Texas Woman Gets 30 Month Jail Term for Stealing and Seling Patients’ PHI

The U.S. Department of Justice reported that a federal court in the Eastern District of Texas has sentenced a Texas lady to serve 30 months in federal prison for committing a conspiracy to acquire protected health information (PHI) from a secured computer.

40-year old Amanda Lowry of Sherman, TX, was part of a fraud group that utilized stolen PHI to make fake physician orders. The profits from the sale of the information were employed to buy a variety of luxury merchandise.

Lowry, together with co-conspirators Lydia Henslee and Demetrius Cervantes, were charged in a Sept. 11, 2019 federal indictment. The three defendants were accused of conspiracy to acquire data from a secured computer and conspiracy to illegally get and utilize a way of identification. Lowry acknowledged his guilt in the accusation on December 4, 2020.

Based on court records, the defendants have allegedly logged in to a healthcare company’s electronic health record system to commit theft of the personal data and PHI of patients. The stolen information was repackaged as fake and fraudulent doctor orders, which were then marketed to medical equipment suppliers and companies. The profits from selling the data were utilized to buy merchandise like off-road vehicles, sport utility vehicles, and jet skis. The defendants were compensated about $1.4 million from selling the data.

Demetrius Cervantes of McKinney, TX, received a sentence of 48 months imprisonment on July 8, 2021 for his part in the fraud ring right after pleading guilty to the accusations. Henslee likewise pleaded guilty to the accusations on March 25, 2021 and is waiting for her sentence. Henslee was additionally included in another indictment together with three males from Florida, who were accused of conspiring to commit unlawful compensations.

Acting U.S. Attorney Nicholas J. Ganjei explained that the sentence today is one more example of the Eastern District’s dedication to strongly safeguard protected health information and going after those who take advantage of such data for their own gain. The defendant’s activities not just affected victims’ sensitive data, exposing them to deceitful schemes; but, also eventually contributing to unnecessary expenses to federal healthcare services.

About Christine Garcia 1310 Articles
Christine Garcia is the staff writer on Calculated HIPAA. Christine has several years experience in writing about healthcare sector issues with a focus on the compliance and cybersecurity issues. Christine has developed in-depth knowledge of HIPAA regulations. You can contact Christine at [email protected]. You can follow Christine on Twitter at https://twitter.com/ChrisCalHIPAA