BEND, Ore. (KTVZ) — Many Central Oregonians will soon receive letters about a recent data breach linked to TriZetto Provider Solutions. This incident may have affected the personal health information of over 700,000 individuals nationwide.
TriZetto acts as a contractor, helping health care providers with insurance-eligibility verification. Local organizations like Deschutes County Health Services (DCHS), Best Care, and the La Pine Community Health Center (LCHC) have confirmed they use TriZetto’s services.
Importantly, the breach was contained within TriZetto’s systems and did not impact any of the local agencies directly.
What happened?
In October, TriZetto detected unusual activity in one of its online portals. Their investigation revealed that unauthorized access began in November 2024, targeting historical eligibility reports. These reports include sensitive information related to health insurance eligibility, such as protected health information (PHI).
TriZetto stated that the threat was addressed by October 2, but unfortunately, it might have exposed data for over 700,000 individuals.
Local health agencies were informed about the breach on December 10 and have started identifying those affected.
What data was exposed?
The breach may have revealed various details, including names, addresses, dates of birth, Social Security numbers, health insurance information, and provider names. However, there were no medical treatment details or financial information compromised.
What actions are being taken?
TriZetto plans to notify affected individuals in February. To expedite the notification process and safeguard privacy, DCHS, LCHC, and Best Care will send their own notices. LCHC will reach out to about 1,200 patients, DCHS will contact around 1,300, and Best Care will notify approximately 1,650 clients.
It’s important to emphasize that there’s currently no evidence that the accessed information has been misused.
To help those impacted, the agencies are offering free identity theft protection services through IDX. This includes a year of credit monitoring, insurance coverage for losses, and assistance with identity theft recovery.
This incident highlights a growing concern about data privacy in healthcare. According to a 2023 report from the Identity Theft Resource Center, breaches in health-related sectors have surged by 25% over the last year. As technology evolves, so do cyber threats, making it crucial for both organizations and individuals to stay vigilant.
For more details, you can check trusted sources like the HealthIT.gov for information on protecting personal health information.
