Yes, attorneys are actively investigating potential legal claims on behalf of individuals affected by the Standards Home Health data breach reported in January 2026. Strauss Borrelli PLLC, a law firm specializing in healthcare data breach cases, initiated an investigation after Standards Home Health, Inc. (which operates as Adaptive Home Health) reported unauthorized access to sensitive patient information to the Texas Attorney General.
The breach exposed both personal identifiable information and protected health information for patients of this in-home health services company based in Richardson, Texas. The investigation underscores a critical vulnerability in the healthcare sector: even specialized home health providers with partnerships to major medical centers like UT Southwestern Medical Center and MD Anderson Cancer Center can fall victim to data breaches. With Standards Home Health serving over 2,000 patients weekly across Texas, the potential scope of this incident is significant, though the exact number of affected individuals has not been publicly disclosed.
Table of Contents
- What Happened in the Standards Home Health Data Breach?
- Who is Affected by the Standards Home Health Breach?
- The Legal Investigation and Regulatory Response
- What Are Potential Legal Remedies for Affected Individuals?
- How to Protect Yourself After a Health Data Breach
- What Should You Do If You Received a Breach Notification?
- The Timeline and Next Steps in the Investigation
What Happened in the Standards Home Health Data Breach?
On January 5, 2026, standards Home Health reported a data breach to the Texas Attorney General’s office. An unauthorized third party gained access to the company’s systems containing sensitive patient data. The breach affects a company headquartered in Richardson, Texas that employs over 300 people and specializes in providing in-home health services.
The specific details of how the breach occurred—whether through a ransomware attack, compromised credentials, or another vector—have not been disclosed in public statements as of the investigation’s announcement. What makes this breach particularly concerning is the nature of the information accessed. The compromised data includes both personal identifiable information (PII) such as names, addresses, and Social Security numbers, and protected health information (PHI) including medical histories, treatment records, and insurance information. For patients receiving home health services, this combination of data is especially sensitive because it reveals not only identity information but also detailed health conditions that could lead to discrimination or fraud.
Who is Affected by the Standards Home Health Breach?
Standards Home Health serves approximately 2,000 patients per week through partnerships with major healthcare systems including UT Southwestern Medical Center, Houston Methodist Leading Medicine, Ascension Health, university of Texas MD Anderson Cancer Center, and St. David’s Health Care. However, the company has not publicly disclosed the exact number of individuals whose data was compromised in the breach.
This lack of specificity is not unusual in the early stages of a breach investigation, as companies often need time to conduct forensic analysis and determine the full scope of unauthorized access. The patients most likely to be affected are those who received home health services from Standards Home Health or Adaptive Home Health at any point when their data may have been stored in the breached systems. Because the company handles medical information for patients with serious health conditions—partnering with major cancer centers and hospital systems—those affected may have records documenting cancer treatment, surgical recovery, chronic disease management, or other sensitive medical conditions. If you received services from this company or your healthcare provider referred you to Adaptive Home Health, you should monitor for breach notifications.
The Legal Investigation and Regulatory Response
Strauss Borrelli PLLC is actively investigating the breach and seeking to identify individuals whose data was compromised to discuss potential legal remedies. The firm specializes in healthcare data breach litigation and has substantial experience in cases where unauthorized access to patient information creates liability for healthcare providers. The investigation was announced on January 6, 2026, shortly after the breach was reported to state authorities.
This rapid engagement by specialized counsel signals that there are likely legal grounds to pursue damages on behalf of affected individuals. On the regulatory side, Standards Home Health has begun notifying impacted individuals as required by Texas Attorney General breach notification rules and federal HIPAA regulations. Companies that experience breaches of medical information are required to notify affected individuals, and in the case of breaches affecting more than 500 residents of a state, they must also notify the state’s attorney general. The fact that this breach was reported to the Texas AG indicates it likely meets or approaches this threshold, though the company has not confirmed the total number of affected individuals publicly.
What Are Potential Legal Remedies for Affected Individuals?
Individuals affected by healthcare data breaches may be entitled to compensation through several avenues. In data breach cases, damages typically include compensation for credit monitoring and identity theft protection services, reimbursement for out-of-pocket expenses related to the breach (such as costs to place credit freezes or dispute fraudulent charges), emotional distress, and in some cases punitive damages if the breach resulted from gross negligence. Class action settlements in healthcare data breach cases have historically resulted in settlement funds ranging from hundreds of thousands to millions of dollars, distributed among all affected class members.
To pursue claims, you would typically either participate in a class action lawsuit if one is filed, or contact the investigating attorney directly to discuss your individual case. Strauss Borrelli PLLC can be reached through their firm website or by contacting their data breach investigation hotline. It’s important to act promptly because there are statutes of limitations on data breach claims, and some remedies (like credit monitoring) are most valuable immediately after a breach is discovered. However, if you’ve already been the victim of identity theft or fraud using your health information, you should report this to law enforcement and the FTC in addition to pursuing a civil claim.
How to Protect Yourself After a Health Data Breach
If you believe your information was compromised in the Standards Home Health breach, several protective steps should be taken immediately. First, place a fraud alert with the three major credit bureaus (Equifax, Experian, and TransUnion) by contacting any one of them, which will notify the others. A fraud alert is free and requires potential creditors to verify your identity before opening new accounts in your name. For more comprehensive protection, consider placing a credit freeze, which prevents creditors from accessing your credit file entirely without a PIN you control.
Second, monitor your credit reports and financial accounts closely for unauthorized activity. You can obtain a free credit report annually from each bureau through annualcreditreport.com, and many banks now offer free credit monitoring to customers. Given that the breach included health information, remain particularly vigilant for fraudulent medical bills or insurance claims filed in your name. If you notice suspicious activity, report it immediately to your bank, insurance provider, and the Federal Trade Commission at identitytheft.gov. A limitation to understand: while protective measures like credit monitoring are valuable, they are not foolproof, and determined fraudsters may still attempt to misuse health information years after a breach occurs.
What Should You Do If You Received a Breach Notification?
If you received a notification from Standards Home Health or your healthcare provider indicating that your information was compromised in this breach, take action within the first 30 days if possible. Contact Strauss Borrelli PLLC to document your claim and discuss whether you have a potential case. Gather any documentation you have showing you were a patient of Standards Home Health—this might include explanation of benefits from your insurance, billing statements, or correspondence from the company.
Document any financial harm you’ve suffered as a result of the breach, such as fees from placing credit freezes, costs for credit monitoring services you purchased, or time spent addressing fraudulent charges or accounts. Keep detailed records of these expenses, as they may be recoverable as part of any settlement. Even if you haven’t yet suffered direct financial harm, identity theft can occur months or years after a breach, so preservation of evidence is important.
The Timeline and Next Steps in the Investigation
As of March 2026, the investigation by Strauss Borrelli PLLC is ongoing. The next phases typically include continued investigation to determine the exact scope of affected individuals, negotiation or litigation to determine liability and damages, and potentially a settlement agreement or trial verdict.
In similar healthcare data breach cases, this process has taken anywhere from several months to several years, depending on the complexity and whether the case is resolved through settlement or litigation. For official regulatory information about the breach, you can check the HHS Office for Civil Rights Breach Portal at ocrportal.hhs.gov/ocr/breach/breach_report.jsf, which maintains a publicly searchable database of breaches affecting 500 or more individuals. This portal provides updated information as the investigation progresses and may contain additional details about the scope and nature of the breach once the company completes its investigation.