As an update to an incident included in the breach chronologies archived here, Leslie Howell has pleaded guilty to violating HIPAA. From the press release:
Oklahoma City, Oklahoma – John C. Richter, United States Attorney for the Western District of Oklahoma, announced today that LESLIE A. HOWELL, 30, of Oklahoma City, pled guilty today to violating the Health Insurance Portability and Accountability Act of 1996 ( HIPAA ). As part of her plea, Howell admitted that in the summer of 2007, while she was employed by a counseling center in Oklahoma City, she knowingly allowed two individuals to take patient files from her place of employment which contained individually identifiable health information with the intent to obtain personal gain.
[…]
Howell was employed at a counseling center and from June to August in 2007 she allowed patient files to be obtained by Ryan Jay Meckenstock and Nicole Lanae Stevenson, both of Oklahoma City. In October of 2007, Meckenstock and Stevenson each pled guilty in federal court to fraudulently obtaining credit cards and aggravated identity theft. Meckenstock and Stevenson used names, social security numbers, and other identifying information contained the medical files obtained from Howell as well as from stolen/discarded mail, internet searches, credit reports, and car burglaries, to produce counterfeit identification documents ( IDs ). These counterfeit IDs were used to obtain merchandise and credit from various merchants. Meckenstock and Stevenson were in possession of approximately 150 counterfeit drivers’ licenses and 68 counterfeit social security cards.
Read more