Atrium Health & Interim HealthCare Affected by Business Associate Data Breaches
Atrium Health Navicent and Interim HealthCare of Lubbock/Amarillo have recently announced that they have been affected by data breaches at third-party vendors.
Atrium Health Navicent
Atrium Health Navicent is the latest healthcare provider to announce that it has been affected by the January 2025 data breach at Oracle Health. Oracle Health acquired the electronic medical record company Cerner, and was due to migrate patient records from legacy Cerner servers to Oracle Health’s systems. As early as January 22, 2025, a hacker gained access to two legacy servers and exfiltrated patient data. Oracle Health detected the breach in February 2025. Many healthcare providers were affected and issued notification letters last year.
According to Atrium Health Navicent, the delay in notification is due to the complexity of the data review, which has taken many months to complete. Atrium Health Navicent said it only recently learned from Oracle Health that it had been affected, and the review of the impacted data was not completed until March 12, 2026. The data compromised in the incident was stored in a legacy Cerner system that was historically used by Atrium Health.
The compromised data related to patients who received services from Atrium Health in the greater Charlotte (NC) area prior to August 6, 2022, or from Atrium Health Navicent prior to July 3, 2021. The compromised data includes names, addresses, dates of birth, medical record numbers, provider names, diagnoses, medications, test results, images, and other information included with patient medical records. For certain individuals, Social Security numbers were also compromised.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Notification letters are now being mailed, and the affected individuals have been offered complimentary credit monitoring services for two years. Atrium Health Navicent has yet to publicly announce how many patients have been affected. An estimated 2 million people across the country are thought to have been affected by the Oracle Health data breach in total.
Interim HealthCare of Lubbock/Amarillo
Interim HealthCare of Lubbock and Interim HealthCare of Amarillo have recently notified the HHS’ Office for Civil Rights about a data breach at a third-party vendor that affected 2,071 and 666 patients respectively. The incident occurred at the healthcare technology firm Doctor Alliance. Unauthorized individuals gained access to the Doctor Alliance web portal and intermittently accessed the portal between October 31, 2025, and November 17, 2025.
Interim HealthCare of Lubbock and Interim HealthCare of Amarillo completed their reviews of the affected data on March 18, 2026, and confirmed that data potentially viewed or obtained included names, dates of birth, addresses, diagnoses, treatment plans, medications, and provider information. There has been no known misuse of patient data; however, out of an abundance of caution, the affected individuals have been offered complimentary credit monitoring services.
