BreachExchange mailing list archives
Man admits to paying hospital employees to steal patient data
From: Erica Absetz <eabsetz () opensecurityfoundation org>
Date: Tue, 8 Jan 2013 09:05:45 -0500
http://www.orlandosentinel.com/news/local/breakingnews/os-florida-hospital-stolen-patient-information-20130107,0,3868320.story A Central Florida man associated with medical centers and an injury hotline admitted in federal court Monday that he paid Florida Hospital employees to steal patient information. Federal authorities say Sergei Kusyakov, who was involved with Metro Chiropractic and Wellness Center and City Lights Medical Center, illegally obtained private information about patients through Dale Munroe II and his wife, Katrina Munroe, who worked at Florida Hospital's Celebration campus. Authorities said Dale Munroe accessed more than 763,000 records for patients treated at various Florida Hospital locations. He focused on patients who were in automobile accidents, and inappropriately reviewed in detail more than 12,000 patient records. Prosecutors said that from 2009 until July 2011, Munroe accessed patient data while working as a registration representative in the emergency department. Kusyakov paid Munroe for the patient information, and then Kusyakov and other conspirators used the information to solicit patients for lawyers and chiropractors. Some patients received a phone call within days after their visit to a Florida Hospital campus, prosecutors said. The caller knew specifics about the vehicle accident and the patients' treatment at the hospital. If the patient asked the caller how they received their personal information, the solicitor either hung up, or tried to give an excuse that the information was public record. Prosecutors said one of the phone numbers used by one of the solicitors was linked to Kusyakov. Investigators found Kusyakov paid Munroe and his wife more than $10,000 for their work. Dale Munroe was fired in July 2011 after officials learned he accessed the medical records of a Florida Hospital doctor who was fatally shot in a hospital parking garage. At that point, prosecutors said, Katrina Munroe, who worked at the hospital as an insurance representative, began stealing patient information. The scheme was detected in August 2011, when they took information about a patient whose mother worked at the hospital. When the patient's mother received a call offering the services of an attorney, she knew the caller should not have her daughter's information and confronted the solicitor. The caller hung up, and the hospital employee reported the incident to Florida Hospital. Dale and Katrina Munroe each pleaded guilty to federal charges and are awaiting sentencing. On Monday, Kusyakov pleaded guilty to one count of conspiracy to defraud the United States, and four counts of making a payment to a non-licensed physician. He faces up to 15 years in prison and will be sentenced March 25. Authorities also said Kusyakov employed "runners" to gather people to participate in staged car accidents, so those people could seek treatment at Kusyakov's clinics and bill the insurance companies for treatment. _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- Man admits to paying hospital employees to steal patient data Erica Absetz (Jan 08)