In mid-November 2022, five former Tenessee Methodist Hospital employees were indicted by a federal grand jury for conspiring to disclose protected health information (PHI) in violation of the Health Insurance Portability and Accountability Act (HIPAA).
Methodist Hospital employees were allegedly paid for names and personal information of Methodist patients who had been involved in motor vehicle accidents. The patient information was then sold to personal injury lawyers and chiropractors.
“HIPAA’s provisions make it a crime to disclose patient information, or to obtain patient information with the intent to sell, transfer or use such information for personal gain,” the press release stated.
See more: HIPAA stands for…
Harvey was charged with seven counts of “obtaining patient information with the intent to sell it for financial gain on various dates between November 12, 2017, and September 7, 2019.”
The U.S. Attorney's office stated that “Each of those charges carries a maximum penalty of 10 years’ imprisonment, a fine of $250,000 and three years’ of supervised release.”
He was also charged with conspiracy which “carries a maximum penalty of five years imprisonment, a fine of $250,000 and three-year period of supervised release.
The five former employees were each charged with HIPAA violations. That charge “carries a maximum penalty of one year imprisonment, a $50,000 fine and a one-year period of supervised release.”
Rachel Powers Doyle, spokesperson for the hospital, issued this statement:
“At Methodist Le Bonheur Healthcare, we take the security of our patient’s private information very seriously. Once we became aware of the situation, we promptly took action and alerted the appropriate legal authorities. We’ve cooperated fully with their investigation and ensured each patient who was affected has been notified. While there is no evidence of financial information being disclosed, we are offering free credit reporting for those affected.”
View press release from the U.S. Attorney’s Office.
Try Paubox for free
Paubox Email Suite for HIPAA compliant email
Keep your patient data safe from ransomware, phishing attacks and other dangers with advanced email threat protection.
