1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
City of Franklin (Healthcare Provider, WI) reported a HIPAA breach affecting 3,233 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Urology Associates of Charleston (Healthcare Provider, SC) reported a HIPAA breach affecting 2,060 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Clinical Practices of the University of Pennsylvania (Healthcare Provider, PA) reported a HIPAA breach affecting 1,432 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
California Cancer Associates for Research and Excellence – San Diego (Healthcare Provider, CA) reported a HIPAA breach affecting 638 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Denali Biomedical (Healthcare Provider, AK) reported a HIPAA breach affecting 2,413 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
PET Imaging of Dallas Northeast (Healthcare Provider, TX) reported a HIPAA breach affecting 1,935 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Orange County Radiation Oncology Medical Group (Healthcare Provider, CA) reported a HIPAA breach affecting 1,911 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Fairbanks Urology (Healthcare Provider, AK) reported a HIPAA breach affecting 4,289 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
PET Imaging of The Woodlands (Healthcare Provider, TX) reported a HIPAA breach affecting 2,978 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
PET Imaging of Tulsa (Healthcare Provider, OK) reported a HIPAA breach affecting 3,159 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
PET Imaging of Northern Colorado (Healthcare Provider, CO) reported a HIPAA breach affecting 4,824 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Integrated Oncology Network (Business Associate, TN) reported a HIPAA breach affecting 4,174 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Southwest Urology (Healthcare Provider, OH) reported a HIPAA breach affecting 7,214 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Bardmoor Cancer Center (Healthcare Provider, FL) reported a HIPAA breach affecting 991 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
PDCM Insurance (Business Associate, IA) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Jordan Drug, Inc. (Healthcare Provider, KY) reported a HIPAA breach affecting 4,947 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Minneapolis VA Medical Center (Healthcare Provider, MN) reported a HIPAA breach affecting 1,099 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Blue Shield of California (Business Associate, CA) reported a HIPAA breach affecting 673 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
Retina Associates of Cleveland, Inc. (Healthcare Provider, OH) reported a HIPAA breach affecting 3,604 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Harbor (Healthcare Provider, OH) reported a HIPAA breach affecting 2,703 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Skin Care Specialty Physicians (Healthcare Provider, MD) reported a HIPAA breach affecting 1,038 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Marquette County Medical Care Facility (Healthcare Provider, OH) reported a HIPAA breach affecting 1,499 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Broadwest Specialty Surgical Center (Healthcare Provider, IN) reported a HIPAA breach affecting 536 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Winkler County Hospital District (Healthcare Provider, TX) reported a HIPAA breach affecting 637 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
Florida Attorney General James Uthmeier issued subpoenas to Contec, a Chinese medical device manufacturer, and Epsimed, a Miami-based reseller, over allegations that their patient monitors contain backdoors and automatically transmit patient data to China without consent. The companies are accused of violating Florida's Deceptive and Unfair Trade Practices Act by omitting material security vulnerabilities andmaking false representations about FDA approval and product quality. The AG may seek damages, civil penalties, and injunctive relief in future enforcement.
Diversified Services Enterprises (Business Associate, FL) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
AltaMed Health Services Corporation (Healthcare Provider, CA) reported a HIPAA breach affecting 4,530 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
Elmore County (Healthcare Provider, ID) reported a HIPAA breach affecting 931 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Kelley Drye & Warren LLP (Business Associate, NY) reported a HIPAA breach affecting 771 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Texas Attorney General Ken Paxton filed a lawsuit in the 23andMe bankruptcy case to prevent the sale of Texans' genetic data without proper consent. The action seeks to confirm Texans' property rights over their genetic information under the Texas Data Privacy and Security Act and the Texas Direct-to-Consumer Genetic Testing Act. The AG argues that 23andMe's proposed asset sale would violate Texas law requiring separate express consent for disclosure of genetic information.
All data sourced from official government enforcement pages.