Federal and state enforcement actions involving unauthorized data sharing violations, tracked from official government sources.
201
Total Actions
$11.1M
Total Fines
12
Jurisdictions
Privacy enforcement action where Oregon AG and a coalition of 16 other states sue the Trump Administration to stop the Department of Education's new IPEDS data reporting requirements, arguing they jeopardize student privacy, lack proper definitions, and risk data errors and identification.
The California Privacy Protection Agency settled with PlayOn Sports for $1.10 million over CCPA violations, including failing to provide adequate opt-out mechanisms and improperly tracking users, particularly students. The company must implement proper opt-out methods, improve disclosures, and comply with children's data consent requirements.
$1.1M
Massachusetts Attorney General Andrea Campbell secured a preliminary injunction from the U.S. District Court blocking the Trump Administration's USDA from cutting off SNAP funding to states that refuse to turn over personal data of SNAP applicants and recipients. The court found USDA's proposed data protocol unlawful because it allowed sharing data with entities unrelated to federal benefits administration.
Attorney General Raoul secured a court order preventing the U.S. Department of Agriculture from collecting SNAP applicants' and recipients' personal data without an agreed-upon protocol that restricts sharing with unrelated entities like the Department of Homeland Security. The court found that the USDA's proposed protocol would violate federal law by allowing data use for immigration enforcement, contrary to the intended purpose of SNAP.
California Attorney General Rob Bonta secured a second preliminary injunction from the U.S. District Court for the Northern District of California blocking the Trump Administration's demand that states turn over personal data of SNAP applicants and recipients. The court found the USDA's proposed data protocol would allow sharing of state data with entities unrelated to federal benefits administration, violating federal law.
Commonwealth Care Alliance (Health Plan, MA) reported a HIPAA breach affecting 634 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Weill Cornell Medicine (Healthcare Provider, NY) reported a HIPAA breach affecting 516 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
Texas Attorney General Ken Paxton filed a lawsuit against Shein US Services LLC for selling toxic products and exposing consumers' personal data to the Chinese Communist Party. The lawsuit seeks monetary penalties under the Texas Deceptive Trade Practices Act. This action is part of a broader effort to protect Texans from health risks and CCP influence.
Texas Attorney General Ken Paxton filed a lawsuit against Temu (PDD Holdings, Inc. and WhaleCo Inc.) for deceptive marketing practices and illegally harvesting Texans' personal data, which was then exposed to the Chinese Communist Party. The suit seeks monetary damages under the Texas Deceptive Trade Practices Act, with potential penalties of up to $10,000 per violation and higher for seniors. This is part of a broader effort to hold CCP-aligned companies accountable.
Texas Attorney General Ken Paxton filed a lawsuit against TP-Link Systems Inc. for deceptively marketing its networking devices and enabling the Chinese Communist Party to access American consumers' devices. The lawsuit alleges that TP Link's products have been used by PRC state-sponsored hackers and that the company is subject to Chinese laws requiring data disclosure. This is part of a coordinated effort to hold China-aligned companies accountable under Texas law.
Communications Workers of America Local 1180 Security Benefits Fund (Health Plan, NY) reported a HIPAA breach affecting 18,550 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record, Other.
The Federal Trade Commission (FTC) sent warning letters to 13 data brokers reminding them of their obligations under the Protecting Americans’ Data from Foreign Adversaries Act (PADFAA). PADFAA prohibits data brokers from selling or providing sensitive personal data about Americans to foreign adversaries such as China, Russia, Iran, and North Korea. The letters warn that violations could result in civil penalties of up to $53,088 per violation and urge companies to review their business practices for compliance.
The FTC issued warning letters to 13 data brokers reminding them of their obligations under the Protecting Americans' Data from Foreign Adversaries Act (PADFAA), which bans the sale or disclosure of sensitive personal data to foreign adversaries like China, Russia, Iran, and North Korea. The letters cite instances where recipients offered data on Armed Forces members, which is protected under PADFAA. Non-compliance could result in civil penalties up to $53,088 per violation.
Florida Attorney General James Uthmeier launched the CHINA Prevention Unit to combat data privacy threats from foreign adversaries and issued a subpoena to Shein for deceptive trade practices and data privacy violations related to potential unauthorized data sharing.
Health and Hospital Corporation of Marion County (Healthcare Provider, IN) reported a HIPAA breach affecting 792 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email, Laptop.
Lincoln National Corporation d/b/a/ Lincoln Financial (Health Plan, IN) reported a HIPAA breach affecting 998 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Minnesota Department of Human Services (Health Plan, MN) reported a HIPAA breach affecting 303,965 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
California Attorney General Rob Bonta, alongside attorneys general from New York, Colorado, Illinois, and Minnesota, filed a motion for preliminary injunction to continue blocking the Trump Administration's unlawful freeze of $10 billion in federal funding for child care and family assistance programs and to prevent broad data requests for personally identifiable information of millions of residents. The funding freeze targets five Democratic-led states without evidence of fraud, and the data requests are part of the challenged unlawful actions. A temporary restraining order was previously granted blocking these measures.
Privacy enforcement action where the FTC settled with General Motors and OnStar for collecting and selling consumers' geolocation and driving behavior data without adequate notice or consent. The order prohibits sharing data with consumer reporting agencies and requires transparency and consumer choice measures.
TMG Health, Inc. (Business Associate, TX) reported a HIPAA breach affecting 2,076 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
California Attorney General Rob Bonta, on behalf of a multistate coalition, filed a motion in U.S. District Court to enforce a preliminary injunction that blocks the Trump Administration from demanding personal and sensitive information about Supplemental Nutrition Assistance Program (SNAP) recipients. The Administration has renewed its demand, threatening to withhold administrative funding from states that do not comply, which the AG argues violates the existing court order and federal law protecting the confidentiality of SNAP applicant data.
Illinois Department of Human Services (Health Plan, IL) reported a HIPAA breach affecting 705,017 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
Massachusetts Attorney General Andrea Campbell filed a motion to enforce a preliminary injunction against the Trump Administration's demands for personal data of SNAP recipients. The court previously blocked such demands, but the administration renewed its request, threatening to withhold funding. The AG seeks to ensure compliance with federal privacy laws and protect SNAP recipients' sensitive information.
Exact Sciences Laboratories LLC (Healthcare Provider, WI) reported a HIPAA breach affecting 2,658 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
CareOregon (Health Plan, OR) reported a HIPAA breach affecting 5,473 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
BlueCross BlueShield of Tennessee, Inc. (Business Associate, TN) reported a HIPAA breach affecting 780 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
York Hospital (Healthcare Provider, ME) reported a HIPAA breach affecting 1,259 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Riverland Community Health (Healthcare Provider, MN) reported a HIPAA breach affecting 940 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
TapestryHealth (Healthcare Provider, CT) reported a HIPAA breach affecting 6,494 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other.
Anesthesiology & Pain Consultants, LLC (Healthcare Provider, LA) reported a HIPAA breach affecting 538 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other Portable Electronic Device.
Texas Attorney General Ken Paxton filed a lawsuit against Sony, Samsung, LG, Hisense, and TCL Technology Group for using Automated Content Recognition (ACR) technology to collect Texans' viewing data without proper consent. A temporary restraining order was secured against Hisense to halt all data collection and sharing. The AG issued a consumer alert with instructions to disable ACR on smart TVs.
Texas Attorney General Ken Paxton obtained a temporary restraining order against Hisense, a Chinese smart TV manufacturer, to halt its collection of Texans' personal data through Automated Content Recognition technology without consent. The technology captures every sound and image on the TVs every 500 milliseconds and sells the data, with access granted to the Chinese Communist Party. The TRO prohibits Hisense from collecting, using, selling, sharing, disclosing, or transferring ACR data about Texans while the case continues.
FPMCM LLC (Business Associate, TN) reported a HIPAA breach affecting 2,072 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
Texas Attorney General Ken Paxton has filed lawsuits against five major TV manufacturers—Sony, Samsung, LG, Hisense, and TCL—for unlawfully collecting Texans' viewing data using Automated Content Recognition (ACR) technology without their knowledge or consent. The ACR software captures screenshots of TV displays every 500 milliseconds and transmits the data to the companies, which then sell it for targeted advertising. The AG's office alleges these practices violate Texas privacy laws and seeks to enjoin the companies from continuing the surveillance.
