack, not just satisfy a checklist. This design-first posture makes SpaceTime stand apart in a market defined by rising compliance pressure and digital fragmentation. Where others offer a sovereign wrapper, SpaceTime delivers a sovereign core.. SpaceTime: The Fortress Builder SpaceTime's origins can be traced back more than 25 years, when Finnish technologists Antti Pennanen, Joonas Mäkinen, and Jyri Sillanpää—then founders of earlier ventures—first began experimenting with ideas that would later evolve into SpaceTime. Many startups today chase buzzy topics or narratives they believe VCs will back with capital, but SpaceTime is solving a problem that its founders encountered themselves, first-hand, when building their previous businesses. When building an animation studio in the early 2000s, Pennanen, SpaceTime's CEO, encountered the issue of data storage. Quite literally. 'When passing work to the next team in the creative process, we found it was easier to take hard drives on a plane and then deliver them in person rather than using the internet,' he recalls. 'That was insane to me even then.' With close friends he knows from Finland's startup nucleus, Pennanen began investigating how to tap the internet's undoubted potential for storing and transporting data, without needing his own flight tickets. This was crystallized in 2021 with the formal launch of SpaceTime. The collective had achieved 10 years of uninterrupted uptime with a group of Linux-based servers they'd set up for their own ventures, and saw the potential to commercialize their knowledge into a business, but with the conviction that the entire cloud paradigm must be rethought. As a systems architect, Pennanen helped design secure telecom infrastructure for the Finnish government to protect some of its most sensitive data. He grew up in a geopolitical context where cyber disruption wasn't hypothetical, it was expected. Finland's proximity to Russia—and its long-standing hybrid defense doctrine—infused him with a systemic awareness of fragility. 'If you don't own your own data, you can't defend it,' he tells Forbes. The importance and purity of the mission have helped assemble an impressive executive team for a young startup. Members include Taneli Tikka, a serial entrepreneur and high-profile angel investor in Finland, with a bench of advisors that includes Harri Holopainen, who previously sold a business to Nvidia. Pennanen's background is more war-room than boardroom. He's not a serial founder chasing unicorn valuations. He's the guy you call when your infrastructure catches fire and you don't want a TED Talk, you want a disaster recovery plan and activation to be implemented immediately. Based in Helsinki, SpaceTime isn't trying to replace AWS. It's building an immune system for digital civilization—one that prioritizes fault tolerance, jurisdictional sovereignty, and immutability over flexibility, scale, or developer convenience. At the core of that system is a federated protocol designed not for centralization, but for collaboration. 'We're building a protocol for many,' says Pennanen. 'It's not a walled garden. It's an open, sovereign framework where European players—national clouds, regional data centers, even startups—can plug in, contribute, and co-defend.' That collaborative architecture, he argues, is what gives SpaceTime its long-term advantage: a system resilient not just to outages, but to cyberattacks, legal overreach, and systemic collapse. 'We're not trying to become the next global cloud,' Pennanen says. 'We're building the resilient sovereign layer—the one that endures cyberwar, disruption, and digital blackout.' The sentiment is echoed by one of SpaceTime's major partner, Finland-based Nexetic, which sells digital backup services to over 4,000 customers. 'We partner with SpaceTime because of their reliable, secure, and domestically hosted capacity from the Ulvila Datacenter. This collaboration ensures that our state-of-the-art Microsoft 365 and Entra ID backup services are delivered with full data residency in Finland, high scalability, and top-tier data security,' Nexetic CEO Henry Liukko-Sipi tells Forbes. 'SpaceTime's infrastructure enables us to meet the evolving needs of our customers while maintaining maximum performance, availability, and trust,' he adds. Why Cloud Infrastructure Must Serve and Defend In a stark example of centralized infrastructure vulnerability, Iran shut down nationwide internet access last month in response to escalating cyberattacks. The blackout incapacitated banks, mobile networks, and e-government services, crippling the country's core systems. At the same time, Nobitex, Iran's largest cryptocurrency exchange, was breached. The platform was compromised despite hosting its data locally, and funds were drained in a coordinated exploit. The takeaway: storing data locally isn't enough. If systems aren't architected for resilience, even sovereign infrastructure can fail. This is the frontier of modern infrastructure risk: not just uptime, but recoverability under targeted attack. In a world where infrastructure is a strategic asset, companies and countries are recognizing the need for regional redundancy, legal independence, and cyber-immune architecture. SpaceTime was built for this moment. 