[ Tuesday, September 19, 2006 ]
Another Criminal HIPAA case:
Thanks to Kirk Nahra for the tip, here's the grand jury indictment
against a couple of folks in Florida for stealing identifying information from patients of the Cleveland Clinic and Health Management Associates to use for Medicare fraud. An employee of the clinic got patient names, addresses, social security numbers, dates of birth, and Medicare numbers and provided them to her cousin, who sold them to people who used the information to make false Medicare claims. There's a HIPAA count, even though the DOJ memo said employees of covered entities and people who aren't covered entities shouldn't be charged with HIPAA violations. And like the other cases, it's not so much an issue of someone misusing actual medical information as it is someone misusing information for identity theft.
UPDATE: My old friend Pete Winn email with a reference to an article
he wrote on who can be charged with HIPAA violations.
Jeff [2:05 PM]
Blogger: HIPAA Blog - Edit your Template