Breach feed · live
Gay & Lesbian Community Services Center of Orange County Inc · WA · 1,249 affected · breachJASON R EGBERT OD PC · WA · 1,225 affected · hacking/it incidentWellPoint (Independent Clinics of Washington, Elevance Health) · WA · 12,017 affected · breachUnnamed Entity · IN · 1 affected · unknownNetworking Technology, Inc. (RXNT) · WA · 4,480 affected · breachIMA Diligence Services, LLC · WA · 1,977 affected · breachUnited Medical Doctors · CA · 501 affected · hacking/it incidentWellmark Health Insurance · IA · 6,666 affected · unauthorized access/disclosureMCNA Dental · IN · 8,900,000 affected · hackingSpokane Digestive Disease Center, P.S. · WA · 2,093 affected · breach
Fri, Jun 19, 2026
Vol. 1 · No. 25Friday, June 19, 2026Edition: National

HIPAA Pulse.

Breach intelligence · HIPAA news · Prevention
From Patient Protect
Live data · Updated nightly

Breach intelligence tracker

Every HIPAA breach reported to HHS OCR, every State AG notification we can parse, every OCR enforcement action, and the FTC and CISA filings adjacent to healthcare. Maintained by Patient Protect Research and free to use with attribution.

Incidents reported
208
Last 30 days, all sources
Individuals affected
6372.28M
Cumulative across the archive
Confirmed breaches
58%
2,775 of 4,788 incidents
Total in archive
4,788
All-time tracked

Recent breaches

Back to newsroom →
OrganizationStateRecordsVectorSourceReported
Virta Medical PCCABreachState AGJun 12
Clinical Registry SolutionsCABreachState AGJun 11
Gay & Lesbian Community Services Center of Orange County IncWA1,249BreachState AGJun 5
WellPoint (Independent Clinics of Washington, Elevance Health)WA12,017BreachState AGJun 2
JASON R EGBERT OD PCWA1,225Hacking/IT IncidentHHS OCRJun 10
Unnamed EntityIN1UnknownState AGJun 1
Indiana Family and Social Services Administration (FSSA)INIT IncidentState AGJun 1
Indiana Attorney GeneralINHackingState AGJun 1
United Medical DoctorsCA501Hacking/IT IncidentHHS OCRJun 17
IMA Diligence Services, LLCWA1,977BreachState AGMay 29
Networking Technology, Inc. (RXNT)WA4,480BreachState AGMay 29
Wellmark Health InsuranceIA6,666Unauthorized Access/DisclosureHHS OCRJun 5
ERMI LLCCABreachState AGMay 26
Spokane Digestive Disease Center, P.S.WA2,093BreachState AGMay 26
MCNA DentalIN8,900,000HackingState AGMay 26
Virta Medical PCCO14,636Hacking/IT IncidentHHS OCRJun 16
Southern Illinois Ob-Gyn Associates, S.C.IL38,700Hacking/IT IncidentHHS OCRJun 3
Equinix Incorporated Group Health and Welfare Benefit PlanCA677Hacking/IT IncidentHHS OCRJun 4
Gastro HealthFL1,628Hacking/IT IncidentHHS OCRJun 16
AUTOAPS LLCCA1,591Hacking/IT IncidentHHS OCRJun 10
Oakwood Lutheran Senior Ministries, Inc.WI1,080Hacking/IT IncidentHHS OCRJun 17
Nottingham VillagePA5,240Hacking/IT IncidentHHS OCRJun 16
DentaQuestMA3,086Unauthorized Access/DisclosureHHS OCRJun 9
Acadia Healthcare Company, IncTN1,807Hacking/IT IncidentHHS OCRJun 10
Connecticut Department of Social ServicesCT22,500Hacking/IT IncidentHHS OCRJun 9

