Another insider breach at a Florida medical practice for a fraud scheme; this time it’s insurance fraud.
WFTV reports that Selina Rodriguez, a medical assistant formerly employed at Mid-Florida Urological Associates, illegally accessed patient records from Orlando Health, which operates hospitals in the Orlando area, including Orlando Regional Medical Center, MD Anderson Cancer Center Orlando, Winnie Palmer Hospital for Women & Babies, Arnold Palmer Hospital for Children, Dr. P. Phillips Hospital, South Seminole Hospital, Health Central Hospital, and South Lake Hospital.
Rodriguez allegedly claimed that some of the patients whose records she accessed were her children to obtain insurance money. It’s not clear from the media report how it is that insurance investigators did not detect the fraud scheme, as one would think that claims might have already been filed by the patients or their families already.
Rodriguez allegedly accessed the patient records by using one of the physician’s passwords. It’s not clear whether he knowingly shared his password with her or she obtained it via other means.
Some online sites indicate she was charged in September 2012, while other sites report that she was charged with insurance fraud and ID theft (Fraud-Imperson-Use Id Of 10-20 Others Without Consent) on February 15, 2013.
So… how many patients’ records were accessed and/or misused as part of her alleged fraudulent activities and why didn’t Orlando Health’s access controls and audit system detect the accesses or send up any flags?
I do not see any notice on Orlando Health’s web site at the time of this publication.