1,338 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,338
Total Actions
14
Jurisdictions
$50.6B+
Total Fines Tracked
Change Healthcare, Inc. (Business Associate, MN) reported a HIPAA breach affecting 192,700,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Community Counseling of Bristol County, Inc. (Healthcare Provider, MA) reported a HIPAA breach affecting 44,991 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Fairfax Radiological Consultants (Healthcare Provider, VA) reported a HIPAA breach affecting 3,512 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
School Employees' Benefit Trust (Health Plan, IN) reported a HIPAA breach affecting 1,371 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Palomar Health Medical Group (Healthcare Provider, CA) reported a HIPAA breach affecting 1,140,221 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Ascension Health (Healthcare Provider, MO) reported a HIPAA breach affecting 5,466,931 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Atlanta Perinatal Consultants, LLP (Healthcare Provider, GA) reported a HIPAA breach affecting 1,508 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Regional Obstetrical Consultants PC (Healthcare Provider, TN) reported a HIPAA breach affecting 25,650 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
The Lash Group, LLC (Business Associate, PA) reported a HIPAA breach affecting 15,196 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Neurobehavioral Medicine Consultants, P.C. (Healthcare Provider, OH) reported a HIPAA breach affecting 18,182 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
California Attorney General Rob Bonta announced a $6.75 million settlement with software company Blackbaud over a 2020 data breach that exposed consumers' personal information including Social Security numbers, bank account details, and medical data. Blackbaud was found to have inadequate data security practices, failed to timely and accurately notify impacted individuals of the breach, and made misleading public disclosures about the breach and its pre-breach security measures. The settlement requires Blackbaud to pay penalties and implement enhanced data security and breach notification protocols.
$6.8M
ASBESTOS WORKERS LOCAL 42 WELFARE PLAN (Health Plan, GA) reported a HIPAA breach affecting 520 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
IBEW LOCAL 236 WELFARE FUND (Health Plan, CT) reported a HIPAA breach affecting 3,217 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Signature Performance, Inc. (Business Associate, NE) reported a HIPAA breach affecting 130,228 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Community Alliance Rehabilitation Services (Healthcare Provider, NE) reported a HIPAA breach affecting 10,750 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Panorama Eyecare (Healthcare Provider, CO) reported a HIPAA breach affecting 377,911 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Easterseals Central Illinois (Healthcare Provider, IL) reported a HIPAA breach affecting 14,855 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
AmerisourceBergen Specialty Group, LLC (Healthcare Provider, PA) reported a HIPAA breach affecting 3,102 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
A&A Services d/b/a Sav-Rx (Business Associate, NE) reported a HIPAA breach affecting 2,812,336 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
AmerisourceBergen Specialty Group, LLC (Healthcare Provider, PA) reported a HIPAA breach affecting 252,214 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Tri-City Healthcare District (Healthcare Provider, CA) reported a HIPAA breach affecting 108,149 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Trionfo Solutions, LLC (Business Associate, IL) reported a HIPAA breach affecting 81,588 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
The FTC finalized a consent order against Blackbaud Inc. for alleged security failures that led to a data breach exposing personal data of millions of consumers. Blackbaud must delete unnecessary data, implement a security program, and not misrepresent its policies. No monetary penalty was imposed.
Omni Healthcare Financial Holdings (Business Associate, NC) reported a HIPAA breach affecting 16,852 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Victoria Eye Center/Victoria Surgery Center/Victoria Vision Center (Healthcare Provider, TX) reported a HIPAA breach affecting 80,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Pope & Conner Consulting, Inc. (Business Associate, WI) reported a HIPAA breach affecting 1,035 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Hypertension-Nephrology Associates, P.C. (Healthcare Provider, PA) reported a HIPAA breach affecting 39,491 individuals. Breach type: Hacking/IT Incident. Location of breached information: Electronic Medical Record, Network Server.
Superior Air-Ground Ambulance Service, Inc. (Healthcare Provider, IL) reported a HIPAA breach affecting 1,039,972 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
WebTPA Employer Services, LLC (“WebTPA”) (Business Associate, TX) reported a HIPAA breach affecting 2,518,533 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Watson Clinic (Healthcare Provider, FL) reported a HIPAA breach affecting 280,278 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
All data sourced from official government enforcement pages.