Former Patient Care Coordinator Pleads Guilty to Wrongfully Disclosing PHI with Intent to Cause Harm

What is a HIPAA Violation?

Ms. Linda Sue Kalina, 61, of Butler, PA, a former employee of Tri Rivers Musculoskeletal (TRM) and Allegheny Health Network (AHN), an affiliate of the University of Pittsburgh Medical Center (UPMC), has pleaded guilty to accessing the medical records of patients without consent and a wrongful disclosure of patient information with intent to cause harm.

Ms. Kalina was previously a patient care coordinator at TRM from March 7, 2016 to June 23, 2017 and at AHN from July 24, 2017 until August 17, 2017. Following a complaint about wrongful use of patient information, an investigation was launched. It was discovered that she had accessed the healthcare records of UPMC patients without proper authorization and was fired for the HIPAA violation.

Ms. Kalina was accused of accessing the health records of 111 UPMC patients and 2 AHN patients without permission between December 2016 and August 2017. As per her indictment, she additionally shared the PHI of four patients with people not permitted by law to see the information.

Before working at TRM, Ms. Kalina worked at Frank J. Zottola Construction for 24 years until she was terminated from her position as office manager. While working at TRM and AHN, Ms. Kalina impermissibly accessed the healthcare records of some of the construction company’s employees, including the gynecological files of the woman who took over from her as office manager.

Ms. Kalina allegedly sent an email message to the controller of the company in June 2017 disclosing the woman’s gynecological data. She also left a voicemail disclosing information from the gynecological records to another employee of Zottola in August 2017.

Zottola submitted a complaint to UPMC regarding the privacy violation. After Ms. Kalina was fired, the Department of Justice prosecuted Ms. Kalina over the HIPAA violations. The indictment included six counts of wrongfully acquiring and disclosing PHI with the intent of causing malicious harm.


Simple Guidelines
Immediate PDF Download

Immediate Access

Privacy Policy

Ms. Kalina pleaded guilty in federal court to one count of wrongful disclosure of ePHI with the intention of causing harm over the voicemail message and admitted accessing the healthcare records of over 100 persons in violation of HIPAA Rules.

U.S. District Judge Arthur Schwab allowed the release of Ms. Kalina on bond while she awaits sentencing on June 25, 2019. Ms. Kalina is facing a financial penalty of up to $250,000 and a maximum sentence of 10 years imprisonment for the HIPAA violations.

About Liam Johnson
Liam Johnson has produced articles about HIPAA for several years. He has extensive experience in healthcare privacy and security. With a deep understanding of the complex legal and regulatory landscape surrounding patient data protection, Liam has dedicated his career to helping organizations navigate the intricacies of HIPAA compliance. Liam focusses on the challenges faced by healthcare providers, insurance companies, and business associates in complying with HIPAA regulations. Liam has been published in leading healthcare publications, including The HIPAA Journal. Liam was appointed Editor-in-Chief of The HIPAA Guide in 2023. Contact Liam via LinkedIn: