1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
Community Connections (Healthcare Provider, DC) reported a HIPAA breach affecting 18,949 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
New York Attorney General Letitia James secured a $550,000 settlement from Hudson Valley health care operator HealthAlliance over a 2023 data breach that compromised the personal and medical information of 242,641 New Yorkers. The breach occurred after HealthAlliance failed to patch a known vulnerability in its web application system, allowing cyberattackers to exfiltrate patient and employee data. As part of the settlement, HealthAlliance must pay the penalty and implement enhanced cybersecurity measures including a comprehensive security program, patch management policy, and data inventory requirements.
$550K
Atrium Health (Healthcare Provider, NC) reported a HIPAA breach affecting 585,959 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
Texas Tech University Health Sciences Center (Healthcare Provider, TX) reported a HIPAA breach affecting 650,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Conceptions Reproductive Associates of Colorado (Healthcare Provider, CO) reported a HIPAA breach affecting 80,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Texas Tech University Health Sciences Center El Paso (Healthcare Provider, TX) reported a HIPAA breach affecting 815,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
American Addiction Centers, Inc. (Business Associate, TN) reported a HIPAA breach affecting 410,747 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Citadel of Northbrook (Healthcare Provider, IL) reported a HIPAA breach affecting 2,155 individuals. Breach type: Hacking/IT Incident. Location of breached information: Electronic Medical Record, Network Server.
Lubbock County Hospital District (Healthcare Provider, TX) reported a HIPAA breach affecting 1,461,776 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
East Central Missouri Behavioral Health Services, Inc. (Healthcare Provider, MO) reported a HIPAA breach affecting 20,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Laboratory Services Cooperative (Healthcare Provider, WA) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
York County (Healthcare Provider, PA) reported a HIPAA breach affecting 841 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
AuthoraCare Collective (Healthcare Provider, NC) reported a HIPAA breach affecting 57,944 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
Terrace of Hialeah (Healthcare Provider, FL) reported a HIPAA breach affecting 1,177 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Dolton Nursing & Rehab, LLC (Healthcare Provider, IL) reported a HIPAA breach affecting 1,559 individuals. Breach type: Hacking/IT Incident. Location of breached information: Electronic Medical Record, Network Server.
HealthFund Solutions, LLC (Business Associate, FL) reported a HIPAA breach affecting 5,198 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Maternal Fetal Medicine Associates, PLLC, Carnegie Hill Imaging for Women, and Carnegie Women’s Health (collectively, “the Practices”) (Healthcare Provider, NY) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
ASPEN HEALTHCARE SERVICES INC (Healthcare Provider, TX) reported a HIPAA breach affecting 7,195 individuals. Breach type: Hacking/IT Incident. Location of breached information: Electronic Medical Record.
ESHA, Inc. (Business Associate, TX) reported a HIPAA breach affecting 76,922 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Physicians' Primary Care of Southwest Florida (Healthcare Provider, FL) reported a HIPAA breach affecting 500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Rocky Mountain Gastroenterology Associates PLLC (Healthcare Provider, CO) reported a HIPAA breach affecting 366,491 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Radiologic Medical Services, P.C. (Healthcare Provider, IA) reported a HIPAA breach affecting 56,902 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Humboldt Independent Practice Association (Humboldt IPA) (Healthcare Provider, CA) reported a HIPAA breach affecting 500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
United Seating and Mobility, LLC dba Numotion (Healthcare Provider, TN) reported a HIPAA breach affecting 2,319 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Mid-Minnesota Management Services d/b/a Central Resources (Business Associate, IL) reported a HIPAA breach affecting 1,232 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other.
Huron Inc. Health Plan (Health Plan, MI) reported a HIPAA breach affecting 750 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
South West Family Medicine Associates, PA (Healthcare Provider, TX) reported a HIPAA breach affecting 36,959 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Great Plains Regional Medical Center (Healthcare Provider, OK) reported a HIPAA breach affecting 133,149 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Mohawk Valley Cardiology, P.C. (Healthcare Provider, NY) reported a HIPAA breach affecting 4,973 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other.
Northeast Professional Home Care, Inc. (Healthcare Provider, OH) reported a HIPAA breach affecting 648 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
All data sourced from official government enforcement pages.