Two Florida women that have pled guilty to one count of conspiring to defraud the United States have been sentenced. Both women admitted that they conspired to obtain and utilize patient information from a healthcare provider where one of the women was employed.
The woman that was employed at a Florida healthcare provider had improperly accessed 22 patient files. The two women admitted that they intended to use the stolen personal information to acquire distressed, abandoned, foreclosed, and probated real estate property.
One of the women was sentenced to 30 months of imprisonment and the other was sentenced to 24 months. Both will serve 3 years of supervised released following imprisonment and pay a fine of $10,000. Their restitution hearing will be conducted in June 2022.
The case against the two is the result of an investigation by the US Postal Inspection Service and a county sheriff’s office, with assistance from a property appraisers office.
Issue:
Patient information must only be accessed when absolutely necessary and all required measures must be taken to keep such personal information confidential. Residents—who are usually the last to find out that they have been the victims of identity theft—must be protected from financial abuse and exploitation. Facilities must therefore ensure that all staff with access to residents’ personal information are trained and knowledgeable on when they are permitted to access such data, and what they should do if they suspect there has been a data breach.
Discussion Points:
- Review your policies and procedures on protecting residents’ personal information and preventing financial abuse and exploitation. Update your policies if needed.
- Train all staff who have access to residents’ personal information on your policies and procedures for protecting residents’ personal information. Train all staff on your policies and procedures for preventing financial abuse and exploitation. Document that these trainings occurred, and file the signed document in each employee’s education file.
- Periodically audit to ensure that staff who have access to residents’ personal information are aware of the proper procedures to follow to prevent exposure. Also, periodically audit staff to ensure that they are aware of what constitutes financial abuse and exploitation, and that they know what to do if they suspect financial abuse or exploitation is occurring.