More than 1,000 patients at Cedars-Sinai Medical Center had their personal information taken by a former employee in the hospital's billing department, according to hospital officials who said prosecutors allege that the man used the identities to steal from insurance companies.
The hospital's chief financial officer warned affected patients in a letter sent last week that their information had been found during a search of the former employee's home. He urged them to monitor their credit reports and to notify the district attorney's office if they noticed anything unusual.
For The Record
Los Angeles Times Thursday, December 25, 2008 Home Edition Main News Part A Page 2 National Desk 1 inches; 53 words Type of Material: Correction
Privacy breach at Cedars-Sinai: An article in Tuesday's California section on a former Cedars-Sinai Medical Center billing worker who allegedly used the identities of patients to defraud insurance companies reported that he was arrested by the Los Angeles County Sheriff's Department. James Allen Wilson was arrested by the district attorney's Bureau of Investigation.
The allegations against James Allen Wilson, 44, of Los Angeles mark the latest in a series of privacy breaches at area hospitals, where staffers have been caught peeking at the files of celebrities as well as their co-workers and friends.
In this case, hospital officials said Allen -- who last worked at Cedars-Sinai in March 2007 -- had legitimate access to the patients' records for billing purposes, but did not have permission to take identifying information home.
So far, investigators have alleged that the scheme netted Wilson at least $69,000, said Jane Robison, a spokeswoman for the Los Angeles County district attorney's office. But she said the investigation is continuing, and the scope and scale of the alleged theft could grow.
Wilson was arrested Nov. 6 by the Los Angeles County Sheriff's Department. He has pleaded not guilty to multiple felony charges, including identity theft, insurance fraud and grand theft. He remains in custody on $895,000 bail and is scheduled to be in court Jan. 22. Attempts to reach his attorney Monday were not successful.
Hospitals' increasing reliance on computerized record-keeping has provided new avenues for identity theft and invasions of medical privacy. As recently as May, a Glendale man was convicted of using the names of hundreds of Los Angeles County and city employees to submit fraudulent claims for diagnostic services amounting to more than a quarter-million dollars.
Cedars-Sinai officials said they are serious about their responsibility to protect patients' information.
"In this case, it appears the privacy breach was not the result of someone accessing information they should not have accessed, but instead the privacy breach involved an individual illegally using information that he had legitimate access to as part of his job," Chief Financial Officer Edward Prunchunas wrote in the letter that the hospital provided to The Times.
