1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
Elmore County (Healthcare Provider, ID) reported a HIPAA breach affecting 931 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Kelley Drye & Warren LLP (Business Associate, NY) reported a HIPAA breach affecting 771 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Texas Attorney General Ken Paxton filed a lawsuit in the 23andMe bankruptcy case to prevent the sale of Texans' genetic data without proper consent. The action seeks to confirm Texans' property rights over their genetic information under the Texas Data Privacy and Security Act and the Texas Direct-to-Consumer Genetic Testing Act. The AG argues that 23andMe's proposed asset sale would violate Texas law requiring separate express consent for disclosure of genetic information.
Clarkston Chiropractic Sports & Wellness (Healthcare Provider, MI) reported a HIPAA breach affecting 2,757 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
New York Attorney General Letitia James, joined by 27 other state attorneys general and the District of Columbia, filed a lawsuit against 23andMe to block the company’s planned sale of 15 million customers’ genetic and health data without their consent or knowledge. The coalition argues 23andMe must comply with state laws requiring express informed consent for the sale or transfer of sensitive genetic data. The lawsuit seeks to prevent misuse, exposure in future breaches, and unauthorized use of customers’ private genetic information.
Repay Management Services, LLC (Health Plan, GA) reported a HIPAA breach affecting 606 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Blue Shield of California (Business Associate, CA) reported a HIPAA breach affecting 1,543 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other.
Centivo Corporation (Business Associate, GA) reported a HIPAA breach affecting 630 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
Public Health Trust of Miami Dade County DBA Jackson Health System (Healthcare Provider, FL) reported a HIPAA breach affecting 2,599 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
Sharp HealthCare (Healthcare Provider, CA) reported a HIPAA breach affecting 500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
NYC Health + Hospitals (Healthcare Provider, NY) reported a HIPAA breach affecting 5,728 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Jupiter Family Medicine PC (Healthcare Provider, MI) reported a HIPAA breach affecting 3,000 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Horizon Blue Cross Blue Shield NJ (Health Plan, NJ) reported a HIPAA breach affecting 781 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Upper Dublin Family Dentistry (Healthcare Provider, PA) reported a HIPAA breach affecting 5,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Mary B. Toporcer, MD, P.C. (Healthcare Provider, PA) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
The Smith Institute for Urology (Healthcare Provider, NY) reported a HIPAA breach affecting 2,263 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Desktop Computer.
Erlanger Health (Healthcare Provider, TN) reported a HIPAA breach affecting 3,371 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Cahaba Center for Mental Health (Healthcare Provider, AL) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
NHPP Physical Medicine and Rehabilitation (Healthcare Provider, NY) reported a HIPAA breach affecting 1,353 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other.
Sports Physical Therapy, Occupational Therapy and Rehabilitation Services of the North Shore, P.L.L.C (Healthcare Provider, NY) reported a HIPAA breach affecting 6,195 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other.
Access2Day Health (Business Associate, LA) reported a HIPAA breach affecting 4,908 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Connections for Kids (Healthcare Provider, ME) reported a HIPAA breach affecting 938 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Insulet Corporation (Healthcare Provider, MA) reported a HIPAA breach affecting 841 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
Mercy Surgical Dressing Group, Inc. (Business Associate, PA) reported a HIPAA breach affecting 4,159 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Doctors Hospital at Renaissance, LTD (Healthcare Provider, TX) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
CareNexa, LLC, doing business as Molecular Testing Labs (Healthcare Provider, WA) reported a HIPAA breach affecting 7,711 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Anne Arundel County Department of Health (Healthcare Provider, MD) reported a HIPAA breach affecting 500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
HopeHealth, Inc. (Healthcare Provider, SC) reported a HIPAA breach affecting 5,823 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Union County Children and Youth Services (Healthcare Provider, PA) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
CVS Caremark (Business Associate, RI) reported a HIPAA breach affecting 2,599 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
All data sourced from official government enforcement pages.