Jay F. Marks reports:
An Oklahoma City woman was sentenced Friday to more than a year in prison for violating a federal health privacy law in an identity theft scheme.
Leslie A. Howell pleaded guilty in May to violating the Health Insurance Portability and Accountability Act of 1996, a federal law meant to protect patients’ health information.
Howell, 30, admitted she let Ryan Jay Meckenstock and Nicole Lanae Stevenson take patient files from the Oklahoma City counseling center where she worked in 2007.
They used the information from those files to make counterfeit identification papers that helped them obtain merchandise and credit from a number of retailers.
Now they are serving prison terms on previous identity theft convictions related to the scheme. Meckenstock earlier was sentenced to about 10 years in prison, while Stevenson was sentenced to 14 years.
They also were ordered to pay more than $100,000 in restitution. Howell must pay about $20,000 for her role in the scheme.
Source- NewsOK.com
Prior coverage archived here and here.
Comment: So why is her sentence so much lighter than those who misused the information? Their wrongdoing is obvious, but perhaps we need tougher sentences for HIPAA violations to send a message that we — and the courts — take the privacy and security of our PHI seriously.