It appears we have another criminal prosecution under HIPAA.
In May 2014, ProMedica disclosed that almost 600 Bay Park Hospital patients were to be notified of an insider breach. In June, police announced that no criminal charges would be filed because their investigation found that no patient information such as social security numbers or financial information had been compromised. At the time, they noted that a HIPAA investigation would continue, however.
Today, Amulya Raghuveer reports that Jamie Knapp, the former employee who was a respiratory therapist, has been indicted by a federal court on charges that she unlawfully obtained individually identifiable health information and engaged in unauthorized access of a protected computer. The first charge is under HIPAA, while the second charge is under the Computer Fraud and Abuse Act (CFAA).
She is alleged to have accessed patient’s health information between May 10, 2013 to March 25, 2014.
Read more on NBC.
The case is United States of America v. Knapp, 3:15-cr-00132-JJH-1 in the Northern District of Ohio. The indictment does not specify what types of personal information were accessed, although hospital officials have said no financial information was involved. Attachments to the indictment are currently restricted access.