Reon Jordan, a former medical billing clerk at ABEO who was charged with misusing patient information, has been sentenced to four years and four months in state prison, and also ordered to pay $18,015 in restitution.
CBS Los Angeles reports that Jordan pleaded no contest to one felony count each of grand theft, second-degree commercial burglary and identity theft. At the time of her arrest, she reportedly had more than 400 identity profiles and 200 additional credit card numbers in her possession.
Note that this incident does not appear on HHS’s public breach tool, and it’s not clear which covered entities/clients of ABEO had their patient information misused. Nor is it clear that this breach was ever reported to HHS as ABEO never issued any statement at the time about the breach or what steps they were taking to minimize a similar breach going forward. On their website, under HIPAA Enforcement, they declare:
HIPAA enforcement and compliance is taken seriously by abeo and the leadership of the company. Our clean track record is reflective of the manner in which HIPAA enforcement is executed and followed.
I’m not sure how you claim you have a “clean track record” if you had a rogue insider stealing and misusing patient information, but maybe we use different definitions of “clean track record.”