The Messenger-Inquirer in Kentucky reports that an Owensboro woman employed in a medical office was indicted by a federal grand jury this week on charges of using patient information to obtain loans. It’s one of those all-too-rare criminal HIPAA prosecutions:
Ilene W. Bullington of the 200 block of Wilder Drive was indicted Wednesday. Bullington was indicted on six counts of wire fraud, two counts of aggravated identity theft and one count of using patient information under false pretenses in violation of the Health Insurance Portability and Accountability Act (HIPAA).
Because their full coverage is behind a paywall, I downloaded the public version of the indictment (there’s also a sealed version that is not available).
According to the indictment:
Beginning in or about February 2010, and continuing at least until in or about August 2012, in the Western District of Kentucky, Daviess County, Kentucky, ILENE BULLINGTON, knowingly and in violation of the Health Insurance Portability and Accountability Act, disclosed individually identifiable health information to another person under false pretenses, and with intent to use the individually identifiable health information for commercial advantage and personal gain, to wit: ILENE BULLINGTON disclosed her employer’s patients’ identifying information by providing names, birth dates, and social security numbers to loan companies so that ILENE BULLINGTON could obtain loans for her personal use and advantage. In violation of Title 42, United States Code, Sections 1320d-6.
The indictment was filed Wednesday in the U.S. District Court for the Western District of Kentucky at Owensboro.
No trial date has been set as yet.
Although the public indictment does not mention where Ms. Bullington was employed, in her LinkedIN profile, she listed herself as a “medicare billing specialist at Owensboro Medical Health System.”