Strauss Borrelli PLLC, a leading data breach law firm, is investigating Chattanooga C.A.R.E.S., which does business as Cempa Community Care (“Cempa”), regarding its recent data breach. The Cempa data breach involved sensitive personal information and protected health information belonging to over 1,300 individuals.
ABOUT CHATTANOOGA C.A.R.E.S. D/B/A CEMPA COMMUNITY CARE:
Cempa is a healthcare organization based in Tennessee. Founded in 1986, Cempa provides a range of healthcare services to patients, including primary care, dental care, pharmacy services, behavioral health services, infectious disease treatment.2,3 Headquartered in Chattanooga, Tennessee, Cempa employs over 50 individuals and operates two locations.3
WHAT HAPPENED?
Recently, Cempa announced that it had experienced a data breach in which sensitive personal identifiable information and protected health information in its care may have been compromised. According to the breach notice shared to its website, Cempa was notified by its electronic health record vendor of a data security incident involving a subcontractor that provides insurance eligibility transaction services.1 As a result, Cempa launched an investigation to determine the nature of the incident.
Through its investigation, Cempa confirmed that sensitive personal information in the vendor’s systems related to Cempa patients may have been accessed by an unauthorized third party during the breach. As a result, Cempa began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Address
- Date of birth
- Health insurance information (including Medicare identifiers)
- Provider name
- Other demographic or health insurance-related information
On January 29, 2026, Cempa posted notice of the breach on its website. Additionally, on January 30, 2026, Cempa filed official notice of the data breach with the U.S. Department of Health and Human Services’ Office for Civil Rights.4 Based on the website breach notice, Cempa is providing affected individuals with a list of the specific types of sensitive information impacted and complimentary credit monitoring services. A link to the website breach notice is below.
If you believe you have been affected by the Chattanooga C.A.R.E.S. d/b/a Cempa Community Care breach:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
