Court Rules
All enforcement actions
Enforcement ActionLow Risk

HIPAA Breach: Clinical Practices of the University of Pennsylvania (PA)

Clinical Practices of the University of PennsylvaniaJune 30, 2025HHS Office for Civil Rights

Consumers Affected

1,432

Summary

Clinical Practices of the University of Pennsylvania (Healthcare Provider, PA) reported a HIPAA breach affecting 1,432 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.

Laws Cited

HIPAAHITECH Act
45 CFR 164.400-414

Violation Types

Data BreachHealth DataUnauthorized Data Sharing

Entity Details

Entity

Clinical Practices of the University of Pennsylvania

Industry

Healthcare

Official Sources

Official Press Release

https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf

HHS Office for Civil Rights Enforcement Page

https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/index.html

Related Enforcement Actions

HHS

BMG of Kansas, Inc.

BMG of Kansas, Inc. (Health Plan, KS) reported a HIPAA breach affecting 1,327 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.

HHS

Manhattan Retirement Foundation d/b/a Meadowlark Hills

Manhattan Retirement Foundation d/b/a Meadowlark Hills (Healthcare Provider, KS) reported a HIPAA breach affecting 14,442 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.

HHS

AltaMed Health Services Corporation

AltaMed Health Services Corporation (Healthcare Provider, CA) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.

HHS

Commonwealth Care Alliance

Commonwealth Care Alliance (Health Plan, MA) reported a HIPAA breach affecting 634 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.

HHS

Couve Healthcare Consulting, LLC DBA Evergreen Healthcare Group

Couve Healthcare Consulting, LLC DBA Evergreen Healthcare Group (Business Associate, WA) reported a HIPAA breach affecting 11,795 individuals. Breach type: Hacking/IT Incident. Location of breached information: Electronic Medical Record.

HHS

Weill Cornell Medicine

Weill Cornell Medicine (Healthcare Provider, NY) reported a HIPAA breach affecting 516 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.