1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
Texas Attorney General Ken Paxton announced the effective date of a $7.4 billion settlement with Purdue Pharma, Inc. and the Sackler family over their role in fueling the opioid crisis. Texas will receive $286.5 million from the settlement, bringing the state’s total opioid recovery funds to over $3 billion. The settlement includes permanent bans on Sackler opioid sales in the U.S., public release of 30 million company documents, and distribution of funds for addiction treatment and prevention over 15 years.
$7.4B
QualDerm Partners, LLC (Healthcare Provider, TN) reported a HIPAA breach affecting 3,117,874 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
TriZetto Provider Solutions (Business Associate, MO) reported a HIPAA breach affecting 3,433,965 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Connecticut Attorney General William Tong led a coalition of 48 states and territories in announcing settlements with Lannett Company, Inc. and Bausch Health entities totaling $17.85 million. The settlements resolve allegations that the companies engaged in conspiracies to inflate prices and limit competition for generic prescription drugs. The companies agreed to cooperate in ongoing litigation and implement internal reforms, while a new complaint was filed against Novartis and subsidiaries.
$17.9M
Consumer protection case: Oregon Attorney General filed a lawsuit against six major drug companies and pharmacy benefit managers for allegedly coordinating to inflate insulin prices, seeking $900 million in damages under the Unlawful Trade Practices Act.
$900.0M
The U.S. Bankruptcy Court confirmed a $7.4 billion settlement between Purdue Pharma, the Sackler Family, and 55 attorneys general to resolve claims over the opioid crisis. Connecticut will receive up to $64 million for treatment, prevention, and victim support. The settlement bars the Sacklers from selling opioids and requires public disclosure of documents.
$7.4B
Aflac Incorporated (“Aflac”) (Health Plan, GA) reported a HIPAA breach affecting 13,924,906 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
DaVita Inc. (Healthcare Provider, CO) reported a HIPAA breach affecting 2,689,826 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Anne Arundel Dermatology (Healthcare Provider, MD) reported a HIPAA breach affecting 1,905,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Radiology Associates of Richmond, Inc. (Healthcare Provider, VA) reported a HIPAA breach affecting 1,419,091 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Episource, LLC (Business Associate, CA) reported a HIPAA breach affecting 6,725,572 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Absolute Dental Group, LLC (Business Associate, NV) reported a HIPAA breach affecting 1,223,635 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Blue Shield of California (Business Associate, CA) reported a HIPAA breach affecting 4,700,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Connecticut Attorney General William Tong leads a multistate coalition in a $39.1 million settlement with Apotex for conspiracy to inflate generic drug prices and limit competition. The settlement resolves allegations of widespread price-fixing and requires Apotex to pay compensation to affected consumers, agree to injunctive relief, and implement internal reforms to ensure antitrust compliance.
$39.1M
Southeast Series of Lockton Companies, LLC (Lockton) (Business Associate, GA) reported a HIPAA breach affecting 1,124,727 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Community Health Center, Inc. (Healthcare Provider, CT) reported a HIPAA breach affecting 1,060,936 individuals. Breach type: Hacking/IT Incident. Location of breached information: Electronic Medical Record, Network Server.
Lubbock County Hospital District (Healthcare Provider, TX) reported a HIPAA breach affecting 1,461,776 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Attorney General William Tong announced settlements with Heritage Pharmaceuticals and Apotex totaling $49.1 million to resolve allegations of price-fixing conspiracies for generic prescription drugs. The companies agreed to cooperate in ongoing multistate litigation and implement internal reforms to ensure fair competition.
$49.1M
Summit Pathology and Summit Pathology Laboratories, Inc. (Healthcare Provider, CO) reported a HIPAA breach affecting 1,813,538 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Acadian Ambulance Service, Inc. (Healthcare Provider, LA) reported a HIPAA breach affecting 2,896,985 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
HealthEquity, Inc. (Business Associate, UT) reported a HIPAA breach affecting 4,300,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Change Healthcare, Inc. (Business Associate, MN) reported a HIPAA breach affecting 192,700,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Palomar Health Medical Group (Healthcare Provider, CA) reported a HIPAA breach affecting 1,140,221 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Ascension Health (Healthcare Provider, MO) reported a HIPAA breach affecting 5,466,931 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Geisinger (Healthcare Provider, PA) reported a HIPAA breach affecting 1,276,026 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
A&A Services d/b/a Sav-Rx (Business Associate, NE) reported a HIPAA breach affecting 2,812,336 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Superior Air-Ground Ambulance Service, Inc. (Healthcare Provider, IL) reported a HIPAA breach affecting 1,039,972 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
WebTPA Employer Services, LLC (“WebTPA”) (Business Associate, TX) reported a HIPAA breach affecting 2,518,533 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Kaiser Foundation Health Plan, Inc. (Health Plan, CA) reported a HIPAA breach affecting 13,400,000 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
California Attorney General Rob Bonta, alongside six county district attorneys, announced a $49 million settlement with Kaiser Foundation Health Plan, Inc. and Kaiser Foundation Hospitals resolving allegations of unlawful disposal of hazardous waste, medical waste, and protected patient health information. Investigations of 16 Kaiser facilities found hundreds of hazardous and medical waste items and over 10,000 paper records containing data of more than 7,700 patients in unsecured dumpsters. The settlement requires Kaiser to pay up to $49 million in penalties and compliance costs, retain an independent auditor for five years of regular audits, and implement enhanced waste and data disposal procedures.
$49.0M
All data sourced from official government enforcement pages.