HIPAA Fines Listed by Year

HIPAA Settlements, Fines, and Penalties

HIPAA settlements are hard to keep track of–that’s why we’ve created this simple directory of large-scale HIPAA fines listed by year. All information on HIPAA violation cases is provided by the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) on their HIPAA Resolution Agreements overview.

For the full list of HIPAA breaches and fines, you can visit OCR’s Breach Portal, or “Wall of Shame“. This is where OCR lists the countless other small-scale HIPAA breaches and fines. View our HIPAA fines chart below for the full HIPAA settlements list.

Remember that large-scale settlements are only a fraction of the fines levied by federal investigators every year. Once you’ve had a HIPAA breach, one of the consequences of violating HIPAA is that the name of your practice is permanently listed on The Wall of Shame for violating HIPAA–including the offense, date, and number of individuals affected. Look through this chart for HIPAA violation case examples.

Get Compliant. Avoid Fines.

See how our software helps you avoid fines likes the ones listed below

2023 HIPAA Fines

Date Organization Fine Total OCR Settlement Announcement
1/4/2023

Life Hope Labs

$16,500
2/2/2023 Banner Health $1,250,000
5/8/2023 David Mente, MA, LPC $15,000 HHS Office for Civil Rights Enters Into $15,000 Settlement Resolving Potential HIPAA Violation Under the Right of Access Initiative
5/16/2023 MedEvolve $350,000 OCR Settles HIPAA Investigation with Business Associate
6/5/2023 Manasa Health Center $30,000 HHS Office for Civil Rights Reaches Agreement with Health Care Provider in New Jersey That Disclosed Patient Information in Response to Negative Online Reviews
6/15/2023 Yakima Valley Memorial Hospital $240,000 Employee Snooping Leads to $240,000 HIPAA Fine
6/28/2023 iHealth Solutions $75,000 iHealth Solutions Resolves HIPAA Probe, Pays $75,000 Settlement to HHS Office for Civil Rights
8/24/2023 UnitedHealthcare $80,000 UnitedHealthcare’s $80,000 HIPAA Resolution Unveils Secrets of Patient Medical Records
9/11/23 L.A. Care Health Plan $1,300,000 HHS OCR Achieves Resolution with L.A. Care Health Plan in HIPAA Security Rule Case
10/31/23 Doctors’ Management Services $100,000 OCR Did the Math, 200K Patients Exposed Equals a $100K Fine
11/20/23 St. Joseph’s Medical Center $80,000 HHS Reaches $80K Settlement for PHI Disclosure to News Outlet
12/7/23 Lafourche Medical Group $480,000 HHS Settled First Ever Phishing Investigation with Louisiana Medical Group
12/15/23 Optum Medical Care of New Jersey $160,000 Optum Medical Care Settlement Marks OCR’s 46th Right of Access Enforcement Action
 2023 TOTAL: $4,176,500

2022 HIPAA Fines

Date Organization Fine Total OCR Settlement Announcement
3/28/2022

Dr. Donald Brockley, D.D.M

$30,000
3/28/2022 Dr. U. Phillip Igbinadolor, D.M.D. & Associates, P.A. $50,000
3/28/2022 Jacob and Associates $28,000
3/28/2022 Northcutt Dental $62,500
7/14/2022 Oklahoma State University $875,000 Oklahoma State University – Center for Health Services Pays $875,000 to Settle Hacking Breach
7/15/2022 ACPM Podiatry $100,000 ACPM Podiatry HIPAA Enforcement Action
7/15/2022 Associated Retina Specialists $22,500 Associated Retina Specialists HIPAA Enforcement Action
7/15/2022 Dr. Lawrence Bell, D.D.S. $5,000 Dr. Lawrence Bell, D.D.S. HIPAA Enforcement Action
7/15/2022 Coastal Ear, Nose, and Throat $20,000 Coastal Ear, Nose, and Throat HIPAA Enforcement Action
7/15/2022 Danbury Psychiatric Consultants, LLC $3,500
7/15/2022 Erie County Medical Center Corporation $50,000 Erie County Medical Center Corporation HIPAA Enforcement Action
7/15/2022 Fallbrook Family Health Center $30,000 Fallbrook Family Health Center HIPAA Enforcement Action
7/15/2022 Hillcrest Commons Nursing and Rehabilitation $55,000 Hillcrest Commons Nursing and Rehabilitation HIPAA Enforcement Action
7/15/2022 Melrose Walkefield Healthcare $55,000 Melrose Walkefield Healthcare HIPAA Enforcement Action
7/15/2022 Memorial Hermann Health System $240,000 Memorial Hermann Health System HIPAA Enforcement Action
7/15/2022 Southwest Surgical Associates, LLP $65,000 Southwest Surgical Associates, LLP HIPAA Enforcement Action
8/23/2022 New England Dermatology and Laser Center $300,640 Investigation Leads to $300,640 HIPAA Settlement and Corrective Action Plan
9/20/2022 Family Dental Care $30,000 Trio of Dentist HIPAA Violations Leads to $135,000 in Settlements
9/20/2022 B. Steven L. Hardy, D.D.S. $25,000 Trio of Dentist HIPAA Violations Leads to $135,000 in Settlements
9/20/2022 Great Expressions Dental Center of Georgia $80,000 Trio of Dentist HIPAA Violations Leads to $135,000 in Settlements
12/14/2022 Dr. Brandon Au $23,000 Impermissible disclosure of PHI
12/15/2022 Health Specialists of Central Florida Inc $20,000 HHS Civil Rights Office Resolves HIPAA Right of Access Investigation with $20,000 Settlement
 2022 TOTAL: $2,170,140

