Vendor Impacted by Security Incident

One of Norman Regional Health System's vendors, TriZetto Provider Solutions or TPS was impacted by a security incident, which affected some of our patients’ or their primary insured’s protected health information.

Learn more about this by clicking this website:

https://tpsincident.kroll.com/

TPS recently experienced a cybersecurity incident that affected certain protected health information of certain of its healthcare provider customers’ patients. TPS provides billing-related services to healthcare providers, such as hospitals, health systems, and physician practices.

What Happened?

On October 2, 2025, TPS became aware of suspicious activity within a web portal that some of TPS’s healthcare provider customers use to access its systems. Upon discovering the incident, TPS quickly launched an investigation and took steps to mitigate the issue. TPS also engaged external cybersecurity experts and notified law enforcement.

TPS determined that, beginning in November 2024, an unauthorized actor began accessing some records related to insurance eligibility verification transactions that healthcare providers process to assess insurance coverage for treatment services they provide to patients. A thorough review of the affected data was conducted to identify what information was involved and the individuals to whom the data related.

What information was involved?

The affected data varied by individual and may have included the following information for patients and primary insureds: name, address, date of birth, Social Security number, health insurance member number (which, for some individuals, may be a Medicare beneficiary identifier), health insurer name, primary insured or dependent information, and other demographic, health, and health insurance information. The incident did not affect any payment card, bank account, or other financial information. At this time, TPS is not aware of any identity theft or fraud related to the use of any affected individual’s information.

What TPS is doing?

After becoming aware of the incident, TPS immediately took additional protective measures to safeguard its systems and worked with leading cybersecurity experts to conduct a comprehensive investigation of the incident. TPS notified law enforcement and implemented additional security protocols designed to enhance the security of its services.

TPS notified affected providers beginning on December 9, 2025, and offered to make all legally required notices on their behalf. For those providers that accepted the offer, TPS is currently notifying affected individuals at their last known addresses.

TPS is offering affected individuals complementary identity monitoring services including credit monitoring, fraud consultation, and identity theft restoration services.

What can affected individuals do?

If you believe that you may have been affected by this incident and would like to enroll in credit monitoring services at no charge, click this link or call the dedicated, toll-free call center at (844) 572-2725 between 8:00 a.m. and 5:30 p.m. Central Time, excluding major U.S. holidays.

In order for you to receive the Kroll services, you must enroll by May 8, 2026.