Over 20 Total Lots Up For Auction at One Location - TX Cleansweep 06/25

Five former hospital employees facing jail time over conspiracy, HIPAA violations

por John R. Fischer, Senior Reporter | November 14, 2022
Five former hospital employees have been charged with violating HIPAA and committing conspiracy by disclosing sensitive patient information.
Five former employees who worked for Methodist Le Bonheur Healthcare system, in Tennessee, have been charged with conspiracy and unlawfully disclosing patient information.

Between November 2017 and December 2020, Kirby Dandridge, 38; Sylvia Taylor, 43; Kara Thompson, 30; Melanie Russell, 41; and Adrianna Taber, 26, gave the names, phone numbers, ages and diagnoses, among other information, of patients involved in motor vehicle accidents to Roderick Harvey, 40, in exchange for payment.

Harvey, in turn, sold the information to personal injury attorneys and chiropractors to make a profit.

A federal grand jury charged Dandridge, Taylor, Thompson, Russell, and Taber each with separate violations of HIPAA guidelines. Each faces one year in prison, a $50,000 fine, and a one-year period of supervised release. The conspiracy charge carries a penalty of five years in prison, a $250,000 fine, and three years of supervised release.

The indictment did not say how many patients’ information was sold, and what specific positions all five had at Methodist. It also did not convey whether each one had left Methodist, but referred to them as “former” employees.

While there is no evidence of financial information being disclosed, Methodist is offering free credit reporting to anyone affected.

“At Methodist Le Bonheur Healthcare, we take the security of our patients' private information very seriously. Once we became aware of the situation, we promptly took action and alerted the appropriate legal authorities. We’ve cooperated fully with their investigation and ensured each patient who was affected has been notified,” said spokesperson Rachel Powers Doyle in a statement.

Disclosing sensitive information without a patient’s knowledge or consent violates the Health Insurance Portability and Accountability Act of 1996 (HIPAA). It also makes it a crime to obtain patient information for the purpose of selling, transferring, or using it for personal gain.

Harvey has been charged with seven counts of obtaining patient information with the intent to sell it for financial gain on various dates between November 2017 and September 2019. Each charge carries a maximum of 10 years in prison, a fine of $250,000, and three years of supervised release.

This case was investigated by the Federal Bureau of Investigation and the Tennessee Bureau of Investigation.

You Must Be Logged In To Post A Comment