'If your infrastructure can't survive cyberwar,' says Pennanen, 'it's already obsolete.' Europe's Digital Awakening European regulators are responding faster than their American counterparts. The NIS2 directive, a sweeping EU regulation aimed at strengthening cybersecurity across critical infrastructure sectors, dramatically expands obligations for risk management, incident reporting, and supply chain security, covering industries from energy and finance to healthcare and transportation. Meanwhile, the EU Data Act introduces strict localization rules for industrial data. The legal backdrop is just as volatile. The CLOUD Act allows U.S. authorities to access data on American-owned cloud platforms, regardless of where the data is stored. Meanwhile, the Schrems II ruling invalidated the EU–U.S. Privacy Shield, creating uncertainty for companies relying on transatlantic data flows. Even the hyperscalers are retreating to sovereign models: But as SpaceTime is quick to point out: these are still adaptations of U.S. companies to European law, not European infrastructure born for it. SpaceTime was architected with these constraints in mind from day one. Its systems are sovereign by default, with zero foreign legal exposure and immutable infrastructure built into its core. That's essential not only because of the CLOUD Act, but as the evolution of European data laws creates almost a bifurcation between the two regions, leaving companies in the middle. While he is coy on the details of SpaceTime's roadmap, Pennanen has a broader vision for how the company can enable European companies to control their data with increased granularity and ownership. 'We are building the protocol to unite Europe,' he declares.'We want to give European companies the opportunity to bring their data back home.' "Europe's sovereign cloud market is approaching a critical juncture," wrote IDC analyst Rahiel Nasir in a December 2025 research report. "2025 looks set to become a pivotal year as new sovereign cloud offerings are launched and existing ones start to gain momentum.' Demand is clearly growing. The report found that 84% of European organizations that are using cloud technologies were either currently using or planning to use sovereign cloud solutions. SpaceTime Isn't The Backup Plan—It's The Survival Plan SpaceTime doesn't optimize for mass-market use or infinite scale—it's engineered for durability in the most critical environments. Instead, it offers something different: durability. Its infrastructure is as suited to disaster insurance or nuclear redundancy as it is to typical cloud services. Since it is fully compatible with current cloud storage APIs from any provider, switching to SpaceTime from a cloud provider is a straightforward process. The architecture is anchored on three principles: In mission-critical sectors, recoverability matters more than raw power or size. SpaceTime is positioning itself not as the dominant cloud provider, but as the contingency infrastructure trusted when the dominant cloud fails. These principles are particularly critical for hospitals, utilities, government services, and AI model training centers, where data loss costs are existential. 'Think of us as the place you keep the crown jewels,' Pennanen says. 'You don't need to access them every second. But when everything else fails, they're still there—and intact.' The company recently closed a seed round from deeptech investors focused on cybersecurity and critical infrastructure. Interestingly, even after receiving seed investment, the founders still own more than 90% of the company. Pennanen said there are current discussions to raise a new round of funding from investors that share the same mission of providing European data sovereignty. SpaceTime servers under a rock. 'When a highly experienced team with a proven track record builds and successfully operates a 70 petabyte infrastructure serving demanding enterprise customers, wise investors take notice,' said Vitaly Kleban from Cyber Fund, which is a SpaceTime investor. Cloud Sovereignty: The Case for Untouchable Data Ransomware attacks are evolving from disruption to destruction. Groups like Cl0p and BlackCat now target backup systems explicitly—corrupting or encrypting recovery points to increase payout leverage. In 2023 alone, the average ransomware payment surged past $1.5 million, according to Chainalysis. SpaceTime's immutable model cuts off this leverage completely. Once data is written, it cannot be modified, even by administrators. This design flips the ransomware game on its head: there is no access point for extortion. It also inoculates against internal threats, like rogue employees or misconfigurations, one of the most common causes of cloud data loss. By removing mutation rights, SpaceTime ensures that what's stored stays stored. This is not a convenience play. It's a survivability guarantee. 