VIVA has a contract with Change Healthcare to provide certain electronic services on its behalf.As part of an ongoing investigation into the February 2024 ransomware attack and data breach at UnitedHealth Group’s Change Healthcare – an attack that affected medical entities across the country — VIVA Health was notified that approximately 22,000 of its customers’ data was involved in the breach.

VIVA contracts with Change Healthcare to provide certain electronic services on its behalf, including billing and payment processing. Change Healthcare also prints and mails various client documents on behalf of VIVA.

Given the scale of the data breach, which Change Healthcare reported was likely to affect a substantial portion of the United States population, Change Healthcare has spent the months since the security incident conducting a forensic investigation of the potentially affected data and the recent was able to begin providing its customers with the names of affected individuals.

After learning of the breach from Change Healthcare earlier this year, VIVA promptly took steps to protect customer data during the forensic investigation. Change Healthcare has begun notifying customers of the ransomware breach, and VIVA customers have been or are in the process of being notified. Notification letters from Change Healthcare will provide information about the data breach, the types of data potentially involved, and resources for individuals to protect themselves, including instructions for signing up for two years of free identity protection and credit monitoring.

Change Healthcare’s investigation into the incident is ongoing and may identify additional VIVA customers involved in the breach. If so, these customers will also receive a notification letter from Change Healthcare.

Although Change Healthcare was unable to provide VIVA with the exact data involved for each affected individual, it is common for demographic information – name/surname, address, phone number, date of birth, health plan identification number and, in rare cases, security social. number — to be targeted in these types of incidents.

As with any data breach incident, those affected are advised to remain vigilant and regularly monitor the explanation of benefit statements you receive from your health plan, statements from your healthcare providers, statements bank and credit card and credit reports and tax returns to check for any unknown activity. If you notice any health care services that you did not receive listed on an explanation of benefits statement, please contact your health plan or doctor. If you notice any suspicious activity on either your bank or credit card statements or tax returns, please contact your financial institution and/or credit card company or relevant agency immediately.

The US Department of Health and Human Services has made information about the data breach available Here.

Change Healthcare has established a dedicated call center to provide additional resources and information, including assistance with signing up for two years of free identity theft protection and credit monitoring services. The call center’s toll-free number is 1-866-262-5342 and is available Monday through Friday from 8:00 AM to 8:00 PM CST. Customers can also visit www.changecybersupport.com for more information.