1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
BMG of Kansas, Inc. (Health Plan, KS) reported a HIPAA breach affecting 1,327 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Manhattan Retirement Foundation d/b/a Meadowlark Hills (Healthcare Provider, KS) reported a HIPAA breach affecting 14,442 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
AltaMed Health Services Corporation (Healthcare Provider, CA) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Commonwealth Care Alliance (Health Plan, MA) reported a HIPAA breach affecting 634 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Couve Healthcare Consulting, LLC DBA Evergreen Healthcare Group (Business Associate, WA) reported a HIPAA breach affecting 11,795 individuals. Breach type: Hacking/IT Incident. Location of breached information: Electronic Medical Record.
Weill Cornell Medicine (Healthcare Provider, NY) reported a HIPAA breach affecting 516 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
QualDerm Partners, LLC (Healthcare Provider, TN) reported a HIPAA breach affecting 3,117,874 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
The Center for Advanced Eye Care (Healthcare Provider, ME) reported a HIPAA breach affecting 9,300 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server, Other.
Option Care Health, Inc. (Healthcare Provider, IL) reported a HIPAA breach affecting 2,086 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Connecticut Attorney General William Tong submitted testimony in support of genetic privacy legislation that would grant residents exclusive control over their DNA and genetic data. The legislation is inspired by his office's investigation into 23andMe's data breach affecting over six million customers and the company's subsequent bankruptcy. The bill requires express consent for DNA use, imposes security measures, and prohibits marketing use of DNA.
VNS Behavioral Health Inc. (“VNS Health”) (Healthcare Provider, NY) reported a HIPAA breach affecting 739 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Emanuel Medical Center (Healthcare Provider, GA) reported a HIPAA breach affecting 28,963 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
44North (Business Associate, MI) reported a HIPAA breach affecting 2,158 individuals. Breach type: Hacking/IT Incident. Location of breached information: Desktop Computer.
Easterseals Northeast Indiana (Healthcare Provider, IN) reported a HIPAA breach affecting 3,158 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Wee Care Pediatrics, LLC (Healthcare Provider, UT) reported a HIPAA breach affecting 2,127 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
National Association on Drug Abuse Problems (Healthcare Provider, NY) reported a HIPAA breach affecting 90,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Cedar Valley Services (Healthcare Provider, MN) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Academic Urology & Urogynecology of Arizona (Healthcare Provider, AZ) reported a HIPAA breach affecting 73,281 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Resource Corporation of America (Business Associate, TX) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Communications Workers of America Local 1180 Security Benefits Fund (Health Plan, NY) reported a HIPAA breach affecting 18,550 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record, Other.
VPS Medical PLLC (Healthcare Provider, PA) reported a HIPAA breach affecting 4,600 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Cedar Point Health, LLC (Healthcare Provider, CO) reported a HIPAA breach affecting 23,114 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
University Spine Center (Healthcare Provider, NJ) reported a HIPAA breach affecting 582 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server, Other.
Alexes Hazen MD, PLLC (Healthcare Provider, NY) reported a HIPAA breach affecting 500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email, Network Server.
Texas Attorney General Ken Paxton issued Civil Investigative Demands to Blue Cross Blue Shield of Texas and Conduent Business Services LLC as part of an investigation into a data breach that exposed the protected health information of approximately four million Texans. The breach, which occurred between October 21, 2024 and January 13, 2025, is believed to be the largest in U.S. history. The investigation focuses on Conduent's security measures and BCBS's compliance with state data protection laws.
Texas Attorney General Ken Paxton issued Civil Investigative Demands to Blue Cross Blue Shield of Texas and Conduent Business Services LLC as part of an investigation into a massive data breach at Conduent that exposed the protected health information of approximately four million Texans. The breach occurred between October 21, 2024 and January 13, 2025, affecting Texas Medicaid recipients and other residents. The AG's office is investigating the security failures and compliance with Texas law.
First Choice Community Home Care, Inc. (Healthcare Provider, TX) reported a HIPAA breach affecting 725 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
BlueCross BlueShield of Tennessee, Inc. (Business Associate, TN) reported a HIPAA breach affecting 1,670 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
ApolloMD Business Services, LLC (Business Associate, GA) reported a HIPAA breach affecting 626,540 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Five Star Home Health, Inc. (Healthcare Provider, OK) reported a HIPAA breach affecting 1,575 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
All data sourced from official government enforcement pages.