1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
Mercy Surgical Dressing Group, Inc. (Business Associate, PA) reported a HIPAA breach affecting 4,159 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Harbin Clinic, LLC (Healthcare Provider, GA) reported a HIPAA breach affecting 176,149 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Compassion Health Care, Inc. (Healthcare Provider, NC) reported a HIPAA breach affecting 23,282 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Weiser Valley Hospital District dba Weiser Memorial Hospital (Healthcare Provider, ID) reported a HIPAA breach affecting 59,990 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Doctors Hospital at Renaissance, LTD (Healthcare Provider, TX) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
CareNexa, LLC, doing business as Molecular Testing Labs (Healthcare Provider, WA) reported a HIPAA breach affecting 7,711 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Anne Arundel County Department of Health (Healthcare Provider, MD) reported a HIPAA breach affecting 500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
HopeHealth, Inc. (Healthcare Provider, SC) reported a HIPAA breach affecting 5,823 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Hunter Health Clinic (Healthcare Provider, KS) reported a HIPAA breach affecting 28,431 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Union County Children and Youth Services (Healthcare Provider, PA) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
CVS Caremark (Business Associate, RI) reported a HIPAA breach affecting 2,599 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Washington Gastroenterology (Healthcare Provider, WA) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Attorney General Ken Paxton sued Google for unlawfully tracking and collecting Texans' private data, including geolocation, incognito searches, and biometric data. The case resulted in a $1.375 billion settlement, the largest ever against Google for state privacy enforcement, marking a major win for data privacy rights.
$1.4B
Blue Cross Blue Shield of Texas (Business Associate, IL) reported a HIPAA breach affecting 593 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Tri-City Cardiology Consultants, P.C. (Healthcare Provider, AZ) reported a HIPAA breach affecting 22,753 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
The California Privacy Protection Agency ordered Jerico Pictures, Inc., doing business as National Public Data, to pay a $46,000 fine for failing to register and pay the annual fee required under the Delete Act. The order was issued by default after the company did not contest the allegations, highlighting CPPA's enforcement of data broker registration requirements.
$46K
The California Privacy Protection Agency (CPPA) ordered Jerico Pictures, Inc., doing business as National Public Data, to pay a $46,000 fine for failing to register and pay the annual fee required under California's Delete Act. The order was issued by default after the company did not contest the allegations. This enforcement action highlights the CPPA's efforts to ensure data broker compliance with registration laws.
$46K
Allied Services Division Welfare Fund (Health Plan, IL) reported a HIPAA breach affecting 5,727 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Texas Attorney General Ken Paxton issued a 30-day compliance notice to TP-Link, Alibaba, CapCut, and other CCP-affiliated Chinese companies for violating the Texas Data Privacy and Security Act (TDPSA). The companies are accused of failing to disclose consumer data processing activities, allow opt-out of data collection, and enable consumer data deletion as required by Texas law. If the companies do not comply within 30 days, the Attorney General's office will pursue additional legal action.
The Carpenter Health Network (Healthcare Provider, LA) reported a HIPAA breach affecting 878 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Texas Attorney General Ken Paxton has issued notices to several Chinese companies, including TP-Link, Alibaba, and CapCut, for violating the Texas Data Privacy and Security Act (TDPSA). The companies must comply with TDPSA's requirements to disclose data processing, allow opt-outs, and enable data deletion within 30 days, or face further legal action.
Texas Attorney General Ken Paxton announced legal action against several Chinese companies, including TP-Link, Alibaba, and CapCut, for violating the Texas Data Privacy and Security Act (TDPSA). The companies have been given 30 days to comply with requirements to disclose data processing, allow consumers to opt out of data collection, and enable data deletion. Failure to comply will result in further legal action to protect Texans' privacy rights and prevent data from being accessed by the Chinese Communist Party.
Texas Attorney General Ken Paxton has notified several Chinese companies, including TP-Link, Alibaba, and CapCut, that they are violating the Texas Data Privacy and Security Act (TDPSA). The companies must comply with TDPSA requirements to disclose data processing, allow consumer opt-outs, and enable data deletion within 30 days. Failure to comply will result in further legal action.
SunLink Health Systems, Inc. (Healthcare Provider, GA) reported a HIPAA breach affecting 2,856 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
The California Privacy Protection Agency (CPPA) settled with Todd Snyder, Inc. for violating the California Consumer Privacy Act (CCPA) by failing to process opt-out requests, requiring excessive information for privacy requests, and improperly verifying identities for opt-outs. The company must pay a $345,178 fine and overhaul its privacy practices, including configuring opt-out mechanisms and providing employee training.
$345K
Minnesota Orthodontics and Dentofacial Orthopedics, P.A. (Healthcare Provider, MN) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Monongalia Health System, Inc. (Healthcare Provider, WV) reported a HIPAA breach affecting 4,895 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
CardioVascular Health Clinic (Healthcare Provider, OK) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Absolute Dental Group, LLC (Business Associate, NV) reported a HIPAA breach affecting 1,223,635 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Sonrisas Dental Health (Healthcare Provider, CA) reported a HIPAA breach affecting 15,644 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
All data sourced from official government enforcement pages.