Recent OCR enforcement

Resolution agreements, civil money penalties, corrective action plans
OrganizationStateRecordsVectorSourceReported
Texas Medical PracticeTX1EnforcementOCR EnforcementDec 6
New York Medical PracticeNY1EnforcementOCR EnforcementNov 8
California Medical PracticeCA1EnforcementOCR EnforcementOct 18
Lovelace Health SystemNM1,900,000EnforcementOCR EnforcementSep 20
Allegheny Health NetworkPA10,000EnforcementOCR EnforcementAug 9
Eye Care LeadersNC3,000,000EnforcementOCR EnforcementAug 1
Perry Memorial HospitalIL1EnforcementOCR EnforcementJun 14
Anthem, Inc.IN78,800,000EnforcementOCR EnforcementJun 1

Using this data in your reporting

For journalists, researchers, and compliance teams

Quote the tracker directly with attribution: cite HIPAA Pulse breach intelligence tracker, hipaapulse.com/tracker and link back. Limited verbatim quotation under fair use is fine; bulk reproduction, scraping, or use of the underlying data compilation in a derivative product is not (see our Terms).

Embeddable widgets are available under license to qualifying outlets. Email editor@hipaapulse.com with your publication, intended use, and audience size.

For the full multi-source dashboard with severity scoring, geographic mapping, entity intelligence, and enforcement analytics, see Patient Protect’s breach dashboard →

Suggested citation
HIPAA Pulse breach intelligence tracker. Patient Protect Research, retrieved June 19, 2026. hipaapulse.com/tracker

Methodology

The HIPAA Pulse breach tracker pulls from five public-record data streams that together form a near-complete picture of healthcare cybersecurity incidents. Each row in the tracker originates in a regulator filing, an enforcement action, or a government advisory — never an unverified claim.

Sources

HHS OCR Breach Portal Primary
The U.S. Department of Health and Human Services, Office for Civil Rights maintains the official Breach Notification Portal. Under HIPAA, covered entities must report breaches affecting 500 or more individuals. This is the most authoritative federal source for healthcare breach data.
State Attorney General notifications Primary
State AGs receive breach notifications under state-level data breach laws. Many states require notification for breaches smaller than the federal 500-person threshold, making AG data a critical supplement that often surfaces weeks before the federal portal updates.
OCR enforcement actions Regulatory
Resolution Agreements (negotiated settlements), Civil Money Penalties, and Corrective Action Plans imposed on covered entities for HIPAA violations. Enforcement data identifies which breaches led to regulatory consequences and the financial penalties that followed.
FTC Health Breach Notification Rule Regulatory
The Federal Trade Commission enforces the HBNR for entities that handle health data outside HIPAA’s jurisdiction — consumer health apps, wearable device makers, and non-HIPAA-covered services. FTC data captures healthcare-adjacent breaches the OCR portal does not.
CISA medical-device advisories Cyber
The Cybersecurity and Infrastructure Security Agency publishes advisories for vulnerabilities in medical devices and healthcare IT systems. Advisories include CVE identifiers, CVSS scores, affected products, and patch availability. They are leading indicators — flagged here as advisories, not breaches, until confirmed exploitation appears in HHS or AG filings.

What we exclude from the public tracker

The platform behind this tracker also ingests two streams we do not publish here: modeled breach projections (statistically inferred from leading indicators) and internal Patient Protect Network reports (community-reported incidents from the Patient Protect platform). These belong in compliance tooling, not in a public publication. The HIPAA Pulse tracker is restricted to incidents with public-record provenance: a regulator filing, an enforcement record, or a government advisory.

Severity, scoring, and reporting lag

Each incident carries a severity score (0–100) computed from individuals affected (35%), attack vector risk (25%), entity criticality (15%), enforcement history (10%), and source confidence (15%). Source confidence is highest for HHS OCR (95%) and FTC (90%); lower for unconfirmed sources. The dashed boundary between “moderate” and “high” severity in the table reflects the platform’s standard 60-point cutoff used in the Patient Protect breach dashboard.

Reporting lag — the gap between breach discovery and regulator notification — varies widely. HIPAA requires notification within 60 days, but many filings arrive later. The tracker shows the regulator-reported date, not the discovery date; lag analysis lives in the full breach dashboard.

Source links

HHS OCR Breach Portal → · FTC Health Breach Notification Rule → · CISA healthcare advisories → · Patient Protect breach dashboard →