2021 HIPAA Fines

Date Organization Fine Total OCR Settlement Announcement
1/12/2021

Banner Health

$200,000 OCR Settles Fourteenth Investigation in HIPAA Right of Access Initiative
1/15/2021 Lifetime Healthcare Companies $5,100,000 Health Insurer Pays $5.1 Million to Settle Data Breach Affecting Over 9.3 Million People
2/10/2021 Renown Health, P.C $75,000 OCR Settles Fifteenth Investigation in HIPAA Right of Access Initiative
2/12/2021 Sharp HealthCare $70,000 OCR Settles Sixteenth Investigation in HIPAA Right of Access Initiative
3/24/2021 Arbour Hospital $65,000 OCR Settles Seventeenth Investigation in HIPAA Right of Access Initiative
3/26/2021 Village Plastic Surgery $30,000 OCR Settles Eighteenth Investigation in HIPAA Right of Access Initiative
5/25/2021 AEON Clinical Laboratories $25,000 Clinical Laboratory Pays $25,000 to Settle Potential HIPAA Security Rule Violations
6/2/2021 The Diabetes, Endocrinology & Lipidology Center $5,000 OCR Settles Nineteenth Investigation in HIPAA Right of Access Initiative
9/10/2021 Children’s Hospital & Medical Center $80,000 OCR Resolves Twentieth Investigation in HIPAA Right of Access Initiative with $80,000 Settlement
11/30/2021 Advanced Spine & Pain Management (ASPM) $32,150
Five enforcement actions hold healthcare providers accountable for HIPAA Right of Access
11/30/2021 Denver Retina Center $30,000 Five enforcement actions hold healthcare providers accountable for HIPAA Right of Access
11/30/2021 Dr. Robert Glaser $100,000 Five enforcement actions hold healthcare providers accountable for HIPAA Right of Access
11/30/2021 Rainrock Treatment Center, LLC dba Monte Nido Rainrock (“Monte Nido $160,000 Five enforcement actions hold healthcare providers accountable for HIPAA Right of Access
11/30/2021 Wake Health Medical Group $10,000 Five enforcement actions hold healthcare providers accountable for HIPAA Right of Access
 2021 TOTAL: $5,980,000

2020 HIPAA Fines

Date Organization Fine Total Link to OCR Settlement
3/3/2020

The practice of Steven A. Porter, M.D

$100,000 Health Care Provider Pays $100,000 Settlement to OCR for Failing to Implement HIPAA Security Rule Requirements
7/23/2020 Metropolitan Community Health Services $25,000 Small Health Care Provider Fails to Implement Multiple HIPAA Security Rule Requirements
7/27/2020 Lifespan Health System $1,040,000 Lifespan Pays $1,040,000 to OCR to Settle Unencrypted Stolen Laptop Breach
9/15/2020 Housing Works, Inc $38,000 OCR Settles Five More Investigations in HIPAA Right of Access Initiative
9/15/2020 All Inclusive Medical Services, Inc $15,000 OCR Settles Five More Investigations in HIPAA Right of Access Initiative
9/15/2020 Beth Israel Lahey Behavioral Services $70,000 OCR Settles Five More Investigations in HIPAA Right of Access Initiative
9/15/2020 King MD $3,500