1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
Compumedics USA, Inc. (Business Associate, NC) reported a HIPAA breach affecting 318,150 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
McLaren Health Care (Healthcare Provider, MI) reported a HIPAA breach affecting 743,131 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Mainline Health Systems Inc (Healthcare Provider, AR) reported a HIPAA breach affecting 101,104 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Florida Attorney General James Uthmeier issued subpoenas to Contec and Epsimed for selling medical devices that transmit patient data to China without adequate security. The companies are accused of violating Florida's Deceptive and Unfair Trade Practices Act by misrepresenting FDA approval and concealing cybersecurity vulnerabilities. The AG seeks damages, civil penalties, and injunctive relief to protect consumers.
Central Kentucky Radiology (Healthcare Provider, KY) reported a HIPAA breach affecting 166,953 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Decisely Insurance Services, LLC (Business Associate, GA) reported a HIPAA breach affecting 537,603 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server, Other.
Southern Connecticut Vascular Center, LLC (Healthcare Provider, CT) reported a HIPAA breach affecting 154,417 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Renkim Corporation (Business Associate, MI) reported a HIPAA breach affecting 105,518 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
The FTC entered into a settlement with U.K.-based payment processor Paddle to resolve allegations that its unfair payment processing practices facilitated tech support scammers operating in Cyprus. Paddle agreed to pay a $5 million monetary penalty as part of the settlement.
$5.0M
Harbin Clinic, LLC (Healthcare Provider, GA) reported a HIPAA breach affecting 176,149 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Attorney General William Tong obtained a $4.93 million judgment against Planet Zaza of East Haven and its owner for persistent illegal cannabis sales in violation of a court order. The court imposed penalties of $5,000 per day for each day of violation and $25,000 per day for violating the temporary injunction, totaling $4.93 million.
$4.9M
Ascension Health (Healthcare Provider, MO) reported a HIPAA breach affecting 437,329 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Onsite Mammography (Business Associate, MA) reported a HIPAA breach affecting 357,265 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Bell Ambulance, Inc. (Healthcare Provider, WI) reported a HIPAA breach affecting 237,830 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
The City of Long Beach, CA (Healthcare Provider, CA) reported a HIPAA breach affecting 258,191 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Endue Software (Business Associate, ME) reported a HIPAA breach affecting 118,028 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Kelly & Associates Insurance Group, Inc. (Business Associate, MD) reported a HIPAA breach affecting 553,332 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Alabama Ophthalmology Associates (Healthcare Provider, AL) reported a HIPAA breach affecting 131,576 individuals. Breach type: Hacking/IT Incident. Location of breached information: Desktop Computer, Network Server.
Dameron Hospital (Healthcare Provider, CA) reported a HIPAA breach affecting 210,706 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Frederick Health (Healthcare Provider, MD) reported a HIPAA breach affecting 934,326 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Community Dental Care, Inc. (Healthcare Provider, MN) reported a HIPAA breach affecting 134,903 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
CDHA Management, LLC and Spark DSO, LLC dba Chord Specialty Dental Partners (Healthcare Provider, TN) reported a HIPAA breach affecting 173,430 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Hillcrest Convalescent Center, Inc. (Healthcare Provider, NC) reported a HIPAA breach affecting 106,194 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Liberty Resources, Inc. (Healthcare Provider, NY) reported a HIPAA breach affecting 103,711 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Community Care Alliance (Healthcare Provider, RI) reported a HIPAA breach affecting 114,975 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Connecticut Attorney General William Tong announced a $5 million settlement with Stone Academy and its owners for unfair and deceptive conduct. The defunct for-profit nursing school misrepresented its programs and failed to provide promised education, abruptly closing in February 2023. The settlement provides cash compensation to harmed students and bars the owners from higher education employment.
$5.0M
New York Attorney General Letitia James led a multistate lawsuit against Elon Musk and his Department of Government Efficiency (DOGE) for gaining unauthorized access to the U.S. Treasury's payment system, which contains Americans' sensitive personal data and controls vital funding. A federal judge granted a temporary restraining order blocking DOGE from accessing this data and requiring the destruction of any records already obtained, with a preliminary injunction hearing set for February 14, 2025.
New Jersey Attorney General Matthew J. Platkin joined a coalition of 19 attorneys general in filing a lawsuit against the Trump administration for illegally granting Elon Musk and DOGE unauthorized access to the U.S. Treasury Department's central payment system, which contains sensitive personal information such as Social Security numbers and bank details. The lawsuit seeks an injunction to halt this policy and a declaration that it is unlawful and unconstitutional.
Blue & Co., LLC (Business Associate, IN) reported a HIPAA breach affecting 228,999 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
VectraRx Mail Pharmacy Services, LLC (Healthcare Provider, AZ) reported a HIPAA breach affecting 109,383 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
All data sourced from official government enforcement pages.