Eric McNeal of Atlanta, Georgia, was sentenced on January 10th, 2012, by US District Judge Willis B Hunt, Jr. for accessing a protected computer of a rival medical practice without prior authorization. This information was then used to send out marketing material for his employer.

United States Attorney Sally Quillian Yates stated that those who give their
details to the health industry expect that information to be kept secure. With the high costs of medical care, patients should not be expected to pay a heavier price through data leaks and cybercrime. She added that electronic information such as this can be easily bought, sold or stolen by those who know the system.

As a result of his actions, McNeal has been sentenced to 1 year, 1 month in prison followed by 3 years of supervised release. He has also been ordered to perform 120 hours of community service. McNeal pleaded guilty to the charge on September 28 last year.

According to information and charges presented in court, McNeal was employed as an IT Specialist for A.P.A., a perinatel medical practice located in Atlanta. In November 2009, McNeal left A.P.A. and was given a job at a competing practice situated in the same building. In April 2012,
McNeal hacked into A.P.A.’s patient database. He then downloaded the personal details of A.P.A.’s patients, erasing them from the organization’s computers. Using this information, McNeal commenced a direct-mail marketing campaign in order to promote his new employer.

While all evidence points to McNeal solely downloading personal information rather than specific medical-related details this is irrelevant in the face of such a severe data breach.

The case was investigated by the FBI and prosecuted by Assistant United States Attorney Steven D. Grimberg.

Further information can be gained from the U.S. Attorney’s Office for the Northern District of Georgia.

Contact us for more information or to learn about a tailored Clearwater HIPAA Audit Prep WorkShop™ or the Clearwater HIPAA Audit Prep BootCamp™ series.

More HIPAA HITECH Resources:

The complete HIPAA Privacy, Security and Breach regulations are here.

Join our AboutHIPAA LinkedIn Group: http://AboutHIPAALI.org
Follow us on Twitter
Subscribe to our eNewsletter
Attend a live educational webinar.

Bob Chaput

CEO at Clearwater Compliance
Bob is the CEO and Founder of Clearwater Compliance. He has 25 years of experience in the Healthcare industry, and his experience includes managing some of the world’s largest HR, benefits and healthcare databases, requiring the highest levels of security and privacy. Mr. Chaput continues to expand and update his knowledge base on HIPAA-HITECH compliance through postgraduate study, earning professional certifications and participating in professional healthcare and other organizations.