Strauss Borrelli PLLC, a leading data breach law firm, is investigating Bay Area Community Health (“BACH”) regarding its recent data breach. The BACH data breach involved sensitive personal information and protected health information belonging to an undetermined number of individuals.
ABOUT BAY AREA COMMUNITY HEALTH:
BACH is a healthcare provider based in California. Founded in 2020 through the merger of Alameda County’s Tri-City Health Center and Santa Clara County’s Foothill Community Health Center, BACH serves over 100,000 individuals.2 Today, BACH provides an array of healthcare services spanning illness diagnosis and treatment, pediatrics, screenings, dental care, behavioral health, vision, specialty care, and support programs.3 Headquartered in Fremont, California, BACH has multiple locations across Alameda and Santa Clara counties and employs over 500 individuals.
WHAT HAPPENED?
Recently, BACH announced that it had experienced a data breach in which sensitive personal identifiable information and protected health information in its care may have been compromised. According to the breach notice, on December 15, 2025, BACH was notified of a data security incident involving TriZetto Provider Solutions (“TPS”), a third-party insurance clearinghouse that works with BACH’s electronic medical record system (OCHIN).1 TPS reported that on October 2, 2025, it became aware of suspicious activity involving a web portal use by some of its healthcare provider customers. As a result, TPS launched an investigation to determine the nature of the incident.
Through its investigation, TPS confirmed to BACH that sensitive personal information in TPS systems related to BACH may have been accessed by an unauthorized third party between November 2024 and October 2, 2025. As a result, on behalf of BACH, TPS began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Date of birth
- Contact information
- Certain health-related and/or insurance information
As a result of the breach, BACH posted a notice of the incident to its website. Based on the breach notice on its website residents, BACH and TPS are providing affected individuals with a list of the specific types of sensitive information impacted and complimentary credit monitoring services. A link to the form breach notification letter that BACH posted to its website is linked below.
If you received a breach notification letter from Bay Area Community Health:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
