As seen in the Tampa Star:
Three men have been indicted for stealing the personal patient information of more than 13,000 people from a Tampa medical practice and using it to create fraudulent credit cards and steal tax refunds.
The conspiracy to steal the personal patient information of thousands of clients at the Tampa office of Pediatric Gastroenterology Hepatology Nutrition of Florida began in January 2015 and continued to late July 2016.
Unfortunately, the rest of the article is behind a paywall.
This breach was reported to HHS on August 24, 2015, and HHS closed its investigation with this note:
On June 25, 2015, the Tampa Police Department notified the covered entity (CE), Pediatric Gastroenterology, Hepatology & Nutrition of Florida, P.A., that paper printouts from their facility were found during a criminal investigation. An employee of the CE removed appointment sheets containing the names, social security numbers, dates of birth, and account numbers of 13,000 patients from the premises without authorization. The CE provided breach notification to HHS and affected individuals and set up a toll free number to answer questions. Following the breach the CE reviewed its policies and retrained staff on its HIPAA privacy and security policies. The CE also implemented physical security procedures to reduce the risk of unauthorized access to printed documents and implemented role based access procedures to limit access to electronic PHI. The CE also improved administrative safeguards by requiring random background checks on its employees throughout the duration of their employment. OCR obtained assurances that the CE implemented the corrective actions noted. The CE also terminated the involved employee’s employment. The employee was criminally investigated for actions related to this breach.
If anyone has the case caption for the case or the names of the defendants, please let me know, as I’d like to look at the court records.
Updated: Here we go, courtesy of BankInfoSecurity:
The 23-count indictment filed on July 26 in a U.S. district court in Tampa, Fla. alleges that Anthony Michael Harris, a former administrative employee in the Tampa office of Pediatric Gastroenterology, Hepatology & Nutrition of Florida, conspired with two other individuals, Larry Chance Cox and Maurice Rahmaan, to commit tax, mail, wire and access device fraud, as well as identity theft, court documents say.