1,338 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,338
Total Actions
14
Jurisdictions
$50.6B+
Total Fines Tracked
County of Catawba (Health Plan, NC) reported a HIPAA breach affecting 500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Dermatology Associates of Concord (Healthcare Provider, MA) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Marrs Ear, Nose & Throat, PA (Healthcare Provider, FL) reported a HIPAA breach affecting 6,376 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
St. John’s Riverside Hospital (Healthcare Provider, NY) reported a HIPAA breach affecting 2,238 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
West Suburban Eye Surgery Center LLC (Business Associate, MA) reported a HIPAA breach affecting 500 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
Connecticut Attorney General William Tong filed an expanded complaint against Altice/Optimum Online for deceptive advertising and hidden 'Network Enhancement' fees that collected at least $39.1 million from consumers. The company allegedly misled customers with 'price for life' deals while burying fees in fine print and targeting Spanish speakers with English-only disclosures. The complaint seeks penalties and disgorgement under the Connecticut Unfair Trade Practices Act.
The Chase Group Employee Benefit Plan (Health Plan, NM) reported a HIPAA breach affecting 817 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Archer Health (Healthcare Provider, CA) reported a HIPAA breach affecting 4,285 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Tampa Bay Treatment Associates (Healthcare Provider, FL) reported a HIPAA breach affecting 3,682 individuals. Breach type: Theft. Location of breached information: Electronic Medical Record.
Incyte Pathology, P.S. (Healthcare Provider, WA) reported a HIPAA breach affecting 629 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
California Attorney General Rob Bonta issued an informational bulletin summarizing new responsibilities under SB 81, which expands protections for immigrants' medical information by designating immigration status as protected data under the Confidentiality of Medical Information Act (CMIA) and restricts immigration enforcement access to non-public areas of healthcare facilities.
Judson Center (Healthcare Provider, MI) reported a HIPAA breach affecting 976 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
California Attorney General Rob Bonta joined 15 attorneys general in filing an amicus brief to limit a U.S. DOJ subpoena seeking medical records of transgender youth from Children's Hospital of Philadelphia, arguing it violates patient privacy and could intimidate providers of gender-affirming care.
Connecticut Attorney General William Tong is expanding an inquiry into high grocery prices by sending letters to major food distributors and retailers. The inquiry found no evidence of price gouging at the retail level but will now investigate the supply chain for potential unfair profiteering. The AG also cited factors like tariffs and SNAP cuts that contribute to high prices.
Hale Makua Health Services (Healthcare Provider, HI) reported a HIPAA breach affecting 500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Texas Attorney General Ken Paxton opened an investigation into Lorex Technology Inc. for allegedly deceptively selling security cameras with components from CCP-linked Dahua, posing privacy and national security risks. The investigation will determine if Lorex misrepresented the cameras as secure and safe for residential use despite known supply chain vulnerabilities and federal restrictions on Dahua products.
Better Vision Eyecare, LLC (Healthcare Provider, AZ) reported a HIPAA breach affecting 501 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
Health Management Systems of America (Healthcare Provider, MI) reported a HIPAA breach affecting 4,213 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
The California Attorney General conducted an investigation into OpenAI's recapitalization plan and secured a memorandum of understanding ensuring charitable assets are used for their intended purpose, safety is prioritized, and OpenAI remains in California. The AG will not oppose the plan and will monitor ongoing adherence to these commitments.
REACH, Inc (Healthcare Provider, AK) reported a HIPAA breach affecting 1,195 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
VirMedice, LLC (Business Associate, AZ) reported a HIPAA breach affecting 1,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Physicians to Children & Adolescents (Healthcare Provider, KY) reported a HIPAA breach affecting 9,536 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Southwest Urology (Healthcare Provider, OH) reported a HIPAA breach affecting 1,310 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Fairbanks Urology (Healthcare Provider, AK) reported a HIPAA breach affecting 1,446 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Saint Mary’s Home of Erie (Healthcare Provider, PA) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Michael R. Schwartz, MD Inc. (Healthcare Provider, CA) reported a HIPAA breach affecting 9,080 individuals. Breach type: Hacking/IT Incident. Location of breached information: Desktop Computer.
Legacy Health, LLC (Business Associate, TX) reported a HIPAA breach affecting 6,547 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
Express Canna Cards, LLC (Healthcare Provider, FL) reported a HIPAA breach affecting 5,000 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
New York Attorney General Letitia James settled with public accounting firm Wojeski & Company over two data breaches in 2023 and 2024 that exposed personal information of over 4,700 New York residents, including social security numbers and medical benefits. The firm failed to implement adequate data security measures, did not encrypt sensitive data, and delayed notifying affected consumers of the breaches for over a year. Wojeski must pay $60,000 in penalties and implement enhanced cybersecurity measures including encryption, incident response plans, and employee training.
$60K
North Atlantic States Carpenters Health Benefits Fund (Health Plan, MA) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
All data sourced from official government enforcement pages.