Texas Attorney General Ken Paxton filed a lawsuit against five major TV manufacturers—Sony, Samsung, LG, Hisense, and TCL—for illegally collecting consumers' viewing data through Automated Content Recognition (ACR) technology without knowledge or consent. The companies capture screenshots and monitor TV usage in real-time, then sell the data for targeted advertising, risking sensitive information. The suit seeks to halt these invasive practices and protect Texans' privacy.
OCAT, LLC dba Evoke Wellness at Hilliard (Healthcare Provider, OH) reported a HIPAA breach affecting 1,629 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
Heart of Texas Behavioral Health Network (Healthcare Provider, TX) reported a HIPAA breach affecting 1,309 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
ConvenientMD LLC (Healthcare Provider, NH) reported a HIPAA breach affecting 1,332 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
Florida Attorney General James Uthmeier issued an investigative subpoena to TP-Link Systems Inc. to examine its cybersecurity practices and handling of U.S. consumer data, amid concerns about potential data-sharing with the Chinese Communist Party and misleading security claims. The investigation is conducted under the Florida Deceptive and Unfair Trade Practices Act.
California Attorney General Rob Bonta co-led a coalition of 18 attorneys general in submitting a comment letter opposing the Department of Homeland Security's expansion of the Systematic Alien Verification for Entitlements (SAVE) program to include U.S.-born citizens. The coalition argues the expansion violates the Privacy Act of 1974, creates a massive surveillance database, increases data breach risks, and will lead to inaccurate verifications and denial of benefits.
Henry Ford Health (Healthcare Provider, MI) reported a HIPAA breach affecting 1,984 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Desktop Computer.
Connecticut Attorney General William Tong joined a bipartisan coalition of nine states in a $7 million settlement with Greystar Management Services LLC, the largest U.S. landlord, for anticompetitive algorithmic pricing practices. Greystar shared competitively sensitive data with competitors via RealPage's algorithms and discussed pricing strategies, leading to inflated rents. The consent decree prohibits such conduct, requires monitoring if using uncertified algorithms, and bars participation in RealPage competitor meetings.
$7.0M
Marrs Ear, Nose & Throat, PA (Healthcare Provider, FL) reported a HIPAA breach affecting 6,376 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
West Suburban Eye Surgery Center LLC (Business Associate, MA) reported a HIPAA breach affecting 500 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
Incyte Pathology, P.S. (Healthcare Provider, WA) reported a HIPAA breach affecting 629 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
Better Vision Eyecare, LLC (Healthcare Provider, AZ) reported a HIPAA breach affecting 501 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
Legacy Health, LLC (Business Associate, TX) reported a HIPAA breach affecting 6,547 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
Express Canna Cards, LLC (Healthcare Provider, FL) reported a HIPAA breach affecting 5,000 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
New York Attorney General Letitia James announced a settlement with accounting firm Wojeski & Company for failing to secure customer data, resulting in two data breaches that exposed personal information of over 4,700 New Yorkers. The firm delayed breach notification for over a year and had unauthorized employee access to data, leading to a $60,000 penalty and mandatory cybersecurity improvements.
$60K
The Florida Attorney General's Office of Parental Rights filed a civil enforcement action against Roku, Inc. for violating the Florida Digital Bill of Rights and FDUTPA by collecting and selling children's personal data without parental consent and misrepresenting privacy controls. The action seeks civil penalties, injunctive relief, and measures to ensure compliance.
The Texas Attorney General opened an investigation into TP-Link Systems Inc. for potentially allowing the Chinese government to access Texans' consumer data through back doors in networking equipment. The investigation will examine whether TP Link violated Texas privacy law by misleading consumers about its independence and improperly collecting or disclosing data. This follows a prior privacy notice violation issued to the company.
Arizona Health Care Cost Containment System- State Medicaid Agency (Health Plan, AZ) reported a HIPAA breach affecting 3,177 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
Florida Health Sciences Center, Inc (Healthcare Provider, FL) reported a HIPAA breach affecting 896 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
California Attorney General Rob Bonta filed a lawsuit against the City of El Cajon for unlawfully sharing Automated License Plate Reader (ALPR) data with over 100 out-of-state law enforcement agencies, violating state law that restricts such data to California public agencies. The AG is seeking a court order to halt the sharing and compel compliance with state privacy protections.
