1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
The FTC alleged that Vanilla Chip LLC (d/b/a TruHeight) deceptively advertised height-enhancing supplements for children and teens without competent scientific evidence, and used fake employee-written and incentivized 5-star reviews. The proposed settlement requires TruHeight and its principals to pay $750,000, bars false health claims, and prohibits misleading review practices. A $4 million total judgment is partially suspended due to the respondents' inability to pay the full amount.
$750K
Manhattan Retirement Foundation d/b/a Meadowlark Hills (Healthcare Provider, KS) reported a HIPAA breach affecting 14,442 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Couve Healthcare Consulting, LLC DBA Evergreen Healthcare Group (Business Associate, WA) reported a HIPAA breach affecting 11,795 individuals. Breach type: Hacking/IT Incident. Location of breached information: Electronic Medical Record.
Emanuel Medical Center (Healthcare Provider, GA) reported a HIPAA breach affecting 28,963 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
National Association on Drug Abuse Problems (Healthcare Provider, NY) reported a HIPAA breach affecting 90,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Academic Urology & Urogynecology of Arizona (Healthcare Provider, AZ) reported a HIPAA breach affecting 73,281 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Communications Workers of America Local 1180 Security Benefits Fund (Health Plan, NY) reported a HIPAA breach affecting 18,550 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record, Other.
Cedar Point Health, LLC (Healthcare Provider, CO) reported a HIPAA breach affecting 23,114 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Wendy Foster OD (Healthcare Provider, KS) reported a HIPAA breach affecting 20,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Counseling Center of Wayne & Holmes Counties (Healthcare Provider, OH) reported a HIPAA breach affecting 83,354 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Triad Radiology Associates (Healthcare Provider, NC) reported a HIPAA breach affecting 11,011 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
WIRX Pharmacy (Healthcare Provider, PA) reported a HIPAA breach affecting 20,047 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
EyeCare Partners, LLC, including The Ophthalmology Group, Ophthalmology Consultants, and Ophthalmology Associates. (Healthcare Provider, MO) reported a HIPAA breach affecting 17,110 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Wakefield & Associates, LLC (Business Associate, TN) reported a HIPAA breach affecting 31,751 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Comstar, LLC, an ambulance billing vendor, suffered a data breach in March 2022 that exposed sensitive patient information, including Social Security numbers and medical records, of over 349,000 residents in Connecticut and Massachusetts. The settlement requires Comstar to pay $515,000 and implement enhanced security measures such as phishing protection and annual security assessments.
$515K
Clinic Service Corporation (Business Associate, CO) reported a HIPAA breach affecting 82,331 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Massachusetts Attorney General secured a $515,000 settlement with Comstar, LLC for a March 2022 data breach that exposed sensitive patient information of over 326,000 Massachusetts residents. Comstar violated Massachusetts Data Security regulations and HIPAA by failing to maintain adequate security measures. The settlement includes monetary payment and mandated security improvements.
$515K
Pecan Tree Dental, PLLC (Healthcare Provider, TX) reported a HIPAA breach affecting 13,300 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Jefferson-Blount-St. Clair Mental Health Authority (Healthcare Provider, AL) reported a HIPAA breach affecting 30,434 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
360 Dental PC (Healthcare Provider, PA) reported a HIPAA breach affecting 11,273 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Avosina Healthcare Solutions (Business Associate, VA) reported a HIPAA breach affecting 44,425 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Central Ozarks Medical Center (Healthcare Provider, MO) reported a HIPAA breach affecting 11,818 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Mid Michigan Medical Billing Service, Inc. (Business Associate, MI) reported a HIPAA breach affecting 28,185 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
New York Attorney General Letitia James secured a $500,000 settlement with orthopedics practice OrthopedicsNY, LLP for failing to implement adequate data security measures, leading to a 2023 cyberattack that exposed personal and health information of approximately 656,000 patients and employees. The settlement requires OrthopedicsNY to pay the penalty, fund one year of free credit monitoring for affected individuals, and adopt enhanced data security practices including multifactor authentication, encryption, and annual risk assessments.
$500K
AllerVie Health (Healthcare Provider, TX) reported a HIPAA breach affecting 80,521 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Artemis Healthcare Inc. (Healthcare Provider, TN) reported a HIPAA breach affecting 45,867 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Medical Center, LLP (Healthcare Provider, GA) reported a HIPAA breach affecting 32,090 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
North East Medical Services (Healthcare Provider, CA) reported a HIPAA breach affecting 91,513 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Excellent Home Care Services, LLC (Healthcare Provider, NY) reported a HIPAA breach affecting 16,278 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
West Texas Health, PLLC (Business Associate, TX) reported a HIPAA breach affecting 73,720 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
All data sourced from official government enforcement pages.