The HHS Office for Civil Rights breach portal lists 2 large HIPAA breach submissions with a breach submission date of July 1, 2026. Combined, these filings report 12,394 individuals affected nationally (not state-resident totals).
The largest filing — Wisconsin Department of Health Services (WI) — accounts for 8,157 individuals in this batch. See our live HIPAA / HHS OCR statistics and healthcare AG tracker for broader context.
July month-to-date now totals 2 OCR submissions covering 12,394 individuals dated through July 1, 2026 on the under-investigation portal view.
Submissions Dated July 1, 2026
| Organization | State | Entity Type | Individuals | Breach Type | Submitted |
|---|---|---|---|---|---|
| Wisconsin Department of Health Services | WI | Health Plan | 8,157 | Unauthorized Access/Disclosure | 07/01/2026 |
| Erlanger Health | TN | Healthcare Provider | 4,237 | Unauthorized Access/Disclosure | 07/01/2026 |
OCR lists breaches affecting 500 or more individuals. Submission dates reflect when the covered entity reported to OCR; investigation status and counts can change as the portal updates.
Independent Cybersecurity Audits
EmailMeNow domain audits on July 1, 2026 scored 2 filer domains in this batch.
2 of 2 show 15% Transport Security or below — a recurring gap that makes spoofed breach-notification email easier to deliver.
Erlanger Health (erlanger.org) leads at 62% overall; Wisconsin Department of Health Services (dhs.wisconsin.gov) scores 54%.
Pattern: Scores below the 100% ideal on identity or transport still leave room for spoofed incident-response email — even when website headers score higher.
| Organization | Domain | Overall | Identity | Transport | Website | Risk |
|---|---|---|---|---|---|---|
| Wisconsin Department of Health Services | dhs.wisconsin.gov | 54% | 50% | 15% | 45% | Average |
| Erlanger Health | erlanger.org | 62% | 70% | 15% | 45% | Above Average |
Audit links: dhs.wisconsin.gov · erlanger.org
Website stack note
- Wisconsin Department of Health Services (
dhs.wisconsin.gov): Drupal major version behind (reports 10; current major is 11.4.2)
Related trackers
- HIPAA / HHS OCR statistics
- Healthcare AG breach tracker
- Texas healthcare breaches (2026)
- All state AG trackers
- Breach monitoring guide
- Washington healthcare breaches (2026)
- Washington law firm breaches (2026)
- CA July roundup
- TX July roundup
- WA May roundup
- TX Parks breach
- Have I Been Pwned
- HIBP July roundup
- HHS OCR July roundup
Source: HHS OCR Breach Portal