1,338 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,338
Total Actions
14
Jurisdictions
$50.6B+
Total Fines Tracked
Cierant Corporation (Business Associate, CT) reported a HIPAA breach affecting 232,506 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Zumpano Patricios, P.A. (Business Associate, FL) reported a HIPAA breach affecting 279,275 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
California Attorney General Rob Bonta announced a $1.55 million settlement with health information website publisher Healthline Media LLC, resolving allegations that the company violated the CCPA and Unfair Competition Law. Violations included failing to honor consumer opt-out requests, sharing sensitive health data with third parties without required privacy protections, and using deceptive consent banners that did not disable tracking cookies. The settlement imposes injunctive terms, compliance requirements, and a civil penalty, marking the largest CCPA settlement to date.
$1.6M
Centers for Medicare & Medicaid Services (Health Plan, MD) reported a HIPAA breach affecting 107,154 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Heartland Regional Medical Center d/b/a Mosaic Life Care (Healthcare Provider, MO) reported a HIPAA breach affecting 145,269 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Compumedics USA, Inc. (Business Associate, NC) reported a HIPAA breach affecting 318,150 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Horizon Healthcare RCM (Healthcare Clearing House, IN) reported a HIPAA breach affecting 210,901 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
McLaren Health Care (Healthcare Provider, MI) reported a HIPAA breach affecting 743,131 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Mainline Health Systems Inc (Healthcare Provider, AR) reported a HIPAA breach affecting 101,104 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Florida Attorney General James Uthmeier issued subpoenas to Contec and Epsimed for selling medical devices that transmit patient data to China without adequate security. The companies are accused of violating Florida's Deceptive and Unfair Trade Practices Act by misrepresenting FDA approval and concealing cybersecurity vulnerabilities. The AG seeks damages, civil penalties, and injunctive relief to protect consumers.
Decisely Insurance Services, LLC (Business Associate, GA) reported a HIPAA breach affecting 537,603 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server, Other.
Central Kentucky Radiology (Healthcare Provider, KY) reported a HIPAA breach affecting 166,953 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Southern Connecticut Vascular Center, LLC (Healthcare Provider, CT) reported a HIPAA breach affecting 154,417 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Renkim Corporation (Business Associate, MI) reported a HIPAA breach affecting 105,518 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
The FTC entered into a settlement with U.K.-based payment processor Paddle to resolve allegations that its unfair payment processing practices facilitated tech support scammers operating in Cyprus. Paddle agreed to pay a $5 million monetary penalty as part of the settlement.
$5.0M
Harbin Clinic, LLC (Healthcare Provider, GA) reported a HIPAA breach affecting 176,149 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Attorney General William Tong obtained a $4.93 million judgment against Planet Zaza of East Haven and its owner for persistent illegal cannabis sales in violation of a court order. The court imposed penalties of $5,000 per day for each day of violation and $25,000 per day for violating the temporary injunction, totaling $4.93 million.
$4.9M
Ascension Health (Healthcare Provider, MO) reported a HIPAA breach affecting 437,329 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Onsite Mammography (Business Associate, MA) reported a HIPAA breach affecting 357,265 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
The City of Long Beach, CA (Healthcare Provider, CA) reported a HIPAA breach affecting 258,191 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Bell Ambulance, Inc. (Healthcare Provider, WI) reported a HIPAA breach affecting 237,830 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Endue Software (Business Associate, ME) reported a HIPAA breach affecting 118,028 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Kelly & Associates Insurance Group, Inc. (Business Associate, MD) reported a HIPAA breach affecting 553,332 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Alabama Ophthalmology Associates (Healthcare Provider, AL) reported a HIPAA breach affecting 131,576 individuals. Breach type: Hacking/IT Incident. Location of breached information: Desktop Computer, Network Server.
Dameron Hospital (Healthcare Provider, CA) reported a HIPAA breach affecting 210,706 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Frederick Health (Healthcare Provider, MD) reported a HIPAA breach affecting 934,326 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Community Dental Care, Inc. (Healthcare Provider, MN) reported a HIPAA breach affecting 134,903 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
CDHA Management, LLC and Spark DSO, LLC dba Chord Specialty Dental Partners (Healthcare Provider, TN) reported a HIPAA breach affecting 173,430 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Hillcrest Convalescent Center, Inc. (Healthcare Provider, NC) reported a HIPAA breach affecting 106,194 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Liberty Resources, Inc. (Healthcare Provider, NY) reported a HIPAA breach affecting 103,711 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
All data sourced from official government enforcement pages.