A former medical technician was was caught selling electronic protected health information (ePHI) which include the names, addresses, dates of birth and Medicare numbers of patients, along with blank hospital prescription forms and receiving about $500 to $800 in cash for each transaction. After receiving the prescription pads and patient information, the buyer forged prescriptions for oxycodone and filled them at various pharmacies.



She was sentenced to three years of probation including six months in a halfway house, ordered to perform 100 hours of community service and fined $2,100 for violating HIPAA rules.  

Click here to read the full story.



"Health care providers have an obligation to closely guard their patients’ confidentiality,” said U.S. Attorney Machen. “Patients deserve to have their personal information kept private, not sold for cash in a scheme to forge prescriptions for painkillers. This felony conviction confirms that private patient information is a trust to be protected, not a commodity to be sold to the highest bidder.”


Small medical practices have a duty to protect their patients’ records even if an employee such as this one criminally violates HIPAA. Have you identified what documents are easy to access in your practice? Beyond data encryption are you looking for other potential breaches? What processes are you using to safeguard ePHI?



Click here to read the full Dexcomm eBook on HIPAA Threats and Breaches for tips on safeguarding your medical practice.



Dexcomm is a Louisiana-based corporation that provides answering services to businesses and service agencies across the United States. We have been open since 1954, employ a staff of roughly 50 people, and our average client retention rate is 10+ years.

Connect With Us:





Read More About The Author: Dexcomm