Criminal HIPAA convictions are still pretty rare. Here’s a case prosecuted in the Northern District of Georgia:
Matthew Paul Brown, 30, formerly of Atlanta, Georgia and Nashville, Tennessee, pleaded guilty on September 14 in federal district court to charges of health care fraud and wrongful disclosure of individually identifiable health information.
According to United States Attorney Yates and the charges: From November 2009 through April 5, 2011, Brown carried out a health care fraud scheme in the metro Atlanta and Nashville, Tennessee areas. While operating in the Atlanta area, from November 2009 through August 2010, he approached numerous practicing physicians and persuaded them to bill Medicare, Medicaid, and private health insurers under their own provider numbers for allergy-related care he would provide. The care was provided both at the physicians’ own offices and at health fairs, with the physicians agreeing to pay him between fifty and eight-five percent of a total of approximately $1.2 million they received from the health care benefit programs. Brown has never been licensed in Georgia as a physician, physician assistant, nurse practitioner, or clinical nurse specialist.
Apart from the fact that he wasn’t licensed to perform these services, Brown also wrongfully disclosed individually identifiable health information. The individually identifiable health information wrongfully disclosed was a spreadsheet Brown created with information concerning each person he treated. He sent the spreadsheet to an undercover FBI agent, whom he believed to be an investor considering a large investment in Brown’s business.
According to the U.S. Attorney’s Office, Brown was indicted in April 2011. The indictment to which he pleaded guilty charged 17 counts of health care fraud, each of which carries a maximum sentence of 10 years in prison and a fine of up to $250,000. The HIPAA charge also carries a maximum sentence of 10 years in prison and a fine of up to $250,000. In determining the actual sentence, the Court will consider the United States Sentencing Guidelines, which are not binding, but provide appropriate sentencing ranges for most offenders.
Sentencing is set for November 22, 2011, at 11 a.m., before United States District Judge Amy Totenberg.
Source: U.S. Attorney’s Office, Northern District of Georgia