Free Case Reviews | No Fee Unless We Recover For You

Facebook-f Youtube
Free Case Review
Call Now (206) 442-9106
Emery Reddy logo

We help workers.®

San Francisco Community Health Center Data Breach

January 13, 2026

NOTICE: If you received a NOTICE OF DATA BREACH letter from San Francisco Community Health Center, contact Emery | Reddy, PC at 916.995.5968 for a Free Case Review.

On December 12, 2025, San Francisco Community Health Center (“SFCHC”) was notified by OCHIN, its business associate that supports SFCHC’s Epic electronic health record system, of a data security incident involving TriZetto Provider Solutions (“TriZetto”), a healthcare eligibility and claims clearinghouse. While SFCHC’s own systems were not directly accessed, protected health information belonging to SFCHC’s patients was involved.

According to the notice, unauthorized access to certain TriZetto systems began in November 2024 and was contained on October 2, 2025. TriZetto determined that an unauthorized actor accessed historical eligibility reports containing protected health information via its web portal for real-time eligibility verification. OCHIN became aware of the incident on December 9, 2025, and notified SFCHC on December 12, 2025, at which time SFCHC began its investigation, mitigation, and notification process.

SFCHC is a non-profit providing affirming, culturally sensitive medical, dental, and mental health services, particularly for LGBTQ individuals, people of color, and marginalized communities in San Francisco. They focus on holistic care, integrating primary care with behavioral health, HIV/AIDS services, and community support, grounded in social justice and community-driven solutions to close care gaps for underserved populations. 

SFCHC is working with OCHIN and TriZetto to ensure an accurate account of the impacted information. TriZetto has launched a full forensic investigation, notified law enforcement, and enhanced its internal security protocols. Beginning January 5, 2026, TriZetto will provide a dedicated toll-free call center for questions at (844) 572-2724. On or around February 9, 2026, TriZetto will send impacted individuals a separate letter with details about free credit monitoring, fraud consultation, and identity theft restoration services, provided through Kroll.

What information is involved in the San Francisco Community Health Center Data Breach?

Compromised information may include:

Full Name

Address

Date of Birth

Social Security Number

Health Insurance Information (member number, health insurer name, provider name, primary insured, and dependents.

The incident did not affect payment card, bank account, or other financial information.

Your Personally Identifiable Information (PII) includes sensitive data that can uniquely identify you. If compromised, it may be used by criminals to commit identity theft, financial fraud, or other forms of impersonation. Protected Health Information (PHI) — a subset of PII — includes medical and insurance‑related details and is protected under federal and state privacy laws. When PHI is exposed, cybercriminals may combine it with other personal data to perpetrate more extensive fraud schemes.

While there is no current evidence of misuse, we are notifying you so that you can take action which will help to minimize or eliminate potential harm. We strongly advise you to take preventive measures to help prevent and detect any misuse of your information. As an initial precaution, consider taking the following simple steps to monitor your health and financial information.

  • Review your health insurance statements and explanation of benefits (EOBs) for any unfamiliar services or charges.
  • Contact your health plan if you notice suspicious or incorrect activity.
  • Keep copies of medical and insurance records for reference.
  • Review your credit reports. Under federal law, you are entitled to one free copy of your credit report every 12 months from each of the three major credit reporting companies. To obtain a free annual credit report, go to www.annualcreditreport.com or call 1-877-322-8228. You may wish to stagger your requests so that you receive a free report by one of the three credit bureaus every four months.

California residents benefit from additional privacy protections under the California Consumer Privacy Act (CCPA), which provides enhanced rights related to personal data. California also enforces the Confidentiality of Medical Information Act (CMIA), which imposes strict safeguards for medical information.

If you received a NOTICE OF DATA BREACH letter from SFCHC, your personal and/or medical information may be at risk. Identity thieves may use this type of sensitive information to commit fraud, obtain unauthorized services, or engage in other harmful activities.

Contact the Data Breach Lawyers at Emery | Reddy, PC for a Free Case Review today.

Join the Data Breach Lawsuit

Learn more about your rights to
potential compensation.

Name(Required)
Upload your files here:
Drop files here or
Max. file size: 1 GB.
    Consent

    Prefer to speak with someone now?

    Call us at ⁨(206) 973-5298 for a Free Case Review.

    NOTICE: If you received a NOTICE OF DATA BREACH letter from San Francisco Community Health Center, contact Emery | Reddy, PC at 916.995.5968 for a Free Case Review.

    We Are
    Taking a Break!

    We will be closed:

    December 22 – 26

    We will reopen:

    December 29

    Please leave us a voicemail or submit your contact form and an experienced Intake Specialist will return your call when we reopen. Happy holidays!