1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
Legacy Health, LLC (Business Associate, TX) reported a HIPAA breach affecting 6,547 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
Express Canna Cards, LLC (Healthcare Provider, FL) reported a HIPAA breach affecting 5,000 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
New York Attorney General Letitia James settled with public accounting firm Wojeski & Company over two data breaches in 2023 and 2024 that exposed personal information of over 4,700 New York residents, including social security numbers and medical benefits. The firm failed to implement adequate data security measures, did not encrypt sensitive data, and delayed notifying affected consumers of the breaches for over a year. Wojeski must pay $60,000 in penalties and implement enhanced cybersecurity measures including encryption, incident response plans, and employee training.
$60K
North Atlantic States Carpenters Health Benefits Fund (Health Plan, MA) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Modernizing Medicine, Inc. (Business Associate, FL) reported a HIPAA breach affecting 198,795 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Heartland Health Center (Healthcare Provider, NE) reported a HIPAA breach affecting 43,728 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
River City Eye Care, LLC (Healthcare Provider, OR) reported a HIPAA breach affecting 6,588 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Coalesce, LLC dba Benefitelect (Business Associate, AZ) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Visiting Nurse Association of Texas, LLC (Healthcare Provider, TX) reported a HIPAA breach affecting 28,515 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Texas Attorney General Ken Paxton secured a settlement agreement with Austin Diagnostic Clinic to end its policy of restricting parental access to children’s electronic health records. The agreement requires the clinic to provide parents with full, real-time access to their children’s medical information except where restricted by state or federal law, and the AG will monitor compliance.
Conduent Business Services LLC (Business Associate, NJ) reported a HIPAA breach affecting 42,616 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Wellpoint, Inc. (Business Associate, IN) reported a HIPAA breach affecting 579 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
OB-GYN Associates, Ltd. dba OBGYN Associates (Healthcare Provider, NV) reported a HIPAA breach affecting 62,238 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Cardiovascular Medicine Associates (doing business as MyCardiologist) (Healthcare Provider, FL) reported a HIPAA breach affecting 2,248 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Space Coast Vascular (Healthcare Provider, FL) reported a HIPAA breach affecting 18,819 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Sierra Vista Hospital & Clinics (Healthcare Provider, NM) reported a HIPAA breach affecting 75,054 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Harris County Hospital District d/b/a Harris Health (Healthcare Provider, TX) reported a HIPAA breach affecting 5,357 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
Brightstar Global Solutions Corporation (Health Plan, RI) reported a HIPAA breach affecting 103,879 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Arizona Health Care Cost Containment System- State Medicaid Agency (Health Plan, AZ) reported a HIPAA breach affecting 3,177 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
Florida Health Sciences Center, Inc (Healthcare Provider, FL) reported a HIPAA breach affecting 896 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Harbor (Healthcare Provider, OH) reported a HIPAA breach affecting 216,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Weekend Health, LLC (Business Associate, NY) reported a HIPAA breach affecting 1,643 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
Blue Shield of California (Business Associate, CA) reported a HIPAA breach affecting 607 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Belkorp Ag, LLC (Health Plan, CA) reported a HIPAA breach affecting 942 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Gainwell Technologies LLC (Business Associate, TX) reported a HIPAA breach affecting 912 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other.
VIVA Health (Health Plan, AL) reported a HIPAA breach affecting 4,945 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other.
Intercommunity Action Inc. (Healthcare Provider, PA) reported a HIPAA breach affecting 2,680 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Rockhill Women’s Care (Healthcare Provider, MO) reported a HIPAA breach affecting 70,129 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Susan B. Allen Memorial Hospital (Healthcare Provider, KS) reported a HIPAA breach affecting 11,866 individuals. Breach type: Hacking/IT Incident. Location of breached information: Desktop Computer, Network Server.
Doctors Imaging Group (Healthcare Provider, FL) reported a HIPAA breach affecting 171,862 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
All data sourced from official government enforcement pages.