The HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

30 Month Jail Term for Texas Woman Who Stole and Sold Patients’ PHI

Posted By on Jul 30, 2021

The U.S. Department of Justice has announced a Texas woman has been sentenced by a federal court in the Eastern District of Texas to serve 30 months in federal prison for conspiring to obtain protected health information from a protected computer.

Amanda Lowry, 40, or Sherman, TX, was a member of a fraud ring that used stolen protected health information to create fraudulent physician orders. The proceeds from the sale of the data were used to purchase a range of luxury items.

Lowry, along with co-conspirators Demetrius Cervantes and Lydia Henslee, were named in a federal indictment on Sept. 11, 2019. The three defendants were charged with conspiracy to obtain information from a protected computer and conspiracy to unlawfully possess and use a means of identification. Lowry pleaded guilty to the charges on December 4, 2020.

According to court documents, the defendants are alleged to have accessed a healthcare provider’s electronic health record system to steal the personal and protected health information of patients. The stolen data were repackaged as false and fraudulent physician orders, which were then sold to durable medical equipment providers and contractors. The proceeds from the sale of the data were used to purchase items such as off-road vehicles, jet skis, and sport utility vehicles. The defendants were paid around $1.4 million from the sale of the data.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Demetrius Cervantes of McKinney, TX, was sentenced to serve 48 months in jail on July 8, 2021 for his role in the fraud ring after pleading guilty to the charges. Henslee also pleaded guilty to the charges on March 25, 2021 and is awaiting sentencing. Henslee was also named in a separate indictment along with three men from Florida, who have been charged with conspiracy to commit illegal remunerations.

“Today’s sentence is another example of the Eastern District’s commitment to vigorously defending protected health information and prosecuting those who exploit such information for their personal gain,” said Acting U.S. Attorney Nicholas J. Ganjei.  “The defendant’s actions not only compromised victims’ sensitive information, exposing them to fraudulent schemes; but, also ultimately resulted in unnecessary costs to federal healthcare programs.”

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist