The stolen patient records include patient names, dates of birth and Social Security numbers over a span of years.
If convicted of violating the HIPAA statute, the accused faces a maximum sentence ofAs in other recent cases of insider theft, it was not the hospital that detected the theft of 4,000 patient records. It appears to have been the Alabaster Police Department, U.S. Postal Inspectors, and the U.S. Secret Service who tracked the trail back to the hospital.
10 years in prison and a $250,000 fine.
Download a white paper on medical records privacy breach detection as a service. Learn how an on-demand, pay-per-use service can cost effectively address the HIPAA/HITECH privacy and security rules - with no hardware and no on-site software.In addition the accused was indicted for possessing stolen mail, attempting to commit bank fraud, misusing someone else’s Social Security number, and aggravated identity theft.
“The perpetrator crossed a barrier where the American public trusted a healthcare provider with personal information." - Martin D. Phanco, Postal Inspector, Atlanta DivisionTrinity Medical Center, formerly Baptist Montclair Hospital, is notifying patients whose personal information was stolen.
A defendant is presumed innocent of the charges and it will be the government’s burden to prove a defendant’s guilt beyond a reasonable doubt at trial.
(a) U.S. Postal Inspectors Arrest Woman On Charges Of Stealing Hospital Patient Information - US Attorney's Office, Northern Disctrict of Alabama, June 3, 2011
(b) Alabaster Woman Indicted For Stealing Hospital Patient Information - US Attorney's Office, Northern District of Alabama, June 28, 2011