Skip to main content

Appointments:1-888-884-BEAR (2327)

Children's National Hospital logoChildren's National Hospital logoChildren's National Hospital logoChildren's National Hospital logo

Notice of Oracle Health/Cerner Security Incident

Oracle Health, formerly Cerner Corporation, is a third-party electronic health records (EHR) vendor used by many healthcare providers, including Children’s National. In April, Oracle Health informed us that an unauthorized third party gained access to Oracle Health/Cerner systems as early as January 22, 2025 and obtained certain data. Children’s National is one of many health care providers whose information was affected by this incident. Upon learning of the incident, Oracle Health began an investigation, engaged external cybersecurity specialists, and engaged with federal law enforcement, who asked that affected organizations delay patient notifications while they conducted their investigation.

On August 27, 2025, Oracle Health provided us with a list of Children’s National patients whose information may have been involved in its incident. The information involved varied by patient but may include names, Social Security numbers, and information included within patient medical records, such as medical record numbers, doctors, diagnoses, medicines, test results, images, care and treatment.

This incident did not involve nor compromise any patient information maintained by Children’s National or our current IT systems and did not cause any disruption to our clinical operations. As recently announced, Children’s National is transitioning to a new EHR provider, Epic, with full implementation planned to be completed in mid-2027.

Letters are being mailed to patients whose information was involved in this incident, including an offer of a complimentary two-year membership to credit monitoring and/or minor identity protection services. Patients are also encouraged to review statements they receive from their healthcare providers and health insurer, and immediately report any inaccuracies to the provider or insurer. Individuals who have questions about the event may contact 833-931-7200 toll free, Monday through Friday from 9 a.m. –9 p.m. Eastern Time (excluding major U.S. holidays) and provide engagement number B153988.

We regret any concern that Oracle Health’s incident may cause our patients, and continue to review and assess the cybersecurity protections of our third-party vendors.