Harris County Hospital District d/b/a Harris Health (Healthcare Provider, TX) reported a HIPAA breach affecting 5,357 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
The California Privacy Protection Agency (CPPA) settled with Tractor Supply Company for $1.35 million over violations of the California Consumer Privacy Act (CCPA). The violations included failing to maintain a proper privacy policy, not notifying job applicants of their rights, lacking an effective opt-out mechanism, and sharing personal information without adequate contracts. Tractor Supply must pay the fine and implement remedial measures such as scanning digital properties and annual compliance certification.
$1.4M
Weekend Health, LLC (Business Associate, NY) reported a HIPAA breach affecting 1,643 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
Blue Shield of California (Business Associate, CA) reported a HIPAA breach affecting 607 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
VIVA Health (Health Plan, AL) reported a HIPAA breach affecting 4,945 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other.
Gainwell Technologies LLC (Business Associate, TX) reported a HIPAA breach affecting 912 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other.
New York Attorney General Letitia James and a coalition of 20 other states sued the U.S. Department of Agriculture to stop its demand for personal information of SNAP recipients for immigration enforcement. The District Court issued a temporary restraining order blocking USDA's demand and preventing funding cuts, citing violations of laws protecting SNAP data confidentiality.
Health & Palliative Services of the Treasure Coast, Inc d/b/a Treasure Coast Hospice (“Treasure Health ”) (Healthcare Provider, FL) reported a HIPAA breach affecting 13,230 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
Munson Healthcare (Healthcare Provider, MI) reported a HIPAA breach affecting 1,186 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Western Skies Wellness LLC (Healthcare Provider, OR) reported a HIPAA breach affecting 1,700 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record, Other.
Prime Therapeutics LLC (Business Associate, MN) reported a HIPAA breach affecting 2,266 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Laptop.
Independent Health Association, Inc. (Health Plan, NY) reported a HIPAA breach affecting 637 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other.
Bevel Health Medical Group (Healthcare Provider, PA) reported a HIPAA breach affecting 510 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
Texas Attorney General Ken Paxton has opened an investigation into Meta AI Studio and Character.AI for deceptive practices in marketing AI chatbots as mental health services to children. The platforms are accused of impersonating licensed professionals, fabricating qualifications, and exploiting user data for advertising without proper disclosure. Civil Investigative Demands have been issued to examine violations of Texas consumer protection laws and the SCOPE Act.
Attorney General William Tong is seeking a preliminary injunction to block the U.S. Department of Agriculture from forcing states to share private data of SNAP participants, including social security numbers and shopping history. USDA is threatening to cut off administrative funding if states do not comply, which AG Tong argues violates federal privacy laws and the Constitution.
UnitedHealthcare (Health Plan, CT) reported a HIPAA breach affecting 3,215 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Zelis Healthcare LLC (Business Associate, MA) reported a HIPAA breach affecting 4,289 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Berkshire Health Systems, Inc. (Healthcare Provider, MA) reported a HIPAA breach affecting 1,421 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
University of Miami (Healthcare Provider, FL) reported a HIPAA breach affecting 2,928 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
Attorney General William Tong, leading a coalition of 22 states, filed a lawsuit against the U.S. Department of Agriculture for demanding that states disclose sensitive personal data of SNAP recipients. The demand violates federal privacy laws and the Constitution, and threatens to withhold critical funding. The lawsuit seeks to block USDA from conditioning SNAP administrative funds on data disclosure.
New Jersey Attorney General Matthew J. Platkin joined a coalition of 20 attorneys general in filing a lawsuit against the U.S. Department of Agriculture (USDA) for demanding that states turn over sensitive personal information of SNAP recipients, including Social Security numbers and addresses. The lawsuit argues that this demand violates federal privacy laws and the Constitution, as the data is protected and should only be used for program administration. The coalition seeks to block USDA from conditioning SNAP funding on compliance with this demand.
Massachusetts Attorney General Andrea Campbell, joined by a coalition of 21 states and Kentucky, filed a lawsuit challenging the U.S. Department of Agriculture's demand that states turn over sensitive personal data of SNAP recipients. The lawsuit argues that this demand violates federal privacy laws and the Spending Clause, threatening the privacy of millions of low-income families and coercing states by threatening funding cuts.
