HIPAA Violations: UPMC Employee Criminally Indicted

[kirniki <kirniki () gmail com>]

http://www.healthleadersmedia.com/content/TEC-256668/HIPAA-Violations-UPMC-Employee-Criminally-Indicted

A federal grand jury in Pittsburgh has indicted a former employee at
the University of Pittsburgh Medical Center for allegedly stealing
patient data in the first HIPAA-related prosecution in the Western
District of Pennsylvania, federal prosecutors say.

Paul C. Pepala, 34, of Monroeville, PA, faces 14 counts related to the
alleged disclosure of patients' data for personal gain in February
2008, when he was an employee at UPMC Shadyside Hospital. The
indictment lists Pepala as the sole defendant.

The indictment alleges that Pepala disclosed to other people the
names, birth dates and Social Security numbers of patients, in
violation of HIPAA laws. This patient data was used to file false tax
returns in 2008. Pepala was also charged with violating the Social
Security Act by disclosing Social Security numbers.

[..]
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php