'If attackers can modify your backups,' says Pennanen, 'you don't have backups.' The Cloud Is Splintering—SpaceTime Was Built for It We are entering the post-monoculture era of cloud computing. Pennanen said, 'We are going back to the core of the essence of the purpose of the internet back in the day. It was BUILT for this purpose exactly. It's nothing new, but hyperscalers destroyed that decentralised principle by taking over 80% of the internet's compute over.' The dream of 'one cloud to rule them all' has been replaced by a more practical truth: maybe we don't want our AI models, missile guidance systems, and grocery delivery APIs all running on the same stack. Instead, we're entering a fractured landscape of specialized clouds: by This fragmentation isn't failure—it's evolution. Gartner predicts that by 2026, more than 60% of organizations will utilize at least three cloud providers, each selected for different risk and compliance requirements. SpaceTime is positioned not as a competitor, but as a complement—a final layer beneath the stack, architected for one job: not to serve everyone, but to save the mission-critical C-suite for whom infrastructure resilience has become a priority. SpaceTime servers SpaceTime's Playbook: Resilience Without Compromise SpaceTime isn't in the business of storing cat videos, powering dating apps, or ensuring your influencer campaign launches on time. Its focus is narrower—and far more critical: to remain intact while the rest of the internet enthusiastically dismantles itself. Unlike Big Tech, it doesn't chase scale for scale's sake. But that doesn't mean it can't scale. SpaceTime is engineered to scale on its own terms—around resilience, immutability, and sovereign control. Its approach is not reactive, but foundational—a reimagining of infrastructure that assumes compromise and failure, yet survives anyway. In an age of ransomware-as-a-service, hostile AI, fragmented geopolitics, and infrastructure weaponization, SpaceTime's pitch is not just timely. It's essential: 'We're not building another cloud,' says Pennanen. 'We're building the thing that survives when everything else fails.'
Int'l Business Times
11-06-2025
- Health
- Int'l Business Times
The Silent Cyber Crisis Alarming Global Economies and Why It's Time for Collective Action
The world has found itself dependent on the Internet, which powers everything, from emergency rooms and election systems to global supply chains and banking infrastructure. Cybersecurity is no longer just a technical concern. It's a matter of national resilience and global economic stability. Yet, despite daily headlines about ransomware attacks, phishing campaigns, and infrastructure outages, the world remains dangerously complacent. Individuals, businesses, and governing entities alike often operate under the illusion that the internet 'just works' until it doesn't. When disruptions occur, they aren't just inconvenient. They're deeply consequential. The cyberattacks of 2024 show exactly that. The UnitedHealth's Change Healthcare division cyberattack led to widespread medical delays and a ripple effect on the stock market. A software issue involving CrowdStrike grounded flights and stalled operations across multiple industries. These events exposed a hard truth: the global economy is built on digital infrastructure that is far more fragile than people care to admit. "We live in a world of digital dependence, but not digital preparedness," says Philip Reitinger, President and CEO of the Global Cyber Alliance (GCA). "Cybersecurity is not just a technology issue. It's an economic and well-being issue with global implications." Philip Reitinger Much of the malicious activity that threatens the Internet doesn't make headlines. Attacks happen quietly: automated bots probe systems, stolen credentials circulate on the dark web, and malware using cloud infrastructure launches coordinated attacks. This ongoing digital pollution impacts not only the victims but also the very health and trustworthiness of the Internet itself. To highlight and confront this issue, GCA recently launched the Internet Pollution Index, an initiative to measure and map malicious activity flowing across global networks. The results are sobering. Some organizations, including well-known cloud service providers, unknowingly emit harmful traffic, acting as launchpads for attacks against others. "Cybercrime has become so automated, so widespread, that many networks are both victims and unwitting accomplices," Reitinger explains. "We need more visibility and accountability to break this cycle." The Common Good Cyber initiative (spearheaded by GCA) has long been at the forefront of strengthening cybersecurity worldwide. In March, the group announced a critical effort to establish a joint fund mechanism for nonprofit organizations at the Bridging the Gap event. Together with a growing network of nonprofits, corporate enterprises, and governing entities, GCA is working to safeguard the foundational components of the internet, including