William M. Miaoulis, CISA, CISM

This web-site was maintained by William M. Miaoulis, CISA, CISM.  It is an accumulation of various articles, post, etc. that relate to Healthcare Security and Privacy.  

It has not been updated since Feb 2015, so much of the informatin is dated.  

********

.  

HIPAA VIOLATION RESULTS IN 18 MONTH PRISON TERM

In one of the few instances of an individual being sentenced to prison for a HIPAA Violation.

www.justice.gov

Department of Justice
Office of Public Affairs

FOR IMMEDIATE RELEASE

February 17, 2015

Former Hospital Employee Sentenced For HIPAA Violations

TYLER, TEXAS – A former employee of an East Texas hospital has been sentenced to federal prison for criminal HIPAA violations in the Eastern District of Texas, announced U.S. Attorney John M. Bales.

Joshua Hippler, 30, formerly of Longview, Texas, pleaded guilty on Aug. 28, 2014, to wrongful disclosure of individually identifiable health information and was sentenced to 18 months in federal prison today by U.S. District Judge Leonard Davis. 

According to information presented in court, from December 2012 through January 2013, Hippler was an employee of a covered entity under HIPAA, the Health Insurance Portability and Accountability Act.  During this time, Hippler obtained protected health information with the intent to use it for personal gain.  Hippler was indicted by a federal grand jury on Mar. 26, 2014.

This case was investigated by the U.S. Department of Health and Human Services – Office of Inspector General (HHS-OIG) and the U.S. Postal Inspection Service and prosecuted by Assistant U.S. Attorney Nathaniel C. Kummerfeld.

$1.44M HIPAA award upheld after Walgreen pharmacist shared patient data

The Indiana Court of Appeals on Friday upheld a $1.4 million verdict against Walgreen Co. and one of its pharmacists who shared confidential medical information about a client that had once dated her husband.

The order is the first published appellate court decision in the nation in which a health-care provider has been held liable for violations of the Health Insurance Portability and Accountability Act committed by an employee, according to Indianapolis attorney Neal F. Eggeson Jr., who represented the victim.

Indy Star

MIAOULIS NOTE: This is a must read for everyone involved with patient information.  It clearly shows the implications of breaching an individuals information.

FORMER HOSPITAL EMPLOYEE INDICTED FOR CRIMINAL HIPAA VIOLATIONS

TYLER, Texas — A former employee of an East Texas hospital has been indicted for criminal violations of the Health Insurance Portability and Accountability Act, more commonly known as  HIPAA, in the Eastern District of Texas, announced U.S. Attorney John M. Bales today.

Joshua Hippler, 30, formerly of Longview, Texas, was indicted on charges of Wrongful Disclosure of Individually Identifiable Health Information.  According to the indictment, from December 1, 2012, through January 14, 2013, Hippler, who was then an employee of a covered entity under HIPAA, obtained protected health information with the intent to use the information for personal gain.  HIPAA contains provisions protecting the privacy of individually identifiable health information.

If convicted, Hippler faces up to ten years in prison.        

                                                                                          

The investigation leading to the charges was conducted by agents from the U.S. Department of Health and Human Services - Office of Inspector General (HHS-OIG) and the U.S. Postal Inspection Service.  Assistant United States Attorney Nathaniel C. Kummerfeld is prosecuting the case.

Justice Department.gov

A grand jury indictment is not evidence of guilt and all defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.