Three healthcare organizations have disclosed data breaches affecting thousands of patients, according to recent notifications. Ohio Living, a senior living company; Erlanger Health System in Tennessee; and Heart of America Eye Care have all announced security incidents that exposed patient protected health information.
Ohio Living, which operates senior living communities across the state, reported a breach involving unauthorized access to its systems. The organization began notifying affected residents and their families about the exposure of personal and health information. Senior living facilities have become increasingly frequent targets for cyberattacks due to the sensitive nature of the data they hold and the often-limited cybersecurity resources available in the long-term care sector.
Erlanger Health System, a major hospital network based in Chattanooga, Tennessee, also reported a data breach. The health system, which serves as a regional referral center, notified patients that their information may have been accessed by unauthorized parties. Erlanger operates multiple hospitals and clinics across the region and handles large volumes of sensitive patient data.
Heart of America Eye Care, an optometry practice, disclosed a breach as well. These incidents are part of a broader trend of increasing healthcare data breaches reported to the HHS Office for Civil Rights, with more than 60 breaches affecting 500 or more individuals reported in May 2026 alone.
Healthcare organizations across all segments should take these incidents as a reminder to review access controls, implement multifactor authentication, conduct regular security risk assessments, and ensure breach notification procedures are up to date to comply with HIPAA requirements.