routing, domain names, IP address hygiene, and more. These efforts are often behind the scenes but vital. They help small businesses stay afloat, enable civil society groups to operate safely, and protect the digital backbone of democratic institutions. But they face an uphill battle. "There's only so much nonprofits and NGOs can do on their own," says Reitinger. "The hard truth is that cybersecurity for the common good requires much more investment from governing bodies, the private sector, and civil society." The consequences of underinvesting in cybersecurity aren't abstract. They're felt in economic losses, eroded trust, and the disruption of essential services. From hospitals unable to access patient records to small businesses locked out of their systems, the damage is both personal and systemic. In fact, the situation has gotten so severe that the cost of global cybercrime is expected to reach an annual cost of $10.5 trillion by 2025, with the average cost of individual breaches averaging around $4.9 million. However, this is far from simply a problem for organizations as its impact reaches everyday citizens. It was reported that a single data breach leaked the information of over 1.3 million US citizens in 2024, many of whom were none the wiser that their names, social security numbers, and home addresses were being sold to the highest bidder on the dark web. And it's not just about being a target. Some networks are already part of the problem without knowing it. According to GCA's sensor network, malicious traffic emerges from every region, targeting every IPv4 port 24/7. "Every network has a responsibility not just to protect itself but to ensure it's not unintentionally harming others," says Reitinger. "We need active collaboration, not passive protection." GCA's Internet Integrity Program builds on that spirit. By collaborating with key players in Internet infrastructure operations, the program aims to create a practical, scalable blueprint for better security across borders. Global Cyber Alliance Cybersecurity cannot be treated as an afterthought or a private burden. It is a cornerstone of economic growth, public trust, and national security. And as cyber threats grow more sophisticated, the only viable path forward is one built on collective responsibility and sustained collaboration. That includes empowering the nonprofits doing the essential, and often invisible, work of defending the Internet. Collaboration means governing bodies recognizing their role not just in protecting their own infrastructure, but in supporting the public interest across the broader ecosystem. And collaboration means acknowledging that when it comes to cyber risk, everyone is in this together. In the end, Reitinger concludes, "The internet we created belongs to all of us. And if we want to keep it safe, accessible, and reliable, then we all have a role to play in protecting it."
Yahoo
08-06-2025
- Health
- Yahoo
Why Healthcare Gets Hit Hardest With Cyberattacks
Our health data is some of the most confidential information we have, and the systems that most healthcare companies use to protect it from cybercrooks are somewhat sickly. Thanks to a toxic mix of aging hardware, outdated software and shoestring operating budgets, they're increasingly susceptible to cybercriminals who are not only lured by a gold mine of data but also armed with state-of-the-art hacking tools, experts told The Daily Upside, leading to some of the largest data breaches in history. And the risks extend far beyond lost data and eye-popping ransom payments. 'There's really a direct danger to patient care and life,' says Rob Hughes, chief information security officer at security firm RSA. 'That's as serious as you can get. It's a different type of pressure.' READ ALSO: NBA Finals Kick Off With an Old (Footwear) Friend and Tariffs Deliver Record Drop in US Trade Deficit Statistics back him up: Last year was a landmark for healthcare data breaches. According to HIPAA Journal, there were 14 attacks involving the records of 1 million or more patients in 2024, exposing the records of more than 237 million individuals altogether. The biggest healthcare breach in history occurred only two months into the year, when ransomware attackers stole the data of 190 million people from Change Healthcare in February. 'There are a lot of vulnerabilities that healthcare organizations don't even realize they have,' said Alpesh Shah, vice president of security strategic alliance at Myriad360. 