DaVita Systems Outage

DaVita Incident Update

Last Updated: April 18, 2025

DaVita is currently investigating and addressing a recent cybersecurity incident that has temporarily disrupted certain internal operations. We are committed to caring for the community we serve, and throughout our response to this matter, we have focused on minimizing disruption to in-patient dialysis care. We have implemented contingency plans and manual processes, where needed. We are working diligently to restore affected systems as quickly and securely as possible. While the investigation is ongoing, we will provide updates as appropriate.

Frequently Asked Questions (FAQs)

1. What happened?

On April 12, 2025, DaVita became aware of a ransomware incident affecting and encrypting certain on-premises systems. We activated our incident response protocols and implemented containment measures, including proactively disconnecting parts of the network.

External cybersecurity experts are assisting with our response, remediation and recovery efforts, and we are in the process of rebuilding and restoring encrypted systems and bringing them back online in a secure manner. While the incident has resulted in disruption to our internal operations, we continue to have contingency plans and manual processes in place where needed with a focus on continuity of patient care.

Importantly, care delivery at our centers and for patients treated at home continues, and we continue to accept patients.

2. What is DaVita doing to address this incident?

DaVita IT, security, and external cybersecurity experts are working diligently to investigate and address the incident. DaVita has taken steps, including the following:

  • Care Continuity: While the incident has resulted in disruption to our internal operations, we continue to have contingency plans and manual processes in place where needed with a focus on continuity of patient care. Importantly, care delivery at our centers and for patients treated at home continues, and we continue to accept patients.
  • Containment and Remediation: DaVita activated its incident response protocols and implemented containment measures, including proactively disconnecting parts of the network. We also engaged Palo Alto’s Unit 42, Mandiant and CYPFER to assist with response, remediation and recovery efforts. When we determined this was a ransomware incident, we disconnected the affected systems from our network. Those systems are isolated and remain offline with no network traffic coming in or out of the environment to them.
  • Recovery and Restoration: We are in the process of rebuilding and restoring encrypted systems and bringing them back online in a secure manner.

3. Is patient care disrupted?

While the incident has resulted in disruption to our internal operations, we continue to have contingency plans and manual processes in place where needed with a focus on continuity of patient care. Importantly, care delivery at our centers and for patients treated at home continues, and we continue to accept patients.

4. Is DaVita accepting new patients?

Yes, DaVita is accepting new patients. For discharge planners, if you have a patient that is ready for discharge, please use these channels to submit referrals:

  • If you typically use the DaVita Patient Portal (DPP), please use the main fax line to send us referrals/records: 866-720-0766
  • If you typically refer using a care coordination tool, it’s fully operational. Please continue to send referrals through this channel.
  • If you work with a DaVita Dialysis Transition Manager, feel free to contact them by phone if you’re waiting on an update for previously submitted requests.
  • For questions on admissions, contact DaVita at 888-920-6577.

5. What data was compromised?

The investigation into the scope of the incident is ongoing and in its early stages. The Company is working to assess whether any patient protected health information or employee personal data was involved in the incident and any resulting notice obligations. Based on the findings of the investigation, DaVita will comply with all applicable law and regulations.

6. When will you be fully operational?

We are in the process of rebuilding and restoring encrypted systems and bringing them back online in a secure manner. Currently, we are not able to provide a timeline for full restoration.

7. What steps have you taken to improve your network security?

We activated our incident response protocols and implemented containment measures, including proactively disconnecting parts of the network. We are now in the process of rebuilding and restoring encrypted systems and bringing them back online in a secure manner alongside cybersecurity experts at Unit 42, Mandiant and CYPFER.

8. Is law enforcement aware of the incident?

Yes. We are cooperating and coordinating with law enforcement.

9. Have regulators been notified of the incident?

Yes. DaVita has notified Centers for Medicare & Medicaid Services, filed an 8-K report with the U.S. Securities and Exchange Commission and is also working with other government authorities, including the Federal Bureau of Investigation on this matter.

10. Where do I get more information?

While our investigation is ongoing, we will continue to provide updates on this webpage as appropriate.

Other Questions?

If your question wasn’t answered here, please use this form to submit an inquiry.

cONTACT uS

© 2004-2025 DaVita Inc. All rights reserved. Notice of Nondiscrimination | Privacy Policy | Manage Cookies | Notice of Privacy Practices | Exercise Your Privacy Rights | Terms of Use | Accessibility Statement | Help Center | Site Map

Cash Prices/Costs for Coronavirus (COVID) Diagnostic Tests

This site is for informational purposes only and is not intended to be a substitute for medical advice from a medical provider.

Please check with a medical professional if you need a diagnosis and/or for treatments as well as information regarding your specific condition. In case of emergency, call 9-1-1 or go to the nearest emergency department.