The HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Former Methodist Hospital Employees Plead Guilty to Criminal HIPAA Violations

Posted By on Apr 25, 2023

Five former Methodist Hospital employees have pleaded guilty to criminal violations of HIPAA for accessing and disclosing the information of patients to a third party for financial gain. The former hospital workers were contacted by Roderick Harvey, 41, of Memphis, and were paid to provide him with the names and telephone numbers of patients who had been involved in motor vehicle accidents. The data collected by Harvey was then sold to personal injury attorneys and chiropractors.

The HIPAA Privacy Rule prohibits healthcare workers from accessing patient data unless there is a valid work reason for doing so, and disclosures of patient data to third parties are not permitted unless there is a valid reason for the disclosure (treatment, payment, business operations) unless consent is obtained from the patient. Accessing and disclosing patient information for financial gain without the consent of the patients is a criminal offense.

Between November 2017 and December 2020, Kirby Dandridge, 38, Sylvia Taylor, 43, Kara Thompson, 31, Melanie Russell, 41, and Adrianna Taber, 26, violated HIPAA and provided Harvey with patient information. The former employees were terminated for the HIPAA violations, and along with Harvey, were indicted by a federal grand jury in November 2022. Harvey faced a conspiracy charge and seven counts of obtaining patient information with the intent to sell it for financial gain. The former Methodist Hospital employees were separately charged for violating HIPAA.

Harvey pled guilty to the conspiracy charge on April 21, 2023, and will be sentenced on August 1, 2023. Harvey faces up to five years in jail, a fine of up to $250,000, and three years of supervised release. Dandridge, Taylor, Thompson, Russell, and Taber each face a maximum of one year in jail, $50,000 fine, and one year of supervised release and will be sentenced on five separate dates between April 25, 2023, and June 21, 2023.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Sentencing

  • Roderick Harvey – 5 years of probation, including one year of home detention and a $50,000 fine
  • Kirby Dandridge – 1 year of probation and a $2,500 fine
  • Sylvia Taylor – 1 year of probation and a $3,000 fine
  • Kara Thompson – 2 years of probation
  • Melanie Russell – 1 year of probation and a $1,000 fine
  • Adrianna Taber – time served plus 6 months on supervised release

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist