Expand / Collapse search

Sensitive patient health information leaked in Texas third-party software breach

By
Published  March 26, 2026 5:07pm CDT
Health Care
FOX 4

The Brief

    • A data breach at Doctor Alliance, a Texas-based software platform, has exposed sensitive information about patients at several home healthcare providers.
    • Leaked data includes patient names, dates of birth, treatment plans, diagnoses, and health insurance information accessed between Oct. 31 and Nov. 17, 2025.
    • It remains unknown how the unauthorized party initially obtained the login credentials used to access the secure portal.

DALLAS - Several providers of at-home health care in the State of Texas have sent a Notice Under Federal Regulation about a data security incident involving a Texas-based third-party software platform.

These companies utilized this third-party company to manage and sign clinical documents related to home health care services currently received or that may have been received in the past.

What happened at Doctor Alliance?

What we know:

The third-party software platform, Doctor Alliance, is a health care technology company that offers a secure online portal for providers to communicate signed patient documents with physicians.

On Jan. 5, 2026, Amedisys received a notice from Doctor Alliance regarding a Nov. 12, 2025 incident that involved unauthorized access to documents available through their web portal.

On Jan. 13, 2026, Angels Care Gome Health received a similar notice regarding an incident in Nov. 2025.

Accent Care sent out a notice about the same security incident in Feb. 2026.

Texas health care data breach

What they're saying:

In the notice, Doctor Alliance informs these home health care service companies that they immediately took steps to secure their systems before launching an investigation with the assistance of third-party forensic experts. 

Doctor Alliance stated they notified the FBI on Nov. 16, 2025, regarding the incident.

The third-party service's own investigation determined that an unknown, unauthorized party obtained credentials and accessed certain files using the Doctor Alliance web portal intermittently between Oct. 31, 2025, and Nov. 17, 2025.

The unauthorized party also used a script to send multiple requests to the Doctor Alliance web portal using varying combinations of patient IDs and document numbers. 

Exposed patient information and data

(Photo by Marijan Murat/picture alliance via Getty Images)

Dig deeper:

Doctor Alliance could not determine how the unauthorized party initially obtained the login credentials. 

The investigation determined that the unauthorized party accessed certain documents that
Contained patient names and information related to patient care, such as: 

  • Name
  • Date of birth
  • Demographics
  • Health information
  • Including clinical summaries
  • Treatment plans
  • Diagnosis codes
  • Physician or provider information
  • Health insurance information

FILE-A doctor looks at an x-ray with an assistant inside a hospital. (Photo By JUDY GRIESEDIECK/Star Tribune via Getty Images)

Expand

Response to security incident

What they're saying:

According to the notice, potentially affected individuals are being notified of this incident. 

The notice sent from Amedisys states, "This incident did not originate within Amedisys’ systems and was related solely to Doctor Alliance’s platform."

Although the company is unaware of any misuse of the data to date, individuals are encouraged to regularly monitor their health care and other statements for any unfamiliar activity. 

The Source: Information in this article was provided from news releases by AccentCare, Angels Care Health and Amedisys. Additional information was provided by doctoralliance.com

Health CareTexasHealth