1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
SCLARC (Business Associate, CA) reported a HIPAA breach affecting 722 individuals. Breach type: Theft. Location of breached information: Laptop, Other Portable Electronic Device, Paper/Films.
Madison County, MS (Health Plan, MS) reported a HIPAA breach affecting 6,082 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Liberty Resources, Inc. (Healthcare Provider, NY) reported a HIPAA breach affecting 103,711 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Hillcrest Convalescent Center, Inc. (Healthcare Provider, NC) reported a HIPAA breach affecting 106,194 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Manchester Rehabilitation and Healthcare Center (Healthcare Provider, CT) reported a HIPAA breach affecting 5,415 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Community Care Alliance (Healthcare Provider, RI) reported a HIPAA breach affecting 114,975 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
CEI Vision Partners, LLC (Business Associate, MO) reported a HIPAA breach affecting 10,841 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Total Medical Imaging (Healthcare Provider, FL) reported a HIPAA breach affecting 27,000 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
East Hawaii Rehab, Inc. DBA Lehua Physical Therapy and Rehab (Healthcare Provider, HI) reported a HIPAA breach affecting 8,472 individuals. Breach type: Theft. Location of breached information: Other, Other Portable Electronic Device, Paper/Films.
Southeast Series of Lockton Companies, LLC (Lockton) (Business Associate, GA) reported a HIPAA breach affecting 1,124,727 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Gaylord Hospital, Inc (Healthcare Provider, CT) reported a HIPAA breach affecting 62,232 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Kronick Moskovitz Tiedemann & Girard (Business Associate, CA) reported a HIPAA breach affecting 2,511 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Carolina Arthritis Associates (Healthcare Provider, NC) reported a HIPAA breach affecting 36,961 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Palmetto Operating LLC d/b/a Palmetto Subacute Care Center (‘Palmetto’) (Healthcare Provider, FL) reported a HIPAA breach affecting 2,746 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
Lake Washington Vascular (Healthcare Provider, WA) reported a HIPAA breach affecting 21,534 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Consultants in Pain Medicine (Healthcare Provider, TX) reported a HIPAA breach affecting 1,124 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Spring Management OK, LLC (Business Associate, OK) reported a HIPAA breach affecting 2,494 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Restorix Health, Inc. (Business Associate, LA) reported a HIPAA breach affecting 38,553 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
Children's Dental Center at Preston Trail, P.C. d/b/a Park Place Pediatric Dentistry (Arlington, TX) (Healthcare Provider, TN) reported a HIPAA breach affecting 1,690 individuals. Breach type: Theft. Location of breached information: Laptop.
Cornerstones of Care (Healthcare Provider, MO) reported a HIPAA breach affecting 2,771 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Somnia, Inc. (Business Associate, NY) reported a HIPAA breach affecting 19,069 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Connecticut filed a statement of interest in the bankruptcy of Prospect Medical Holdings, alleging years of mismanagement that harmed patients and led to a ransomware attack compromising the data of 212,369 residents. The state seeks to ensure a responsible transition of hospitals and hold Prospect accountable for its misconduct.
UNITED BACKCARE PS dba Pacific Rehabilitation Centers (Healthcare Provider, WA) reported a HIPAA breach affecting 18,900 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Columbus Division of Fire (Healthcare Provider, OH) reported a HIPAA breach affecting 736 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
CPS Solutions, LLC (Business Associate, OH) reported a HIPAA breach affecting 500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
New York Attorney General Letitia James led a coalition of 11 other attorneys general in filing a lawsuit against the Trump administration for illegally granting Elon Musk and DOGE unauthorized access to the Treasury Department’s central payment system, exposing Social Security numbers, bank account information, and other private data of tens of millions of Americans. A federal judge granted a temporary restraining order on February 8, 2025, blocking access and ordering destruction of all obtained records, with the coalition seeking a preliminary injunction to continue the bar on unauthorized access.
Connecticut Attorney General William Tong, leading a coalition of 19 attorneys general, secured a temporary restraining order blocking DOGE and Elon Musk from accessing Treasury Department payment systems containing sensitive personal data. The court found the Trump Administration illegally granted unauthorized access, exposing Americans' bank account details and Social Security numbers. The order mandates destruction of downloaded materials and restricts access to vetted civil servants.
Blue & Co., LLC (Business Associate, IN) reported a HIPAA breach affecting 228,999 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Connecticut Attorney General William Tong joined a coalition of 19 attorneys general in suing President Trump and the U.S. Treasury to stop DOGE's unauthorized access to the Treasury's central payment system and confidential records, calling it the largest data breach in American history. The lawsuit seeks an injunction to block the expanded access policy and a declaration that it is unlawful.
Connecticut Attorney General William Tong filed a lawsuit against President Trump and the U.S. Treasury Department to stop DOGE's unauthorized access to the Treasury's central payment system, which contains sensitive personal information like bank details and Social Security numbers. The lawsuit seeks an injunction and a declaration that the new policy granting access to Elon Musk and DOGE members is unlawful and jeopardizes data security.
All data sourced from official government enforcement pages.