““So, don’t ask me no questions and I won’t tell you no lies:” Physician Receives Criminal Conviction for HIPAA Violations and Obstructing a Criminal Health Care Investigation”
Safe & Sound 05/10/18 Meghan C. O'Connor, Rachel H. Weiss, Sarah A. Erdmann
The physician’s convictions stemmed from a Department of Justice (DOJ) investigation of (and eventual $125 million settlement with) a pharmaceutical company that was suspected of felony health care fraud based on its illegal marketing practices and payment of kickbacks to physicians. During this investigation, the DOJ interviewed the physician about her relationship with the pharmaceutical company. The DOJ later alleged that the physician obstructed its investigation by providing false information to federal agents regarding her relationship with the pharmaceutical company, including a $23,500 payment the physician received for speaker training and medical education events held at the physician’s office (and attended solely by sales representatives of the pharmaceutical company).
The DOJ originally charged the physician with accepting kickbacks from the pharmaceutical company but dropped those allegations in favor of proceeding with HIPAA and obstruction of a criminal health care investigation charges. These charges were based on the physician providing the pharmaceutical company access to her patient files to target patients with specific health conditions and providing false information to federal agents.
Under HIPAA, the penalties the physician could face include one year in prison and/or a fine of $50,000 and one year of supervised release. The physician also faces penalties for the conviction of obstructing a criminal health care investigation, which include up to five years in prison, three years of supervised release, and a fine of $250,000. The federal district court judge will determine the physician’s ultimate sentence at an upcoming hearing.
Health care professionals should use this case as a reminder that HIPAA violations can lead to criminal convictions, though typically only in egregious cases like this one where protected health information is impermissibly disclosed for financial gain. This case also serves as a friendly reminder to providers that lying to federal agents is never a good idea.
For questions about this update or health IT privacy and security generally, please contact Meghan O’Connor at (414) 277-5423 / [email protected]arles.com, Rachel Weiss at (414) 277-5829 / [email protected], Sarah Erdmann at (414) 277-5512 / [email protected], or your Quarles & Brady Health Information Technology, Privacy and Security attorney.