Court Rules
All enforcement actions
Enforcement ActionCritical Risk

HIPAA Breach: Blue Shield of California (CA)

Blue Shield of CaliforniaApril 9, 2025HHS Office for Civil Rights

Consumers Affected

4,700,000

Summary

Blue Shield of California (Business Associate, CA) reported a HIPAA breach affecting 4,700,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.

Laws Cited

HIPAAHITECH Act
45 CFR 164.400-414

Violation Types

Data BreachHealth DataSecurity Failure

Entity Details

Entity

Blue Shield of California

Industry

Healthcare

Official Sources

Official Press Release

https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf

HHS Office for Civil Rights Enforcement Page

https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/index.html

Related Enforcement Actions

HHS

Blue Shield of California

Blue Shield of California (Business Associate, CA) reported a HIPAA breach affecting 607 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.

HHS

Blue Shield of California

Blue Shield of California (Health Plan, CA) reported a HIPAA breach affecting 783 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Laptop, Network Server, Other.

HHS

Blue Shield of California

Blue Shield of California (Business Associate, CA) reported a HIPAA breach affecting 673 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.

HHS

Blue Shield of California

Blue Shield of California (Business Associate, CA) reported a HIPAA breach affecting 1,543 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other.

HHS

BMG of Kansas, Inc.

BMG of Kansas, Inc. (Health Plan, KS) reported a HIPAA breach affecting 1,327 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.

HHS

Manhattan Retirement Foundation d/b/a Meadowlark Hills

Manhattan Retirement Foundation d/b/a Meadowlark Hills (Healthcare Provider, KS) reported a HIPAA breach affecting 14,442 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.