Oliver Gayle of Miami has been convicted in an tax refund scheme involving the theft of patient information from Mount Sinai Medical Center. Gayle, who was employed as a temp, had a previous felony conviction on RICO/racketeering charges prior to his employment at the medical center. The South Florida Business Journal asked the medical center how he obtained employment with that criminal background. The medical center sent them a statement:
“The temp agency provided a false background check on Mr. Gayle. The document did not include his prior conviction for racketeering and the date was deleted, which masked the fact that the background check was one year old. We no longer do business with this agency and have revised our background check process so this will not happen again.”
According to testimony and evidence presented at trial, on February 27, 2013, the Aventura Police Department stopped a vehicle driven by Gayle after being alerted by a U.S. bank of an individual who attempted to cash a fraudulent check. Gayle presented a Jamaican passport as his form of identification. During an inventory search of the vehicle driven by Gayle, officers uncovered a black bag containing over 100 printouts from Mt. Sinai Medical Center Account Inquiry Processor with multiple names, dates of birth, social security numbers, and addresses of patients on each printout. Additionally, photocopies of checks written to Mt. Sinai Medical Center from various individuals with a photocopy of the corresponding billing statement from Mt. Sinai were found in the bag.
According to court documents and trial testimony, during a consensual search of Gayle’s residence, law enforcement found multiple printouts from Mt. Sinai Medical Center that appeared similar to the ones found in his black bag. Law enforcement also found copies of U.S. Treasury checks; a document labeled “HIT LIST” with a list of names, Social Security numbers and dates of birth; several tax returns in the names of other individuals; multiple Tax Act and Turbo Tax pre-paid debit cards issued in the names of other individuals; a Jamaican passport in Gayle’s name containing a counterfeit U.S. visa; and, an identification badge for Mt. Sinai Medical Center with Gayle’s name and photo.
Sentencing is scheduled for January 9, 2014 at 10:00 a.m. before U.S. District Judge Donald L. Graham.
This is not the first insider breach at Mount Sinai Medical Center reported on this blog. In May 2012, the same U.S. Attorney’s Office announced the arrest of Keiondra Sheri Williams, who was employed as a specimen control clerk. As in the Gayle case, the data theft was discovered in the course of a search following a vehicle stop. And in both cases, printouts with patient information were found:
The affidavit filed in support of the criminal complaint alleges that on March 24, 2011, North Miami Beach Police Department stopped a vehicle for reckless driving. During a consensual search of the vehicle, law enforcement found a brief case containing what appeared to be personal identifying information from patients at Mount Sinai Hospital. The briefcase also contained seven (7) credit cards and approximately eleven (11) computer screen print outs from Mount Sinai Hospital. The words “Duplicate SS” or “IRS Accepted” were handwritten on several pages of these hospital printouts.
According to the complaint, subsequent investigation revealed that the eleven (11) computer screen print outs were printed by defendant Williams, who was employed at Mount Sinai Hospital as a specimen control clerk. The investigation revealed that within five days, Williams accessed and printed approximately 339 patient records that contained names, social security numbers, patient identification, and dates of birth. Williams had no lawful reason nor did he have authorized access to view or print these patient records. On May 30, 2012, members of the IRS Identity Theft Task Force arrested Williams in Miami Gardens.
So what steps did the medical center take after the Williams case to prevent a recurrence? And how is it that they seemingly neither prevented nor detected Gayle’s activities?
SOURCE: U.S. Attorney’s Office, Southern District of Florida and media sources