1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
Khalil Foundation (DBA Khalil Center) (Healthcare Provider, IL) reported a HIPAA breach affecting 1,153 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
Effortless Office Enterprises, LLC (Business Associate, NV) reported a HIPAA breach affecting 3,112 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
HealthEquity, Inc. (Business Associate, UT) reported a HIPAA breach affecting 1,549 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Richmond University Medical Center (Healthcare Provider, NY) reported a HIPAA breach affecting 674,033 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
California Correctional Health Care Services (Healthcare Provider, CA) reported a HIPAA breach affecting 1,416 individuals. Breach type: Loss. Location of breached information: Paper/Films.
Regional Care, Inc. (Healthcare Clearing House, NE) reported a HIPAA breach affecting 225,728 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
PracticeSuite, Inc. (Business Associate, FL) reported a HIPAA breach affecting 13,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Kitsap Mental Health Services (Healthcare Provider, WA) reported a HIPAA breach affecting 500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Teton Orthopaedics (Healthcare Provider, PA) reported a HIPAA breach affecting 13,409 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Summit Medical Group, PLLC (Healthcare Provider, TN) reported a HIPAA breach affecting 464,159 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Northwest Asthma and Allergy Center (Healthcare Provider, WA) reported a HIPAA breach affecting 1,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
El Paso Healthcare System, Ltd. d/b/a Las Palmas Del Sol Healthcare (Healthcare Provider, TX) reported a HIPAA breach affecting 1,854 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
Community Connections (Healthcare Provider, DC) reported a HIPAA breach affecting 18,949 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
River Region Cardiology (Healthcare Provider, AL) reported a HIPAA breach affecting 48,600 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
New York Attorney General Letitia James secured a $550,000 settlement from Hudson Valley health care operator HealthAlliance over a 2023 data breach that compromised the personal and medical information of 242,641 New Yorkers. The breach occurred after HealthAlliance failed to patch a known vulnerability in its web application system, allowing cyberattackers to exfiltrate patient and employee data. As part of the settlement, HealthAlliance must pay the penalty and implement enhanced cybersecurity measures including a comprehensive security program, patch management policy, and data inventory requirements.
$550K
Atrium Health (Healthcare Provider, NC) reported a HIPAA breach affecting 585,959 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
Citadel of Northbrook (Healthcare Provider, IL) reported a HIPAA breach affecting 2,155 individuals. Breach type: Hacking/IT Incident. Location of breached information: Electronic Medical Record, Network Server.
Conceptions Reproductive Associates of Colorado (Healthcare Provider, CO) reported a HIPAA breach affecting 80,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Texas Tech University Health Sciences Center El Paso (Healthcare Provider, TX) reported a HIPAA breach affecting 815,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
American Addiction Centers, Inc. (Business Associate, TN) reported a HIPAA breach affecting 410,747 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Texas Tech University Health Sciences Center (Healthcare Provider, TX) reported a HIPAA breach affecting 650,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Lubbock County Hospital District (Healthcare Provider, TX) reported a HIPAA breach affecting 1,461,776 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
East Central Missouri Behavioral Health Services, Inc. (Healthcare Provider, MO) reported a HIPAA breach affecting 20,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
York County (Healthcare Provider, PA) reported a HIPAA breach affecting 841 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Laboratory Services Cooperative (Healthcare Provider, WA) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
AuthoraCare Collective (Healthcare Provider, NC) reported a HIPAA breach affecting 57,944 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
Terrace of Hialeah (Healthcare Provider, FL) reported a HIPAA breach affecting 1,177 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Dolton Nursing & Rehab, LLC (Healthcare Provider, IL) reported a HIPAA breach affecting 1,559 individuals. Breach type: Hacking/IT Incident. Location of breached information: Electronic Medical Record, Network Server.
HealthFund Solutions, LLC (Business Associate, FL) reported a HIPAA breach affecting 5,198 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
ESHA, Inc. (Business Associate, TX) reported a HIPAA breach affecting 76,922 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
All data sourced from official government enforcement pages.