Covenant Health’s Advanced Family Surgery Center (AFSC), formally known as Surgery Center of Oak Ridge, LLC, has issued notice of a data security incident.
The ASC, based in Oak Ridge, Tenn., stated that “on or around November 26, 2025,” it “became aware of a network intrusion that affected a limited number of systems. Upon discovery, AFSC took immediate action to secure our network and investigate the event. This included engaging a third-party team of forensic experts to investigate the incident and determine the full nature and scope of the event. Following a thorough investigation, AFSC has confirmed that a limited amount of protected health information may have been subject to unauthorized access in connection with this incident.
“Although the forensic investigation could not rule out the possibility that an unknown actor may have accessed this information, there is no indication whatsoever that any information has been misused at this time,” continued AFSC. “The type of information contained within the affected data included first and last name, in combination with one or more of the following: address, date of birth, date of service, health insurance information, medical diagnosis information, medical record number, Medicare/Medicaid number, patient account number, prescription and treatment information, provider name, and Social Security number. Importantly, the information potentially impacted may vary for each individual, and may include all, or just one of the above-listed types of information.”
AFSC stated that it has “promptly notified potentially affected individuals as quickly as possible via U.S. mail to their most recent address on file.” It added that in response to the incident, it has implemented “additional security measures within its network and facilities and is reviewing its current policies and procedures related to data security.”
AFSC encouraged patients to “monitor their account statements and explanation of benefits forms for suspicious activity and to detect errors.” It also stated that patients “may wish to” contact the three major credit agencies to place fraud alerts on their credit reports.
AFSC established a toll-free call center (844-784-6193), available 8:00 am to 8:00 pm ET Monday through Friday excluding holidays, to answer questions about the incident and to address related concerns, and published a mailing address through which it can also be contacted by concerned parties.
“The privacy and protection of information is a top priority for us, and we deeply regret any inconvenience or concern this incident may cause,” stated AFSC.
