DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Indictments in patient data theft from Pediatric Gastroenterology Hepatology Nutrition of Florida (UPDATED)

Posted on September 3, 2016 by Dissent

As seen in the Tampa Star:

Three men have been indicted for stealing the personal patient information of more than 13,000 people from a Tampa medical practice and using it to create fraudulent credit cards and steal tax refunds.

The conspiracy to steal the personal patient information of thousands of clients at the Tampa office of Pediatric Gastroenterology Hepatology Nutrition of Florida began in January 2015 and continued to late July 2016.

Unfortunately, the rest of the article is behind a paywall.

This breach was reported to HHS on August 24, 2015, and HHS closed its investigation with this note:

On June 25, 2015, the Tampa Police Department notified the covered entity (CE), Pediatric Gastroenterology, Hepatology & Nutrition of Florida, P.A., that paper printouts from their facility were found during a criminal investigation. An employee of the CE removed appointment sheets containing the names, social security numbers, dates of birth, and account numbers of 13,000 patients from the premises without authorization. The CE provided breach notification to HHS and affected individuals and set up a toll free number to answer questions. Following the breach the CE reviewed its policies and retrained staff on its HIPAA privacy and security policies. The CE also implemented physical security procedures to reduce the risk of unauthorized access to printed documents and implemented role based access procedures to limit access to electronic PHI. The CE also improved administrative safeguards by requiring random background checks on its employees throughout the duration of their employment. OCR obtained assurances that the CE implemented the corrective actions noted. The CE also terminated the involved employee’s employment. The employee was criminally investigated for actions related to this breach.

If anyone has the case caption for the case or the names of the defendants, please let me know, as I’d like to look at the court records.

Updated: Here we go, courtesy of BankInfoSecurity:

The 23-count indictment filed on July 26 in a U.S. district court in Tampa, Fla. alleges that Anthony Michael Harris, a former administrative employee in the Tampa office of Pediatric Gastroenterology, Hepatology & Nutrition of Florida, conspired with two other individuals, Larry Chance Cox and Maurice Rahmaan, to commit tax, mail, wire and access device fraud, as well as identity theft, court documents say.

Related posts:

  • Connexin Software notifies parents of 2.2 million pediatric patients of hack
  • Harrisburg Gastroenterology notifies patients of data security incident
Category: Breach IncidentsHealth DataID TheftInsiderPaperTheftU.S.

Post navigation

← ‘JustBatCat’ pleads guilty to helping ‘KYAnonymous’ in computer hacking case
Federal court deals blow to Minn. driver data snooping cases →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.