In a case being heard in San Diego, former Scripps Health employee Matthew Lombardo has been charged with felony HIPAA violations for obtaining and disclosing the protected health information of patients to his alleged co-conspirators. This is part of a Department of Justice investigation where nine San Diego residents have been charged in two separate indictments in connection with the theft of patients’ protected information and the submission of fraudulent pandemic unemployment insurance claims.
As part of the Coronavirus Aid, Relief, and Economic Security (CARES) Act of 2020, new unemployment benefits were provided for people impacted by the COVID-19 pandemic, who would not, under normal circumstances, qualify for payments.
Lombardo was also charged with conspiracy to commit wire fraud, along with three alleged co-conspirators – Konrad Piekos, Ryan Genetti, and Dobrila Milosavljevic. Piekos, Genetti, and Milosavljevic were also charged with aggravated identity theft and are accused of using the stolen information to file fraudulent pandemic unemployment insurance forms.
The San Diego Sheriff’s Department had stopped Konrad Piekos for driving without a license plate. However, when police officers walked towards his car, they could see an assault rifle in plain sight in his vehicle. Piekos confirmed that he possessed an unregistered assault rifle, and the subsequent vehicle search uncovered a range of loaded firearms and ammunition. A warrant was sought to search Piekos’ properties and, once it was granted, police officers discovered many other firearms and ammunition, quantities of heroin and fentanyl, and mobile phones. With warrants to search the phones in place, detectives discovered text messages shared between Piekos, Genetti, and Lombardo referring to the illicit distribution of narcotics, firearms, and a plan to obtain unemployment benefits using other individuals’ personal identifying information (PII).
Piekos and Genetti had planned to steal PUA benefits in July 2020, with Lombardo coming on board with the scheme during August 2020. Lombardo is believed to have abused his position as a patient financial service representative to obtain patients’ PII, which he then shared with Piekos, Genetti, and Milosavljevic starting on August 15,2020, according to the indictment. Scripps Health fired Lombardo on April 14, 2021.
In another case, Genetti and three other individuals – Lindsay Renee Henning, Garrett Carl Tuggle, and Salvatore Compilati – were charged with conspiracy to carry out wire fraud. Henning and Tuggle were also charged with aggravated identity theft, and Henning, Tuggle, and a fourth defendant, Juan Landon, were charged with possession of methamphetamine, cocaine, and heroin with intent to distribute. The defendants had submitted more than 108 separate claims for PUB benefits, totaling $1,615,000.
Lombardo may be sentenced with a jail term of 10 years in relation to the HIPAA breach along with a fine and penalty assessment. The conspiracy to carry out wire fraud charges comes with a longest possible jail term of 20 years in prison with a fine and penalty assessment, and there is a mandatory minimum 2-year jail term for the aggravated identity theft charges, with the aggravated identity theft jail term consecutive to any other sentences.
Acting U.S. Attorney Randy Grossman commented on the case saying: “Pandemic unemployment insurance programs are a critical part of our safety net designed to support hard working citizens who are suffering during an unprecedented economic downturn. Our office and our law enforcement partners will investigate and prosecute individuals who attempt to steal from these programs designed to assist deserving recipients.”