25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

27 Year Sentence Issued for PHI Theft and Fraud

Posted By on Jun 23, 2015

Violations of HIPAA Privacy Rule carry stiff sentences, with up to 10 years in jail possible for theft of PHI for personal gain; however using stolen data to commit fraud can carry a far stiffer penalty as James Lee Cobb, III, recently discovered.

Florida Middle District Judge, Charlene Honeywell, recently passed a sentence of 27 years for the use of stolen healthcare data. Cobb, along with his co-conspirators, obtained protected Health Information stolen from healthcare providers and used the data to obtain pre-paid debit cards and file false tax returns in the names of the victims.

Medical data carries a high value on the black market as the information can be used to steal identities, with criminals able to them run up thousands, if not millions in debts. Often the victims are unaware of the theft and do not discover their data has been used inappropriately until many months after the information was stolen.

It is not clear how Cobb actually obtained patient data, but information stolen from hospital and healthcare providers can be purchased online through hidden dark net sites. The data Cobb purchased and used included names, dates of birth and Social Security numbers. Cobb, along with his accomplices, managed to claim more than $3 million in false tax returns between 2011 and November, 2013.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Cobb used more than 7,000 medical records that had been stolen from the Florida Hospital, when it operated under the name of University Community Hospital, as well as James A. Haley VA hospital and the records of the Ambulance service in three states (Georgia, Texas and Virginia). Records were also obtained via websites such as genealogy.com.

The lengthy sentence was passed not just for the use of HIPAA-covered data, but for wire fraud and conspiracy to commit mail and wire fraud, and aggravated identity theft. The sentence was further increased as Cobb was found to be in possession of two illegal firearms, including an AR-15-style rifle. Cobb was also on supervised release for prior federal conviction when the offenses took place.

The 27-year term will be followed by a further 5 years on supervised release and Cobb has been ordered to pay $1,820,759 as a forfeiture money judgment, with the same amount also required to be paid under an order of restitution.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist