HIPAA Violations: UPMC Employee Criminally Indicted
A federal grand jury in Pittsburgh has indicted a former employee at the University of Pittsburgh Medical Center for allegedly stealing patient data in the first HIPAA-related prosecution in the Western District of Pennsylvania, federal prosecutors say.
Paul C. Pepala, 34, of Monroeville, PA, faces 14 counts related to the alleged disclosure of patients' data for personal gain in February 2008, when he was an employee at UPMC Shadyside Hospital. The indictment lists Pepala as the sole defendant.
The indictment alleges that Pepala disclosed to other people the names, birth dates and Social Security numbers of patients, in violation of HIPAA laws. This patient data was used to file false tax returns in 2008. Pepala was also charged with violating the Social Security Act by disclosing Social Security numbers.
The law provides for a maximum sentence of 80 years in prison, a fine of more than $4.7 million, or both.
John Commins is a senior editor with HealthLeaders Media.
- Half of All Primary Care, Internal Medicine Jobs Unfilled in 2013
- How Digital Strategy Shapes Patient Engagement at Boston Children's Hospital
- CFO Exchange: Smartphones Poised to Disrupt Healthcare, Says Topol
- CNO on Hospital Redesign: 'You Can't Over-Communicate'
- Carondelet to Pay $35M to Settle Fraud Allegations
- Some Cancer Hospitals' Quality Data Will Soon Be Public
- CA Powers Up $80M HIE to 'Create Value in the Data'
- PA Ranks See 'Phenomenal Growth,' Lack of Diversity
- 3 Traits Personality Assessments Can't Reveal
- Cleveland Clinic Partners with North Shore-LIJ for Heart Care