HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Former Chilton Medical Center IT Worker Gets 5 Years’ Probation for Theft of Equipment Containing ePHI

A former IT worker at Chilton Medical Center in New Jersey has been sentenced to 5 years’ probation for the theft of IT equipment that contained the protected health information of some of its patients.

Sergiu Jitcu, of Saddle Brook, NJ, had previously been employed by Chilton Medical Center. On October 31, 2017, Chilton Medical Center learned that one of its hard drives had been sold on eBay. The purchaser discovered databases on the hard drive that appeared to include the protected health information (PHI) of some of its patients.

The subsequent investigation revealed the hard drive contained the PHI of 4,600 patients who had received medical services at Chilton Medical Center between May 1, 2008 and October 15, 2017. The types of information on the hard drive included names, addresses, dates of birth, allergy information, medical record numbers, and medications.

The theft was reported to the Morris County Prosecutor’s Office and was linked to Jitcu. The Morris County Prosecutor’s Office Specialized Crime Division obtained a search warrant for Jitcu’s home and vehicle and recovered computer equipment and additional items that had been stolen from Chilton Medical Center.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

Jitcu was charged and plead guilty to one count of computer criminal activity and one count of theft of computer equipment. The offenses occurred between January 1, 2015 and November 8, 2017.

A non-custodial sentence of five years’ probation was given to Jitcu on the condition that ongoing restitution payments be made to Chilton Medical Center totaling $64,250.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.