Utopia Tech
Healthcare3 min read

Ohio Living; Erlanger; Heart of America Eye Care Announce Data Breaches

Data breaches have recently been announced by the senior living company Ohio Living, Erlinger Health System in Tennessee, and Heart of America Eye Care in Missouri. Ohio Living The Westerville, Ohio-based nonprofit senior living company Ohio Living has identified unauthorized access to its network. Suspicious activity was identified within its computer network on April 17, 2026

UT

Utopia Tech

July 16, 2026 · 3 min read

Share

Data breaches have recently been announced by the senior living company Ohio Living, Erlinger Health System in Tennessee, and Heart of America Eye Care in Missouri. Ohio Living The Westerville, Ohio-based nonprofit senior living company Ohio Living has identified unauthorized access to its network. Suspicious activity was identified within its computer network on April 17, 2026.

Its network was secured, and an investigation was launched to determine the nature and scope of the activity, with assistance provided by third-party cybersecurity experts. The forensic investigation confirmed unauthorized network access between April 16, 2026, and April 17, 2026, and the exfiltration of files containing patient information. While the specific types of information involved for each individual have yet to be determined, Ohio Living states that the categories of data likely involved include names, addresses, birth dates, Social Security numbers, medical histories, disability information, diagnostic and treatment information, prescription information, physician information, medical record numbers, health insurance information, and financial account/payment card information.

Ohio Living is reviewing its security policies and procedures and is implementing enhanced cybersecurity safeguards to prevent similar incidents in the future. The data review is ongoing, so the total number of affected individuals has yet to be determined. The HHS’ Office for Civil Rights has been informed that the data breach affected at least 500 individuals.

The total will be updated when the data review is concluded. Erlanger Health System Erlanger Health System, a Chattanooga, Tennessee-based health system and operator of six hospitals and multiple healthcare facilities, has announced a security incident affecting a limited number of patients. The incident was detected on May 13, 2026, and affected 4,237 Erlanger Western California patients.

The investigation revealed that patient information was inadvertently sent to a billing partner that provides services for its Erlanger Tennessee campuses. The information was disclosed between July 1, 2025, and May 27, 2026, and related to individuals who had received anesthesia care. Those patients of Erlanger Western California received anesthesia care from a different anesthesia group.

The billing partner was a business associate and was therefore aware of its responsibilities with respect to HIPAA; however, it was an impermissible disclosure warranting breach notifications. The data transmitted included names, birth dates, medical record numbers, mailing addresses, email addresses, telephone numbers, internal hospital account numbers, insurance information, guarantor names, guarantor addresses, guarantor telephone numbers, dates of service, and limited medical information associated with surgical care, including operative notes.

Heart of America Eye Care MVP VIP Holdco, doing business as Heart of America Eye Care, an ophthalmology and optometry services provider at its locations in Overland Park, Prairie Village and Shawnee Mission, KS, and Belton, MO, has notified regulators and patients about a hacking incident that exposed patient data. The website breach notice does not state when the hacking incident was detected; however, the forensic investigation determined that patient information was viewed or copied from its systems between April 1, 2026, and April 6, 2026.

The notice states that the investigation is underway to determine the extent to which protected health information was involved. The HHS’ Office for Civil Rights has been informed that the data breach affected at least 500 individuals. The total will be updated when the data review is concluded.

The post Ohio Living; Erlanger; Heart of America Eye Care Announce Data Breaches appeared first on The HIPAA Journal .

Originally published at hipaajournal.com

Share
▸ Want a deeper look?

Talk to an architect about applying this to your stack.

60-minute technical evaluation, no obligation. We'll map the ideas in this article to your environment.

Skip to main contentOhio Living; Erlanger; Heart of America Eye Care Announce Data Breaches · Utopia Tech