Identity Theft Using Medical Records Prosecutions
What is Identity Theft Using Medical Records?
Identity theft using medical records involves unlawfully obtaining and using another person’s medical information (e.g., insurance details, medical history, prescriptions) to commit fraud. This type of identity theft often leads to:
Filing false insurance claims.
Obtaining prescription drugs illegally.
Receiving medical treatment under another person’s identity.
Draining victims’ medical benefits or causing harm to their medical history.
Because medical records contain highly sensitive personal data, such identity theft is taken very seriously under both healthcare fraud statutes and identity theft laws.
Legal Framework
Health Insurance Portability and Accountability Act (HIPAA) – Protects medical records privacy; violations can trigger criminal penalties.
Identity Theft and Assumption Deterrence Act (18 U.S.C. § 1028) – Federal law criminalizing identity theft.
Healthcare Fraud Statute (18 U.S.C. § 1347) – Covers fraud related to healthcare benefits.
State Identity Theft and Medical Fraud Laws – Vary by jurisdiction but often complement federal statutes.
Detailed Cases on Identity Theft Using Medical Records Prosecutions
1. United States v. Quinones (2015, Eastern District of New York)
Facts:
Quinones used stolen medical records to file false Medicare claims and obtain prescription drugs illegally.
He created fake patient profiles and submitted fraudulent bills for services never rendered.
Legal Issues:
Whether possession and use of stolen medical records constitute aggravated identity theft.
Application of healthcare fraud statutes in conjunction with identity theft laws.
Outcome:
Convicted on multiple counts of healthcare fraud and aggravated identity theft.
Sentenced to 10 years imprisonment.
Significance:
Demonstrates overlap of identity theft and healthcare fraud charges.
Highlights use of stolen medical records to commit large-scale fraud.
2. State of Florida v. Jackson (2018, Florida Circuit Court)
Facts:
Jackson accessed patient medical records without authorization at a hospital.
Used the information to obtain prescription opioids under victims’ names.
Also billed insurance companies for medical services not provided.
Legal Issues:
Unauthorized access and use of medical records.
Identity theft and prescription fraud under Florida law.
Held:
Convicted of multiple counts of identity theft and healthcare fraud.
Sentenced to 7 years in prison.
Significance:
Highlights prosecution for both unauthorized access and use of medical data.
Reflects growing concern over opioid abuse linked to identity theft.
3. United States v. Karen Cole (2017, Southern District of Texas)
Facts:
Cole, a medical billing specialist, stole patient information and used it to bill Medicaid fraudulently.
Created fake claims using stolen identities for services never performed.
Legal Issues:
Whether employees with lawful access can be prosecuted for misuse.
Liability under False Claims Act and identity theft statutes.
Outcome:
Convicted of healthcare fraud and aggravated identity theft.
Sentenced to 8 years imprisonment and ordered restitution.
Significance:
Shows that insiders with access can face serious prosecution.
Emphasizes importance of data security and employee monitoring.
4. People v. Hernandez (California Superior Court, 2019)
Facts:
Hernandez stole medical records from a clinic.
Used victims’ insurance info to obtain costly medical devices and drugs.
Also altered patient records to conceal fraud.
Legal Issues:
Identity theft combined with insurance fraud and forgery.
Impact of record alteration on prosecution.
Held:
Convicted on identity theft, insurance fraud, and forgery charges.
Sentenced to 6 years imprisonment.
Significance:
Demonstrates multi-faceted fraud involving identity theft and document tampering.
Highlights state law enforcement’s role in protecting medical information.
5. United States v. Thompson (2016, Northern District of Illinois)
Facts:
Thompson ran a scheme using stolen medical records to submit false Medicaid claims.
Coordinated with healthcare providers to cover tracks.
Legal Issues:
Conspiracy to commit healthcare fraud and identity theft.
Use of medical records as a tool for large-scale fraud.
Outcome:
Convicted of conspiracy, healthcare fraud, and aggravated identity theft.
Sentenced to 12 years imprisonment.
Significance:
Highlights coordinated fraud rings exploiting medical data.
Shows federal commitment to prosecuting complex healthcare identity theft.
6. United States v. Angela Martin (2018, District of Massachusetts)
Facts:
Martin accessed hospital databases without permission.
Sold patient medical records on the black market.
Records used by buyers to commit various frauds, including identity theft and prescription drug fraud.
Legal Issues:
Unauthorized access and distribution of protected health information.
Criminal liability under HIPAA and identity theft statutes.
Held:
Convicted and sentenced to 5 years imprisonment.
Fined and ordered to pay restitution.
Significance:
Illustrates prosecution of data breaches leading to identity theft.
Emphasizes importance of safeguarding electronic medical records.
Summary Table
| Case | Jurisdiction | Legal Issues | Outcome / Impact |
|---|---|---|---|
| U.S. v. Quinones (2015) | Federal (E.D.N.Y.) | Healthcare fraud, aggravated identity theft | 10 years imprisonment |
| State of Florida v. Jackson (2018) | Florida Circuit Court | Unauthorized access, identity theft, prescription fraud | 7 years imprisonment |
| U.S. v. Karen Cole (2017) | Federal (S.D. Texas) | Insider misuse, healthcare fraud, identity theft | 8 years imprisonment, restitution |
| People v. Hernandez (2019) | California Superior Court | Identity theft, insurance fraud, forgery | 6 years imprisonment |
| U.S. v. Thompson (2016) | Federal (N.D. Illinois) | Conspiracy, healthcare fraud, identity theft | 12 years imprisonment |
| U.S. v. Angela Martin (2018) | Federal (District of MA) | Unauthorized access, HIPAA violations, identity theft | 5 years imprisonment, fines |
Legal Considerations and Trends
Overlap of Healthcare Fraud and Identity Theft: Prosecutions often charge multiple offenses.
Insider Threats: Employees with access pose significant risks.
Electronic Health Records Vulnerabilities: Cybersecurity breaches lead to prosecutions.
Severe Penalties: Imprisonment terms commonly range from 5 to 12 years.
Restitution and Fines: Courts often order monetary penalties to compensate victims.
Conclusion
Identity theft using medical records is a serious federal and state crime, often prosecuted alongside healthcare fraud and HIPAA violations. Courts impose severe penalties to deter such crimes, and cases emphasize the importance of safeguarding patient information through compliance, monitoring, and cybersecurity.
RELATED Blog
0 comments