1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
ApolloMD Business Services, LLC (Business Associate, GA) reported a HIPAA breach affecting 626,540 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Minnesota Department of Human Services (Health Plan, MN) reported a HIPAA breach affecting 303,965 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
Illinois Department of Human Services (Health Plan, IL) reported a HIPAA breach affecting 705,017 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
Fieldtex Products, Inc. (Business Associate, NY) reported a HIPAA breach affecting 104,071 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Richmond Behavioral Health Authority (Healthcare Provider, VA) reported a HIPAA breach affecting 113,232 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Persante Health Care (Business Associate, NJ) reported a HIPAA breach affecting 111,815 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
VITAS Hospice Services, LLC (Healthcare Provider, FL) reported a HIPAA breach affecting 319,177 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Delta Dental of Virginia (Health Plan, VA) reported a HIPAA breach affecting 126,953 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Fieldtex Products, Inc. (Business Associate, NY) reported a HIPAA breach affecting 238,615 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Illuminate Education, Inc. suffered a data breach in 2021 due to security failures, exposing sensitive student data including medical conditions across millions of students. The company has agreed to pay $5.1 million in settlements to California, Connecticut, and New York and implement injunctive relief to strengthen data security practices.
$5.1M
Connecticut Attorney General William Tong, along with California and New York Attorneys General, settled with Illuminate Education, Inc. for failing to protect student data in a breach that exposed personal information of millions of students. The settlement, the first under Connecticut's Student Data Privacy Law, requires Illuminate to pay $5.1 million and implement enhanced cybersecurity measures.
$5.1M
New York, California, and Connecticut attorneys general reached a $5.1 million settlement with educational technology company Illuminate Education, Inc. for failing to protect student data, resulting in a 2022 breach exposing millions of students’ personal information. The investigation found Illuminate failed to implement basic security measures including data encryption, suspicious activity monitoring, and proper decommissioning of inactive user accounts, and did not delete student data when required by contracts. Illuminate must pay the penalty and implement enhanced data security measures including a comprehensive information security program, encryption of student data, and annual notice to schools about data collection and deletion options.
$5.1M
Denton MHMR Center (Healthcare Provider, TX) reported a HIPAA breach affecting 108,967 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Tri Century Eye Care PC (Healthcare Provider, PA) reported a HIPAA breach affecting 200,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Expert MRI (Healthcare Provider, CA) reported a HIPAA breach affecting 209,560 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Northwest Radiologists, Inc./Mount Baker Imaging (Healthcare Provider, WA) reported a HIPAA breach affecting 362,713 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Modernizing Medicine, Inc. (Business Associate, FL) reported a HIPAA breach affecting 198,795 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Brightstar Global Solutions Corporation (Health Plan, RI) reported a HIPAA breach affecting 103,879 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Harbor (Healthcare Provider, OH) reported a HIPAA breach affecting 216,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Doctors Imaging Group (Healthcare Provider, FL) reported a HIPAA breach affecting 171,862 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Medical Associates of Brevard, LLC (Healthcare Provider, FL) reported a HIPAA breach affecting 246,711 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Retina Group of Florida (Healthcare Provider, FL) reported a HIPAA breach affecting 152,691 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
University of Iowa Health Care (Healthcare Provider, IA) reported a HIPAA breach affecting 101,875 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
University of Iowa Community Home Care (Healthcare Provider, IA) reported a HIPAA breach affecting 109,029 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Vital Imaging Medical Diagnostic Centers, LLC (Healthcare Provider, FL) reported a HIPAA breach affecting 260,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Highlands Oncology Group PA (Healthcare Provider, AR) reported a HIPAA breach affecting 111,766 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Alera Group, Inc. (Business Associate, IL) reported a HIPAA breach affecting 155,567 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Cierant Corporation (Business Associate, CT) reported a HIPAA breach affecting 232,506 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Zumpano Patricios, P.A. (Business Associate, FL) reported a HIPAA breach affecting 279,275 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Centers for Medicare & Medicaid Services (Health Plan, MD) reported a HIPAA breach affecting 107,154 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
All data sourced from official government enforcement pages.