Californian Sentenced to Prison for HIPAA Violation
[Editor’s note, August 9, 2010: Huping Zhou was the first person in the nation to receive jail time for a misdemeanor HIPAA offense—for accessing confidential records without a valid reason or authorization but not profiting from it through the sale or use of the information.]
A former UCLA Health System employee became the first person in the nation to be sentenced to federal prison for violating HIPAA.
Huping Zhou, 47, of Los Angeles, was sentenced to four months in prison on April 27 after pleading guilty in January to four misdemeanor counts of accessing and reading the confidential medical records of his supervisors and high-profile celebrities, according to the U.S. Attorney’s Office for the Central District of California. Zhou was also fined $2,000.
In 2003, Zhou, who was a licensed cardiothoracic surgeon in China before immigrating to the US, was employed as a researcher with the UCLA School of Medicine.
On October 29, 2003, Zhou received notice that UCLA intended to dismiss him for job performance reasons unrelated to the illegal access of medical records. That night, Zhou accessed and read his immediate supervisor’s medical records as well as those of other coworkers.
Over the next three weeks, Zhou abused his access to the organization’s electronic health record system to view the medical records of celebrities and high-profile patients, including Drew Barrymore, Arnold Schwarzenegger, Tom Hanks, and Leonardo DiCaprio.
According to court documents, Zhou accessed the UCLA record system 323 times during the three-week period. In the plea agreement, Zhou admitted he obtained and read patient health information on four specific occasions — with no legitimate reason, medical or otherwise — after he was terminated from his job.
Zhou did not improperly use or attempt to sell any of the information he illegally accessed, according to the press release. In January Zhou’s attorney Edward Robinson was quoted in the UCLA student newspaper The Daily Bruin saying Zhou did not know that accessing the records was a federal crime.