1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
Laurel Cancer Care, LLC (Healthcare Provider, MS) reported a HIPAA breach affecting 1,541 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Zelis Healthcare LLC (Business Associate, MA) reported a HIPAA breach affecting 4,289 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Dr. Doug's Pediatric Dentistry (Healthcare Provider, UT) reported a HIPAA breach affecting 3,590 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Altos Inc (Business Associate, CA) reported a HIPAA breach affecting 1,634 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
PROVAIL (Healthcare Provider, WA) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Friesen Group (Healthcare Provider, CA) reported a HIPAA breach affecting 500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Center for Disability Services, Inc. (Healthcare Provider, NY) reported a HIPAA breach affecting 3,343 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
The California Privacy Protection Agency (CPPA) filed a petition in Superior Court to enforce a subpoena against Tractor Supply Company for alleged CCPA violations, including failure to honor consumers' right to opt-out of the sale and sharing of personal information. This is the CPPA's first judicial action to enforce an investigative subpoena, and the agency is seeking court assistance to compel the company's compliance.
South Coast Pediatrics (Healthcare Provider, CA) reported a HIPAA breach affecting 7,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Precision Edodontics of Raleigh (Healthcare Provider, NC) reported a HIPAA breach affecting 4,022 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Florida Attorney General James Uthmeier filed a lawsuit against multiple online pornography websites for violating HB 3, which requires age verification to prevent minors from accessing harmful content. The companies, including XVideos.com and XNXX.com, have failed to implement age verification since the law took effect on January 1, 2025. The lawsuit seeks to enforce HB 3 and the Florida Deceptive and Unfair Trade Practices Act to protect children from exposure to explicit material.
Florida Attorney General James Uthmeier filed a lawsuit against multiple online pornography websites for violating HB 3 by not implementing age verification to prevent minors from accessing harmful content. The companies have ignored prior warnings and are accused of unfair business practices. The suit seeks to compel compliance with state law.
Genoa Community Hospital/LTC (Healthcare Provider, NE) reported a HIPAA breach affecting 2,544 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Western Montana Clinic PC (Healthcare Provider, MT) reported a HIPAA breach affecting 8,255 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Central Maine Healthcare (Healthcare Provider, ME) reported a HIPAA breach affecting 7,223 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Vail Summit Orthopaedics (Healthcare Provider, CO) reported a HIPAA breach affecting 5,044 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
David A. Nover, M.D., P.C. (Healthcare Provider, PA) reported a HIPAA breach affecting 4,703 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Berkshire Health Systems, Inc. (Healthcare Provider, MA) reported a HIPAA breach affecting 1,421 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
Attorney General William Tong, leading a coalition of 22 states, filed a lawsuit against the U.S. Department of Agriculture for demanding that states disclose sensitive personal data of SNAP recipients. The demand violates federal privacy laws and the Constitution, and threatens to withhold critical funding. The lawsuit seeks to block USDA from conditioning SNAP administrative funds on data disclosure.
University of Miami (Healthcare Provider, FL) reported a HIPAA breach affecting 2,928 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
PhyNet Dermatology, LLC (Business Associate, TN) reported a HIPAA breach affecting 1,308 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
The Center at Cordera (Healthcare Provider, CO) reported a HIPAA breach affecting 6,057 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
The California Privacy Protection Agency (CPPA) ordered Accurate Append, Inc. to pay a $55,400 fine for failing to register as a data broker under the Delete Act by the January 31, 2024 deadline. The company registered only after being contacted during an enforcement sweep and agreed to injunctive terms, including paying attorney fees for future non-compliance.
$55K
Compass Counseling Services, LLC (Healthcare Provider, FL) reported a HIPAA breach affecting 5,440 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
The New Jersey Division of Consumer Affairs sent warning letters to over 3,000 auto dealerships reminding them of the state's data deletion law, which requires dealerships to offer to delete personal data from vehicles when accepting them for resale or lease. Failure to comply can result in fines of $500 for first offenses and $1,000 for subsequent offenses, aimed at preventing unauthorized access to sensitive consumer information stored in vehicle infotainment systems.
Doctors’ Memorial Hospital (Healthcare Provider, FL) reported a HIPAA breach affecting 500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Nova Recovery Center, LLC d/b/a Nova Recovery Center (Healthcare Provider, TX) reported a HIPAA breach affecting 6,242 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Blue Shield of California (Health Plan, CA) reported a HIPAA breach affecting 783 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Laptop, Network Server, Other.
Kettering Adventist Healthcare (Healthcare Provider, OH) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
OrthoAtlanta LLC (Business Associate, GA) reported a HIPAA breach affecting 626 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
All data sourced from official government enforcement pages.