Enforcement ActionHigh Risk

HIPAA Breach: Minnesota Department of Human Services (MN)

Minnesota Department of Human ServicesJanuary 16, 2026HHS Office for Civil Rights

Consumers Affected

303,965

Summary

Minnesota Department of Human Services (Health Plan, MN) reported a HIPAA breach affecting 303,965 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.

Laws Cited

HIPAAHITECH Act

45 CFR 164.400-414

Violation Types

Data Breach Health Data Unauthorized Data Sharing

Entity Details

Entity

Minnesota Department of Human Services

Industry

Healthcare

Official Sources

Official Press Release

https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf

HHS Office for Civil Rights Enforcement Page

https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/index.html

Related Enforcement Actions

HHSAug 30, 2024

Minnesota Department of Human Services

Minnesota Department of Human Services (Healthcare Provider, MN) reported a HIPAA breach affecting 4,329 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.

HHSFeb 26, 2026

BMG of Kansas, Inc.

BMG of Kansas, Inc. (Health Plan, KS) reported a HIPAA breach affecting 1,327 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.

HHSFeb 26, 2026

Manhattan Retirement Foundation d/b/a Meadowlark Hills

Manhattan Retirement Foundation d/b/a Meadowlark Hills (Healthcare Provider, KS) reported a HIPAA breach affecting 14,442 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.

HHSFeb 26, 2026

AltaMed Health Services Corporation

AltaMed Health Services Corporation (Healthcare Provider, CA) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.

HHSFeb 25, 2026

Commonwealth Care Alliance

Commonwealth Care Alliance (Health Plan, MA) reported a HIPAA breach affecting 634 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.

HHSFeb 24, 2026

Couve Healthcare Consulting, LLC DBA Evergreen Healthcare Group

Couve Healthcare Consulting, LLC DBA Evergreen Healthcare Group (Business Associate, WA) reported a HIPAA breach affecting 11,795 individuals. Breach type: Hacking/IT Incident. Location of breached information: Electronic Medical Record.