'Every individual who is touching a smart device is vulnerable to bring some sort of threat to the organization.' The technological advances that have revolutionized healthcare over the past 50 years have simultaneously ramped up cybersecurity risks exponentially. The amount of personal information collected at healthcare facilities is mountainous, with every machine collecting bits of data on patient health at a constant rate. Many of the technologically complex devices used daily or even hourly are operating on outdated software, Hughes said, a combination that leaves medical centers riddled with vulnerabilities. For instance? A big MRI machine that still makes a nice MRI image but runs 'an old version of Windows that can't accept patches anymore,' he said. Exacerbating the problem are security measures that often involve a patchwork of systems inexpertly quilted together, said Gary Salman, CEO of Black Talon Security. Healthcare organizations often use security solutions from multiple vendors, which can lead to a lack of standardization or centralization, he said. While this puts them in a 'feel-good position,' the mishmash of products may not always cover the ground that it should while creating both unnecessary complexity and a glut of data. 'How do you triangulate all of this, especially in medium- and large-size healthcare organizations?' he asked. At a more strategic level, few shareholders and healthcare practitioners prioritize cybersecurity budgets, focusing instead on delivering patient care. Smaller regional and rural healthcare facilities are often living below the 'cybersecurity poverty line,' he said. 'Security is going to come second.' Plus, talented cybersecurity professionals have become increasingly sought after and expensive. And because of healthcare's limited budgets for technology, it doesn't always get the best cybersecurity talent, said Shankar Somasundaram, founder and CEO of Asimily. 'Healthcare may not always be able to pay the same amount,' said Somasundaram. 'Strong talent would go to another vertical, where they're getting paid more.' While formidable to healthcare executives, the tangled web of cybersecurity challenges merely sweetens the pot for hackers who, according to Salman, view healthcare data as a 'pot of gold.' The information is highly sensitive, incredibly personal and usually deeply detailed. Plus, organizations are collecting massive amounts at a constant rate, he said. 'Any size healthcare organization that has anywhere from thousands to millions of patient records – the risk is high,' Salman said. Selling such data to brokers through underground channels is also far more lucrative than pushing other types of data, Somasundaram added. When hackers sell credit card information, 'they have to collect 50 credit cards to make a single dollar,' he said. 'They can sell a healthcare record for tens of dollars each.' Because of the sensitivity of health data – and the fact that these records generally can't be wiped or changed the way a credit card or phone number can – healthcare organizations will often pay up when hit with ransomware attacks, said Salman. 'Imagine having a human being's complete demographic profile. That data could be sold to pharmaceutical companies,' said Shah. 'Thieves will go where the money is. And data is the new money.' Data loss is only the beginning of the problem, added Hughes. Cyberattacks can completely shut down healthcare facilities, forcing patients to seek care elsewhere, he said. In extreme cases, cyberattacks on healthcare organizations have been linked to fatalities, such as the 2019 attack on a hospital in Alabama that led to the death of a newborn. 'There is a state of mind that hackers are moral,' said Itay Glick, director of product at security firm OPSWAT. 'We need to understand that not all the attack groups share the same ethical standards that we think they should.' Despite the growing risks, healthcare organizations all too often simply react to attacks rather than working to prevent them, said Salman. Along with putting patients at risk, the strategy ends up costing organizations a far larger sum than they would have paid to establish adequate cyber defenses. While change often happens slowly, there are a variety of steps healthcare organizations can take to make themselves less attractive targets. Some are simpler, such as consistent security patching, strengthening credentials and providing cybersecurity education to staff, said Hughes. Vulnerability and penetration-testing can also help organizations identify their biggest pitfalls, said Glick. Backup Plan: Backing up data, meanwhile, is vital for healthcare organizations, Glick added. Since a major part of ransomware attacks is 'winning your data back,' having a backup stored can allow an organization to quickly recover, he said. The most important fix, however, is making cybersecurity a priority, especially among leadership and stakeholders. Change and awareness have to come from the top, said Somasundaram. Rather than viewing cybersecurity as an additional cost, corporate decision-makers should treat it as a vital necessity. 'In any industry which prides itself on patient outcomes and patient wellness and improvement, they see cybersecurity as a cost, not an outcome-based thing,' Somasundaram said. 'But if they could see the tie between cybersecurity and patient impact or lives, then I do believe they'd invest.' This post first appeared on The Daily Upside. To receive delivering razor sharp analysis and perspective on all things finance, economics, and markets, subscribe to our free The Daily Upside newsletter.
New York Post
21-05-2025
- Business
- New York Post
Report that UnitedHealth secretly paid nursing homes to cut hospital transfers sees stock plunge
UnitedHealth shares fell more than 4% on Wednesday after the UK's Guardian newspaper reported that the company made secret payments to nursing homes to reduce hospital transfers, adding to the woes of the healthcare conglomerate. The alleged action, part of a series of cost-cutting tactics, has saved the company millions, but at times risked residents' health, the Guardian reported, citing an investigation. The allegations add to the litany of negatives that have hurt UnitedHealth in the last several months, following a massive cyberattack at its Change Healthcare unit, reports of criminal and civil investigations into the company's practices, including one for Medicare fraud and the abrupt departure of CEO Andrew Witty last week. Advertisement UnitedHealth reportedly made secret payments to nursing homes to reduce hospital transfers, adding to the healthcare conglomerate's woes. AP Shares have stumbled all year, losing more than 39%, compared with a 0.6% decrease for the Dow. UnitedHealth said in response that 'the U.S. Department of Justice investigated these allegations, interviewed witnesses, and obtained thousands of documents that demonstrated the significant factual inaccuracies in the allegations.' The company also said in an emailed statement that the DOJ declined to pursue the matter after reviewing all the evidence during its multiyear investigation. Advertisement Reuters has not independently verified the article's allegations. 'The news is only seemingly getting worse for UnitedHealth,' said Sahak Manuelian, managing director, global equity trading at Wedbush. 'This is kind of a tough situation for investors to come in and have any kind of confidence in putting money to work, so we'll have to kind of wait and see how this plays itself out, unfortunately,' Manuelian said. Advertisement Stephen Hemsley returned as UnitedHealth CEO last week. AP Separately, HSBC downgraded the stock to 'reduce' from 'hold,' and cut the price target to a street-low of $270. The brokerage said higher medical costs, pressure on drug pricing and its pharmacy benefit management unit, OptumRx, and a potential Medicaid funding cut can upset the company's recovery journey. The company is now counting on the experience of Stephen Hemsley, who returned as CEO to steer it through the current crisis. Advertisement 'We believe Hemsley has the experience and leadership attributes that the company needs to restore credibility and right the ship,' said James Harlow, senior vice president at Novare Capital Management.
Al Jazeera
21-05-2025
- Business
- Al Jazeera
Unitedhealth paid nursing homes to reduce hospital transfers, report
UnitedHealth has allegedly secretly paid nursing homes to reduce hospital transfers — the latest accusations in a series of woes facing the health insurance giant. The alleged action, first reported by The Guardian newspaper on Wednesday, was part of a series of cost-cutting tactics that have saved the company millions, but at times, risked residents' health, the publication showed, citing an investigation. The story, which cites thousands of documents and firsthand accounts of more than 20 former employees of the healthcare company and nursing homes, says that the insurance giant sent its own medical teams to nursing homes to push the cost-cutting measures. As a result, patients who urgently needed medical care did not receive it, including one person who now lives with permanent brain damage after a delayed transfer. The allegations add to the litany of negatives that have hurt UnitedHealth in the last several months, following a massive cyberattack at its Change Healthcare unit, reports of criminal and civil investigations into the company's practices, including one for Medicare fraud and the abrupt departure of CEO Andrew Witty last week. UnitedHealth said in response to the story, 'The US Department of Justice investigated these allegations, interviewed witnesses, and obtained thousands of documents that demonstrated the significant factual inaccuracies in the allegations.' The company also said that the DOJ 'declined to pursue the matter'. Shares have stumbled all year, losing more than 39 percent compared with a 0.6 percent decrease for the Dow. As of noon ET (16:00 GMT), the stock is down more than 3.6 percent. 'The news is only seemingly getting worse for UnitedHealth,' said Sahak Manuelian, managing director, global equity trading at Wedbush Securities. HSBC downgraded the stock to 'reduce' from 'hold,' and cut the price target to a street-low of $270. The brokerage said higher medical costs, pressure on drug pricing and its pharmacy benefit management unit, OptumRx, and a potential Medicaid funding cut can upset the company's recovery journey.
