HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Healthcare Thieves and Fraudsters Brought to Justice

The past two weeks have seen hundreds of criminals arrested for healthcare fraud and a number of indictments filed against the perpetrators of Medicare and tax fraud rings. The FBI was responsible for bringing in most of the criminals following a major Medicare fraud takedown. The perpetrators and players in the Medicare Fraud ring were able to obtain hundreds of millions of dollars in Medicare payments before being caught.

FBI Makes 243 Arrests for Healthcare Fraud


On June 18, the FBI announced it has arrested 243 individuals in a nationwide operation targeting individuals responsible for obtaining over $712 million from fraudulent Medicare claims. The operation was the largest ever conducted, resulted in more arrests than any other operation and involved the highest fraud value of any past Medicare Fraud takedown. A number of doctors, nurses and medical professionals were also arrested for supplying data to the fraudsters.

According to FBI Director James B. Comey, “There is a lot of money there, so there are a lot of criminals,” he went on to say “In these cases, we followed the money and found criminals who were attracted to doctors’ offices, clinics, hospitals, and nursing homes in search of what they viewed as an ATM.”

The takedown was organized by the Medicare Fraud Strike Force in conjunction with the Department of Justice, local law enforcement officers and the Department of Health and Human Services. HHS Secretary, Sylvia Mathews Burwell, said “We will work tirelessly to prevent these programs from becoming targets and fight fraud wherever we find it.”

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

Pittsburgh Judge Sentences Foreigner for 900 Phony Tax Returns


This week, a Pittsburgh grand jury has indicted Yoandy Perez Llanes, 31, along with three accomplices for filing over 900 phony tax returns resulting in payment of $2.2 million being obtained in tax refunds. Data was stolen from the University of Pittsburgh Medical Center (UPMC) and is understood to have involved 62,000 patient records

According to U.S. Attorney David Hickton, Llanes took the tax returns as Amazon.com credits via the online Turbo Tax filing service. Those credits were subsequently used to obtain goods such as iPhones, which were then shipped to numerous locations in North and South America, including Miami and Maracay and Maracaibo in Venezuela. The devices were then sold to obtain cash.

The fraud scheme was only identified after the team managed to obtain over 1.5 in false tax returns. Llanes has now been indicted for a number of conspiracy charges, as well as wire fraud, money laundering and aggravated identity theft. Llanes faces a sentence of 20 years for the wire fraud and money laundering charges with an additional 5 years possible for the conspiracy charge plus a mandatory 2-year prison term for aggravated identity theft.

The UPMC data breach is likely to produce more victims, although this arrest has at least reduced the risk of victims suffering fraud. According to Hickton, “In any computer hacking scheme, I’d be loath to say we’ve completely stopped it,” However, he did conclude that “this indictment is good news that we’ve disrupted the conspiracy.”

Employee Plunders Department of Children and Families Database to Commit Tax Fraud


In April of this year, an employee of the Department of Children and Families in the Southern District of Florida was arrested and charged with accessing the Department of Children and Families’ ACCESS Florida System to obtain the Protected Health Information (PHI) of patients.

Cora Eutsay, 50, a former CareerSource South Florida employee from Miami, was charged with “using unauthorized access devices to obtain anything of value.” The charge applies to any theft that results in goods of more than $1,000 being obtained in a period of one year.

Eutsay used her database access rights to obtain the names, dates of birth and Social Security numbers of at least 200 individuals. After running searches to find suitable victims – those who had previously applied for public benefits – Eutsay copied the records and sold them to a third party – Kyron Johnathon Nedd, 22, from Miami Gardens – who used the information to commit tax fraud

Nedd was also indicted for his role in the scheme in April, having submitted 379 fraudulent tax returns using the data Eutsay obtained from the DCF. Nedd claimed $843,295 in tax refunds and received $64,557 in payments.

Nedd was caught after law enforcement officers conducted a raid of his residence, with officers discovering hundreds of patient records including names, dates of birth and Social Security numbers.

Nedd has now pleaded guilty to a charge under title 18, United States Code, Section 1029(a)(3), for possession of fifteen or more unauthorized access devices in addition to a charge aggravated Identity theft; a violation of Title 18, of the United States Codes Section 1028A(a)(1). Nedd will return to court for sentencing on September 2, 2015 and faces a jail term of ten years for the crimes, plus an additional 2 years of incarceration for identity theft.

The latest arrests and civil charges should send a message to healthcare employees and make them think twice about using healthcare database access rights to commit crimes. Fraudsters and data thieves will be caught and brought to justice, with the courts eager to make an example of offenders. Long jail terms await any employee that accesses and copies the PHI of patients for personal gain.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.