Cybercrime , Fraud Management & Cybercrime , HIPAA/HITECH

Hospital Worker Sentenced for HIPAA Crimes in ID Theft Scam

Former Employee Gets 4.5 Years in Federal Prison and Is Ordered to Repay Patients
Hospital Worker Sentenced for HIPAA Crimes in ID Theft Scam

A former employee of an Arizona hospital received a 54-month prison sentence and an order to pay restitution after pleading guilty to criminal HIPAA violations committed as part of his participation in an identity theft scam.

See Also: Critical Condition: How Qilin Ransomware Endangers Healthcare

Federal prosecutors charged Rico Prunty of Sierra Vista, Arizona, with accessing the medical forms and participating in a scheme to open credit card and other financial accounts with the personal identifiable information in them.

Prunty must reimburse $133,000 to patients who were victims of the scheme, the U.S. Department of Justice said.

In his plea agreement, Prunty acknowledged stealing data from more than 300 individuals between July 2014 and May 2017. He pleaded guilty to one count of violating HIPAA and one count of aggravated identity theft.

Prunty provided the patient information to three co-conspirators in Indiana. The conspiracy included his brother, Vincent Prunty, and Temika Coleman and Gemico Childress, who have already received prison sentences of between roughly 10 and 13 years.

“This case highlights the need for hospitals to have robust information security protocols in place that include regular monitoring and internal controls to limit employee access to information only necessary for the scope of their job responsibilities," said attorney Jason Johnson, a partner in law firm Moses Singer's healthcare privacy and cybersecurity practice, who was not involved in the Prunty case.


About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.