1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
Delta County Memorial Hospital District (Delta Health) (Healthcare Provider, CO) reported a HIPAA breach affecting 148,363 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
United of Omaha Life Insurance Company (Health Plan, NE) reported a HIPAA breach affecting 107,894 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Surgery Center of Mid Florida (Healthcare Provider, FL) reported a HIPAA breach affecting 48,684 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Sutton Dental Arts (Healthcare Provider, OR) reported a HIPAA breach affecting 4,109 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
EMS Department for the Kansas City, Kansas Fire Department (Healthcare Provider, KS) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Community Counseling of Bristol County, Inc. (Healthcare Provider, MA) reported a HIPAA breach affecting 44,991 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Change Healthcare, Inc. (Business Associate, MN) reported a HIPAA breach affecting 192,700,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Sun City Pediatrics, PA (Healthcare Provider, TX) reported a HIPAA breach affecting 4,500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Fairfax Radiological Consultants (Healthcare Provider, VA) reported a HIPAA breach affecting 3,512 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Connecticut Attorney General William Tong urged residents to enroll in free credit monitoring and identity theft protection following the Change Healthcare cyberattack in February 2024, which exposed sensitive health data. The breach potentially impacted up to one-third of Americans, but Change Healthcare has failed to provide individual notice to affected consumers. The AG joined other attorneys general in April 2024 to demand that UnitedHealth Group take more meaningful action to protect those harmed.
School Employees' Benefit Trust (Health Plan, IN) reported a HIPAA breach affecting 1,371 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Ascension Health (Healthcare Provider, MO) reported a HIPAA breach affecting 5,466,931 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Palomar Health Medical Group (Healthcare Provider, CA) reported a HIPAA breach affecting 1,140,221 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Regional Obstetrical Consultants PC (Healthcare Provider, TN) reported a HIPAA breach affecting 25,650 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Atlanta Perinatal Consultants, LLP (Healthcare Provider, GA) reported a HIPAA breach affecting 1,508 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Georgia Kidney Associates, Inc. (Healthcare Provider, GA) reported a HIPAA breach affecting 9,940 individuals. Breach type: Theft. Location of breached information: Other.
Geisinger (Healthcare Provider, PA) reported a HIPAA breach affecting 1,276,026 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
The Lash Group, LLC (Business Associate, PA) reported a HIPAA breach affecting 15,196 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Neurobehavioral Medicine Consultants, P.C. (Healthcare Provider, OH) reported a HIPAA breach affecting 18,182 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Blackbaud, a software company, suffered a data breach in 2020 due to inadequate security measures and made misleading statements about the breach and its security practices. California Attorney General Rob Bonta secured a $6.75 million settlement requiring Blackbaud to pay penalties and implement enhanced data security and breach notification protocols.
$6.8M
ASBESTOS WORKERS LOCAL 42 WELFARE PLAN (Health Plan, GA) reported a HIPAA breach affecting 520 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
IBEW LOCAL 236 WELFARE FUND (Health Plan, CT) reported a HIPAA breach affecting 3,217 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Signature Performance, Inc. (Business Associate, NE) reported a HIPAA breach affecting 130,228 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Community Alliance Rehabilitation Services (Healthcare Provider, NE) reported a HIPAA breach affecting 10,750 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Panorama Eyecare (Healthcare Provider, CO) reported a HIPAA breach affecting 377,911 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Insurance ACE/Humana Inc. (Health Plan, KY) reported a HIPAA breach affecting 15,003 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Easterseals Central Illinois (Healthcare Provider, IL) reported a HIPAA breach affecting 14,855 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
AmerisourceBergen Specialty Group, LLC (Healthcare Provider, PA) reported a HIPAA breach affecting 3,102 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
AmerisourceBergen Specialty Group, LLC (Healthcare Provider, PA) reported a HIPAA breach affecting 252,214 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
A&A Services d/b/a Sav-Rx (Business Associate, NE) reported a HIPAA breach affecting 2,812,336 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
All data sourced from official government enforcement pages.