Healthcare Information Security

Patient Privacy News

Physicians Charged with Healthcare Fraud, Identity Theft in PR

A Federal Grand Jury charged a medical equipment owner and three physicians with healthcare fraud and identity theft stemming from incident from 2007 to 2013.

Identity theft and healthcare fraud charges could lead to patient privacy issues.

Source: Thinkstock

By Elizabeth Snell

- A District of Puerto Rico Federal Grand Jury charged the owner of a durable medical equipment company and three physicians with multiple counts of conspiracy to commit healthcare fraud, healthcare fraud and aggravated identity theft

The defendants reportedly “conspired with each other and with other individuals known and unknown to the grand jury to defraud Medicare,” according to a US Department of Justice release. The alleged scheme also occurred from on or about February 20, 2007 through on or about July 18, 2013.

“The federal charges stem from an alleged scheme whereby Javier Efraín Siverio-Echevarría, as owner of Equipomed Care Corp., a durable medical equipment company with offices in Hatillo, Puerto Rico, would use the personal identifying information of Medicare beneficiaries, to invoice Medicare for durable medical equipment that these beneficiaries did not need or to whom the equipment would not be delivered,” the statement explained.  

Furthermore, the indictment claims that Siverio-Echevarría gathered prescription form signatures and Medicare documents from doctors who had not seen or examined the Medicare beneficiaries.

Electronic invoices were also submitted to Medicare by convincing Medicare beneficiaries to accept medical equipment that they had not requested and that they did not need, the DOJ explained.

The conspiracy charges reportedly led to fraudulent invoices in excess of approximately $1.2 million to Medicare. 

US Attorney Rosa E. Rodriguez-Velez said that the Medicare system trusts physicians with the responsibility to care for patients, ensuring that those individuals receive the necessary care and equipment.

“The charges unsealed today allege that three physicians violated their responsibility to their patients and instead facilitated the means for an equipment company to bill over a million dollars to Medicare for equipment not delivered or not medically necessary,” Rodriguez-Velez maintained. “These charges are yet another example of the Department of Justice’s determination to hold those who choose to steal from Medicare for personal gain accountable for the harm they inflict on groups of the most vulnerable individuals in our society: the sick, the elderly and the disabled.”

Medical identity theft is one of the potential outcomes from a healthcare data breach, and could be fairly common if a recent survey is any indication.

In February 2017, an Accenture report showed that 50 percent of American consumers have experienced medical identity theft, averaging approximately $2,500 in out-of-pocket costs per incident. Twenty-six percent of respondents stated that they have had their personal medical information stolen in a healthcare data breach.

“Health systems need to recognize that many patients will suffer personal financial loss from cyberattacks of their medical information,” Managing Director of Cybersecurity in Accenture’s Health Practice Reza Chapman said in a statement. “Not only do health organizations need to stay vigilant in safeguarding personal information, they need to build a foundation of digital trust with patients to help weather the storm of a breach.”

The data breach notification process may also need to be improved in some healthcare organizations, the report found. Of the 2,000 US consumers interviewed, 50 percent of those who experienced a data breach reported that that they found out about the incident themselves, by noticing an error on a credit card statement or their benefits explanation.

Furthermore, one-third of respondents said that the organization where the data breach occurred notified them of the incident, while 15 percent said they were alerted by a government agency.

“Now is the time to strengthen cybersecurity capabilities, improve defenses, build resilience and better manage breaches so that consumers have confidence that their data is in trusted hands,” Chapman explained. “When a breach occurs, healthcare organizations should be able to ask ‘How is our plan working’ instead of ‘What’s our plan?”


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks