HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Hospital Employee Receives 18 Month Jail Term for HIPAA Violations

Accessing the healthcare data of patients without authorization is prohibited under HIPAA legislation, and the disclosure of this information to a third party is a criminal matter. The offense carries a jail term of up to 10 years in addition to a maximum fine of $500,000 if the disclosure is made for personal gain.

One of the latest examples of wrongful disclosure of individually identifiable health information comes from the Eastern District of Texas where former Longview resident, Joshua Hippler, 30 has been convicted this offence and sentenced to serve 18 months in jail.

Hippler was a former employee of an East Texas hospital where he was alleged to have accessed Protected Health Information with the intention of selling it on for personal gain. Hippler was indicted by a federal grand jury on Mar. 26, 2014 and the case was heard by United States Magistrate Judge John D. Love on August 28, 2014.

Hippler pleaded guilty to the offenses that took place at an unnamed East Texas hospital between December 1, 2012 and January 14, 2013.

Get The Checklist

Free and Immediate Download
HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

The U.S. Department of Health and Human Services’ Office of Inspector General (HHS-OIG) and the U.S. Postal Inspection Service conducted an investigation into the HIPAA violations, with the case prosecuted by Assistant U.S. Attorney Nathaniel C. Kummerfeld.

Sentencing has now taken place with U.S. District Judge Leonard Davis ordering Hippler to serve one year and six months in prison, although this is considerably less than the 10 year maximum term.

The case should serve as a warning to all employees of HIPAA-covered entities that the theft of Protected Health Information is treated with the utmost seriousness and is highly likely to result in jail time.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.