30 Month Jail Term for Texas Woman Who Stole and Sold Patients’ PHI

The U.S. Department of Justice has announced a Texas woman has been sentenced by a federal court in the Eastern District of Texas to serve 30 months in federal prison for conspiring to obtain protected health information from a protected computer.

Amanda Lowry, 40, or Sherman, TX, was a member of a fraud ring that used stolen protected health information to create fraudulent physician orders. The proceeds from the sale of the data were used to purchase a range of luxury items.

Lowry, along with co-conspirators Demetrius Cervantes and Lydia Henslee, were named in a federal indictment on Sept. 11, 2019. The three defendants were charged with conspiracy to obtain information from a protected computer and conspiracy to unlawfully possess and use a means of identification. Lowry pleaded guilty to the charges on December 4, 2020.

According to court documents, the defendants are alleged to have accessed a healthcare provider’s electronic health record system to steal the personal and protected health information of patients. The stolen data were repackaged as false and fraudulent physician orders, which were then sold to durable medical equipment providers and contractors. The proceeds from the sale of the data were used to purchase items such as off-road vehicles, jet skis, and sport utility vehicles. The defendants were paid around $1.4 million from the sale of the data.

Demetrius Cervantes of McKinney, TX, was sentenced to serve 48 months in jail on July 8, 2021 for his role in the fraud ring after pleading guilty to the charges. Henslee also pleaded guilty to the charges on March 25, 2021 and is awaiting sentencing. Henslee was also named in a separate indictment along with three men from Florida, who have been charged with conspiracy to commit illegal remunerations.

“Today’s sentence is another example of the Eastern District’s commitment to vigorously defending protected health information and prosecuting those who exploit such information for their personal gain,” said Acting U.S. Attorney Nicholas J. Ganjei.  “The defendant’s actions not only compromised victims’ sensitive information, exposing them to fraudulent schemes; but, also ultimately resulted in unnecessary costs to federal healthcare programs.”

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.