25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Identity Thief Sentenced to 4 Years for Selling Stolen Rotech Healthcare Data

Posted By on Dec 19, 2016

A Florida man has been sentenced to serve four years in federal jail for selling medical records obtained from the medical device firm, Rotech Healthcare.

Vickie Lorenzo Bryant, 39, from Plant City, FL made contact with a government informant in May 2016 and offered to sell personally identifiable information of 957 individuals who had received medical devices from Rotech Healthcare.

This was not the first time Bryant had attempted to sell stolen data to identity thieves and fraudsters. The confidential informant had previously purchased other individuals’ data from Bryant and had used the information to obtain Florida driver’s licenses, make counterfeit credit cards, and purchase mobile phones in the victims’ names.

Bryant met with the informant on two occasions in June 2016 and sold the data of 957 different individuals. Bryant asked to be paid $15,000 for the batch of data or $15 per identity.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Around 1,000 documents were handed over to law enforcement and were found to contain a range of personal and medical information about the victims, including names, addresses, Social Security numbers and dates of birth.  Law enforcement contacted those individuals and all confirmed that they had all previously received respiratory or sleep apnea devices from Rotech Healthcare in the past. Rotech Healthcare was alerted to the data breach by law enforcement on June 13, 2016 and all patients were notified of the incident shortly thereafter.

Bryant was arrested and pleaded guilty to access device fraud and aggravated identity theft on August 23, 2016 and was sentenced by U.S. District Judge Charlene Edwards Honeywell on Tuesday last week.

Bryant did not personally steal the data from Rotech Healthcare. Two co-conspirators who were employed at Rotech allegedly obtained the data and sold it to Bryant. Fontella James and Sharmekia Young were indicted on September 29, 2016 and have been charged with conspiracy, computer intrusion, and crimes related to identity theft and are awaiting trial.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist