Press Releases
3/21/2024, 12:00:00 PM



March 21, 2024

 Contact: Viara Ianakieva, Life and Health Division Director

 New Mexico Insurance Regulator Issues Order to Protect Small Health Care Practices After Nationwide Change Healthcare Cyber Incident

 Santa Fe, N.M. – On Wednesday March 20, 2024, the New Mexico Office of Superintendent of Insurance (OSI) issued an order in response to the Change Healthcare cyber incident. The cyber incident occurred on February 21 and continues to cause uncertainty for small and independent health providers as they try to make health care decisions for their patients in New Mexico. 

 “I have directed health insurers under OSI’s jurisdiction to take several steps to minimize disruptions in the delivery of critical health care services for New Mexicans and support our local health care providers,” said Superintendent of Insurance Alice Kane. 

 OSI’s order focuses on relief for non-hospital-affiliated health care providers. The order directs major medical insurers regulated by OSI to temporarily suspend prior authorizations, refrain from retroactively denying claims due to common issues caused by the cyber incident, and waive “timely filing” policies that require providers to submit claims within a certain timeframe after services are rendered. The order applies to in-person health care delivery and telehealth.

 “Independently owned physician practices in New Mexico and around the country have been adversely impacted by a cyber-attack on Change Healthcare, which is a company that plays an integral role in our health care delivery system,” said Anne Jung, Executive Director of the New Mexico Medical Society. “Most notably, the cyber-attack has made it difficult, and in some cases impossible, for physicians to receive payment for the healthcare services they provide to New Mexicans. This comprehensive Bulletin focuses relief on the pain points small and independent practices have experienced due to the nationwide collapse of interconnected systems.” 

 “I want to thank New Mexico’s major medical insurers for the significant steps already taken to help providers resolve issues stemming from this cyber incident,” said Superintendent Kane. “I hope that OSI’s order will provide additional relief for smaller health care practices that are under significant strain.”

 This order applies to fully-insured major medical plans in the individual, small group, and large group markets. OSI does not have authority over other types of health coverage, such as self-funded health plans, Medicaid, Medicare, or TRICARE.