1,338 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,338
Total Actions
14
Jurisdictions
$50.6B+
Total Fines Tracked
ApolloMD Business Services, LLC (Business Associate, GA) reported a HIPAA breach affecting 626,540 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Minnesota Department of Human Services (Health Plan, MN) reported a HIPAA breach affecting 303,965 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
Illinois Department of Human Services (Health Plan, IL) reported a HIPAA breach affecting 705,017 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Network Server.
Fieldtex Products, Inc. (Business Associate, NY) reported a HIPAA breach affecting 104,071 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Richmond Behavioral Health Authority (Healthcare Provider, VA) reported a HIPAA breach affecting 113,232 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Persante Health Care (Business Associate, NJ) reported a HIPAA breach affecting 111,815 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
VITAS Hospice Services, LLC (Healthcare Provider, FL) reported a HIPAA breach affecting 319,177 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Delta Dental of Virginia (Health Plan, VA) reported a HIPAA breach affecting 126,953 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Fieldtex Products, Inc. (Business Associate, NY) reported a HIPAA breach affecting 238,615 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
California Attorney General Rob Bonta, joined by Connecticut and New York Attorneys General, secured a $5.1 million multistate settlement with edtech company Illuminate Education, Inc. over a 2021 data breach that exposed sensitive personal and medical information of millions of students, including over 434,000 California students. The investigation found Illuminate failed to implement basic security measures, including failing to terminate former employee credentials, lacking suspicious activity monitoring, and unsecured backup databases, as well as making false statements in its privacy policy. Illuminate must pay $3.25 million to California, implement enhanced security practices, and notify the CA DOJ of future student data breaches.
$5.1M
Denton MHMR Center (Healthcare Provider, TX) reported a HIPAA breach affecting 108,967 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Tri Century Eye Care PC (Healthcare Provider, PA) reported a HIPAA breach affecting 200,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Expert MRI (Healthcare Provider, CA) reported a HIPAA breach affecting 209,560 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Northwest Radiologists, Inc./Mount Baker Imaging (Healthcare Provider, WA) reported a HIPAA breach affecting 362,713 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Modernizing Medicine, Inc. (Business Associate, FL) reported a HIPAA breach affecting 198,795 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Brightstar Global Solutions Corporation (Health Plan, RI) reported a HIPAA breach affecting 103,879 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Harbor (Healthcare Provider, OH) reported a HIPAA breach affecting 216,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Doctors Imaging Group (Healthcare Provider, FL) reported a HIPAA breach affecting 171,862 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Medical Associates of Brevard, LLC (Healthcare Provider, FL) reported a HIPAA breach affecting 246,711 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Retina Group of Florida (Healthcare Provider, FL) reported a HIPAA breach affecting 152,691 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
University of Iowa Health Care (Healthcare Provider, IA) reported a HIPAA breach affecting 101,875 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
University of Iowa Community Home Care (Healthcare Provider, IA) reported a HIPAA breach affecting 109,029 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Vital Imaging Medical Diagnostic Centers, LLC (Healthcare Provider, FL) reported a HIPAA breach affecting 260,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Highlands Oncology Group PA (Healthcare Provider, AR) reported a HIPAA breach affecting 111,766 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Alera Group, Inc. (Business Associate, IL) reported a HIPAA breach affecting 155,567 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Cierant Corporation (Business Associate, CT) reported a HIPAA breach affecting 232,506 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Zumpano Patricios, P.A. (Business Associate, FL) reported a HIPAA breach affecting 279,275 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
California Attorney General Rob Bonta announced a $1.55 million settlement with health information website publisher Healthline Media LLC, resolving allegations that the company violated the CCPA and Unfair Competition Law. Violations included failing to honor consumer opt-out requests, sharing sensitive health data with third parties without required privacy protections, and using deceptive consent banners that did not disable tracking cookies. The settlement imposes injunctive terms, compliance requirements, and a civil penalty, marking the largest CCPA settlement to date.
$1.6M
Centers for Medicare & Medicaid Services (Health Plan, MD) reported a HIPAA breach affecting 107,154 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Heartland Regional Medical Center d/b/a Mosaic Life Care (Healthcare Provider, MO) reported a HIPAA breach affecting 145,269 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
All data sourced from official government enforcement pages.