Change Healthcare Breach

As you’re likely aware, Change Healthcare, one of the largest companies to connect provider offices, pharmacies, and hospitals with health insurers, experienced a criminal cyberattack—which impacted the healthcare and personal information of a large portion of Americans.

Recently, Change Healthcare formally declared a HIPAA privacy breach and began informing its customers (healthcare providers and insurers) they intend to manage the notification of individuals whose personal information has been impacted.

We take this situation seriously at Premera Blue Cross and across the Blue Cross Blue Shield system and understand that individuals’ data may have been impacted due to their relationship with any entity that works directly with Change Healthcare, including providers, pharmacies, other Blue plans, other insurers, or other healthcare clearinghouses.

What the Blues are doing:

• Systemwide, Blue Cross and Blue Shield companies have agreed to delegate this notification to Change Healthcare.
• Because of the unique size and scope of this incident, an individual’s information may have been affected because of more than one relationship, including one or more healthcare providers, pharmacies, or other insurers.

What you need to know:

Premera did not receive a notification from Change Healthcare that our data was impacted, however, some of our members’ information may be impacted through other relationships, including one or more healthcare providers, pharmacies, or other insurers. This means some of our members could receive a letter from Change Healthcare.

For more information, view the Change Healthcare notice.