BAYADA Home Health Care Data Breach: PHI and PII of Clients Exposed

On Feb. 2, 2026, BAYADA Home Health Care disclosed a data breach involving a third-party vendor, Doctor Alliance, which provides services to facilitate physician signatures on clients’ Home Health Certifications and Plans of Care.

According to BAYADA, Doctor Alliance notified them on Dec. 4, 2025, of a cybersecurity event that affected multiple healthcare providers, including BAYADA. The breach occurred when an unauthorized actor accessed Doctor Alliance’s systems during two periods: Oct. 31 to Nov. 6, 2025, and Nov. 14 to Nov. 17, 2025.

During these incidents, the unauthorized actor may have accessed and copied Home Health Certification and Plan of Care forms for a limited number of BAYADA clients. The company’s investigation confirmed that BAYADA’s own systems were not affected, but some client information stored with Doctor Alliance was exposed.

The types of information involved in this breach include both personally identifiable information (PII) and protected health information (PHI). Specifically, the exposed data may include name, date of birth, diagnosis and medical or physical treatment information, provider information, health insurance plan information, prescription information, hospital admissions and discharges, disability information and, for a limited number of clients, Social Security numbers.

It is currently unknown how many individuals were affected across the United States; however, at least 6 residents of New Hampshire were impacted.

The company has disclosed the incident to the New Hampshire Attorney General, the Vermont Attorney General and posted an official statement on its website.

BAYADA Home Health Care's response

In response to the breach, BAYADA Home Health Care discontinued use of Doctor Alliance as a vendor and launched a comprehensive investigation to determine the extent of the exposure.

The company worked to confirm that its own systems were not compromised and validated the accuracy of the information provided by Doctor Alliance. They also ensured that affected clients could be notified promptly.

For those affected, BAYADA is offering complimentary credit monitoring and identity restoration services through Experian. Impacted individuals are encouraged to enroll in these services by April 30, 2026.

BAYADA is also advising all clients to remain vigilant by reviewing account statements, explanations of benefits and credit reports for any suspicious activity or errors. Additional steps, such as placing a fraud alert or credit freeze with the major credit bureaus, are recommended for those who believe their information may have been misused.

A dedicated assistance line has been established at 833-918-7117, available Monday through Friday from 8 a.m. to 8 p.m. Central Time, for individuals with questions or concerns about the breach.