Employee Guilty of PHI Theft Jailed: Snooping Employees Fired

An ex-employee of Veteran Affairs Medical Center in Long Beach, CA named Albert Torres, 51, was sentenced to three years in jail for stealing the protected health information (PHI) of over 1,000 patients. Torres was a clerk in the Long Beach Health System-run medical center for under a year. On April 12, Torres was stopped by police officers who checked his license plate and found an anomaly. Allegedly, the plate was used on a private vehicle, even if it was reserved for a commercial vehicle.

The police officers discovered prescription drugs which Torres’ failed to show a prescription for. They also saw the Social Security numbers along with other PHI of 14 patients in his car. A subsequent search of Torres’ residence revealed hard drives containing the PHI of 1,030 patients and $1,000 worth of cleaning supplies that he stole from the hospital.

Torres pleaded guilty to a number of crimes, which include identity theft and grand theft and was sentenced to spend three years in jail on June 4.

Sutter Health Fires Employees for Snooping on Medical Records

Sutter Health has fired employees for accessing the health records of patients without authorization. CBS 13 Sacramento noted that an unknown source had verified that Sutter Health dismissed two employees for snooping on the health records of Joseph DeAngelo, the suspected Golden State Killer.

Following the CBS 13 news report, Sutter Health spokesperson Gary Zavoral released an statement confirming action had been taken to address the unethical accessing of PHI, according to the Sacramento Business Journal. Although Zavoral did not say how many employees were terminated, nor the number of patients whose health records were compromised, he did confirm that employees had been fired over the privacy violations.

Sutter Health has technology in place that triggers alerts when personnel access health records with no authorization. Any time unauthorized access is identified, it generally results in  termination. Besides firing the employees involved, Sutter Health has reminded all employees that accessing health records is only allowed if there’s a legitimate work reason for to do so.

Sutter Health has now notified the patient(s) whose privacy was violated by its employees.