Just recently reported is the theft from an employee vehicle with a backup of Cancer Care Group's 55,000 patients' information - including names, addresses, birth dates, Social Security numbers,medical record numbers and insurance information for patients as well as simliar informaiton on the employees who work for this oncology practice. See indystar.com.
There have been 75 breaches involving 500 or more individuals investigated and closed in 2012 by the OCR "as well as the names of private practice providers who have reported breaches of unsecured protected health information to the Secretary" (based on publicly available information as of 8/30/2012). OCR stands for Office for Civil Rights, the enforcer of HIPAA violations.
See this summary of the health care providers at this link.