1,338 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,338
Total Actions
14
Jurisdictions
$50.6B+
Total Fines Tracked
Community Hospital of Anaconda (Healthcare Provider, MT) reported a HIPAA breach affecting 21,243 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Instituto de Ojos de Puerto Rico (Healthcare Provider, ) reported a HIPAA breach affecting 50,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Compassion Health Care, Inc. (Healthcare Provider, NC) reported a HIPAA breach affecting 23,282 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Weiser Valley Hospital District dba Weiser Memorial Hospital (Healthcare Provider, ID) reported a HIPAA breach affecting 59,990 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Hunter Health Clinic (Healthcare Provider, KS) reported a HIPAA breach affecting 28,431 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Tri-City Cardiology Consultants, P.C. (Healthcare Provider, AZ) reported a HIPAA breach affecting 22,753 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
The California Privacy Protection Agency (CPPA) settled with Todd Snyder, Inc. for violating the California Consumer Privacy Act (CCPA) by failing to process opt-out requests, requiring excessive information for privacy requests, and improperly verifying identities for opt-outs. The company must pay a $345,178 fine and overhaul its privacy practices, including configuring opt-out mechanisms and providing employee training.
$345K
Anesthesia Associates of Morristown, P.A. (Healthcare Provider, NJ) reported a HIPAA breach affecting 34,675 individuals. Breach type: Improper Disposal. Location of breached information: Paper/Films.
Sonrisas Dental Health (Healthcare Provider, CA) reported a HIPAA breach affecting 15,644 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Family Christian Health Center (Healthcare Provider, IL) reported a HIPAA breach affecting 12,500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Cache Valley Ear Nose & Throat (Healthcare Provider, UT) reported a HIPAA breach affecting 26,469 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Drug and Alcohol Treatment Services, Inc. (Healthcare Provider, PA) reported a HIPAA breach affecting 22,215 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Orthopaedic Specialists of Connecticut (Healthcare Provider, CT) reported a HIPAA breach affecting 22,541 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Blue Cross and Blue Shield of Texas (Health Plan, IL) reported a HIPAA breach affecting 12,086 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other.
Parc Provence Memory Care Facility (Healthcare Provider, MO) reported a HIPAA breach affecting 13,954 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
The Gatesworth Senior Living St. Louis (Healthcare Provider, MO) reported a HIPAA breach affecting 31,124 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Cabot Medical Care (Healthcare Provider, AR) reported a HIPAA breach affecting 21,467 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Hamilton County Government (Healthcare Provider, TN) reported a HIPAA breach affecting 14,081 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
True Dental Care For Kids and Adults LLC (Healthcare Provider, PA) reported a HIPAA breach affecting 17,640 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Health Services LLC (Healthcare Provider, OH) reported a HIPAA breach affecting 75,906 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Central District Health Department of Nebraska (Healthcare Provider, NE) reported a HIPAA breach affecting 58,519 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Gardner Health Services (Healthcare Provider, CA) reported a HIPAA breach affecting 26,000 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Family Centers, Inc. (Healthcare Provider, CT) reported a HIPAA breach affecting 12,142 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Western Wayne Family Physicians (Healthcare Provider, MI) reported a HIPAA breach affecting 62,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Concord Orthopaedics (Healthcare Provider, NH) reported a HIPAA breach affecting 72,815 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Fyzical Acquisition Holdings, LLC (Business Associate, FL) reported a HIPAA breach affecting 43,045 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
MedRevenu, LLC (Business Associate, CA) reported a HIPAA breach affecting 17,775 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Mid Florida Primary Care, PA (Healthcare Provider, FL) reported a HIPAA breach affecting 16,435 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
New York Attorney General Letitia James reached a $975,000 settlement with Root Insurance Company over a data breach that exposed the personal information of approximately 45,000 New York residents. The breach, discovered in January 2021, stemmed from Root’s inadequate data security measures, including unencrypted driver’s license numbers in quote PDFs and insufficient controls against automated attacks. In addition to the monetary penalty, Root must implement enhanced data security measures including a comprehensive information security program, data inventory, and monitoring systems.
$975K
Heart to Heart Hospice Holdings, LLC (Healthcare Provider, TX) reported a HIPAA breach affecting 19,034 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
All data sourced from official government enforcement pages.