New York Attorney General Letitia James, joined by 20 other states and Kentucky, filed a lawsuit challenging the Trump administration's policy requiring states to disclose personal information of SNAP recipients to federal agencies. The policy violates privacy laws by demanding sensitive data like Social Security numbers for potential immigration enforcement. The coalition seeks a court injunction to stop the illegal data sharing.
Blue Shield of California (Health Plan, CA) reported a HIPAA breach affecting 783 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Laptop, Network Server, Other.
California Attorney General Rob Bonta announced a $1.55 million settlement with Healthline Media LLC for CCPA violations. Healthline failed to honor opt-out requests, shared consumer data including health-related article titles with third parties, and used deceptive privacy practices. The settlement includes injunctive relief and a compliance program.
$1.6M
Clinical Practices of the University of Pennsylvania (Healthcare Provider, PA) reported a HIPAA breach affecting 1,432 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Minneapolis VA Medical Center (Healthcare Provider, MN) reported a HIPAA breach affecting 1,099 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Blue Shield of California (Business Associate, CA) reported a HIPAA breach affecting 673 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
Winkler County Hospital District (Healthcare Provider, TX) reported a HIPAA breach affecting 637 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
Florida Attorney General James Uthmeier issued subpoenas to Contec and Epsimed for selling medical devices that transmit patient data to China without adequate security. The companies are accused of violating Florida's Deceptive and Unfair Trade Practices Act by misrepresenting FDA approval and concealing cybersecurity vulnerabilities. The AG seeks damages, civil penalties, and injunctive relief to protect consumers.
AltaMed Health Services Corporation (Healthcare Provider, CA) reported a HIPAA breach affecting 4,530 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
Texas Attorney General Ken Paxton filed a lawsuit in the 23andMe bankruptcy case to prevent the sale of Texans' genetic data without proper consent. The action seeks to confirm Texans' property rights over their genetic information under the Texas Data Privacy and Security Act and the Texas Direct-to-Consumer Genetic Testing Act. The AG argues that 23andMe's proposed asset sale would violate Texas law requiring separate express consent for disclosure of genetic information.
Connecticut joined a coalition of 28 attorneys general to object to 23andMe's proposed sale of genetic data in bankruptcy without customer consent. The states argue such sensitive information requires express consent and cannot be sold like ordinary property. Attorney General Tong also advised consumers to delete their data and genetic samples.
Public Health Trust of Miami Dade County DBA Jackson Health System (Healthcare Provider, FL) reported a HIPAA breach affecting 2,599 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
Centivo Corporation (Business Associate, GA) reported a HIPAA breach affecting 630 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
Blue Shield of California (Business Associate, CA) reported a HIPAA breach affecting 1,543 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other.
Jupiter Family Medicine PC (Healthcare Provider, MI) reported a HIPAA breach affecting 3,000 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
The Smith Institute for Urology (Healthcare Provider, NY) reported a HIPAA breach affecting 2,263 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Desktop Computer.
NHPP Physical Medicine and Rehabilitation (Healthcare Provider, NY) reported a HIPAA breach affecting 1,353 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other.
North Shore University Hospital Sleep Disorders Center (Healthcare Provider, NY) reported a HIPAA breach affecting 13,332 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other.
Sports Physical Therapy, Occupational Therapy and Rehabilitation Services of the North Shore, P.L.L.C (Healthcare Provider, NY) reported a HIPAA breach affecting 6,195 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other.
Insulet Corporation (Healthcare Provider, MA) reported a HIPAA breach affecting 841 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
CVS Caremark (Business Associate, RI) reported a HIPAA breach affecting 2,599 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Blue Cross Blue Shield of Texas (Business Associate, IL) reported a HIPAA breach affecting 593 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Texas Attorney General Ken Paxton has issued notices to several Chinese companies, including TP-Link, Alibaba, and CapCut, for violating the Texas Data Privacy and Security Act (TDPSA). The companies must comply with TDPSA's requirements to disclose data processing, allow opt-outs, and enable data deletion within 30 days, or face further legal action.
Texas Attorney General Ken Paxton announced legal action against several Chinese companies, including TP-Link, Alibaba, and CapCut, for violating the Texas Data Privacy and Security Act (TDPSA). The companies have been given 30 days to comply with requirements to disclose data processing, allow consumers to opt out of data collection, and enable data deletion. Failure to comply will result in further legal action to protect Texans' privacy rights and prevent data from being accessed by the Chinese Communist Party.