Organ Transplant Coordinator Guilty of Unlawful Health Records Access

Supreme Court Justice Ruth Bader of Ginsburg found an organ transplant coordinator guilty of unlawfully accessing medical information and removing proof but was found not guilty on the charge of posting a copy of the information on the internet.

34-year-old Trent J. Russell was accused of unlawful access to Ginsburg’s medical information although she was going through cancer therapy at George Washington University Hospital in 2019. Then, she published the data on the 4chan message board on the web, which is a well-known location for conspiracy theory conversations. The posted image showed Ginsburg’s name, treatments, and dates of treatment from 2014 to 2018. End-users of the 4chan program provided conspiracy ideas regarding Ginsburg, for example, that she had passed away, and her demise was held as a secret to stop President Trump from assigning another Supreme Court judge.

George Washington University Hospital officers investigated access records and confirmed unauthorized access to Ginsburg’s data utilizing Russell’s accounts, with the access tracked to his home PC. Russell was a coordinator of organ transplants at the Washington Regional Transplant Community (WRTC) and got legal access to health data at George Washington University Hospital to carry out his job, which included going to the hospital to assess patient eligibility for organ transplants.

Russell knew his duties under HIPAA law as he had gone through training and understood that he wasn’t allowed to gain access to individuals’ health data beyond his work duties, which included Ginsburg’s files since she was not recommended to WRTC as a possible organ donor. Founder and ex-CEO Lori Brigham of WRTC stated that coordinators cannot view the charts of patients who were not referred to WRTC as potential donors.

Russell was questioned in 2019 regarding the unauthorized access and initially stated that his telephone was stolen. He likewise claimed that he hadn’t viewed Ginsburg’s files and that he gave other people his hospital access credentials. George Washington University Hospital’s major data officer, Nathan Read, said that Russell’s access to health data was ended in January 2019 when he was known as a suspect in the event and when he asked for the restoration of his access one month later, although the request was rejected. Prosecutors claimed that when Russell discovered on February 10, 2019 that his access to health data was terminated, he reformatted his home PC to eliminate proof and stop the investigation.

The Federal Bureau of Investigation’s forensic analysis of Russell’s computer revealed that Russell went to several posts on 4chan that include conversations and conspiracy ideas, such as that Democratic politicians were hiding Ginsburg’s demise, together with posts regarding antisemitic conspiracy hypotheses. Although Russell stated that his phone was stolen, its location was tracked to the place of his house in Arlington, Virginia during the time his hospital credentials were utilized to view Ginsburg’s medical data.

Russell wasn’t the sole suspect in the event, since a hospital employee searched Ginsburg’s health data about the time of the data breach. That person was eliminated as a suspect since they were considered not to be insufficiently technically knowledgeable to publish data on social media platforms, though they were dismissed for unauthorized health record access.

Russell said that he had not seen the health records of patients who were not introduced as organ donors. Following two days of trial at the U.S. District Court in Alexandria, VA, Russell was charged with unlawfully viewing Ginsburg’s health records and ruining proof but was found not guilty on the charge of publishing those data to 4chan. Russell’s sentencing will be on November 2024 and deals with a considerable penalty and as much as 20 years in jail.

About Christine Garcia 1201 Articles
Christine Garcia is the staff writer on Calculated HIPAA. Christine has several years experience in writing about healthcare sector issues with a focus on the compliance and cybersecurity issues. Christine has developed in-depth knowledge of HIPAA regulations. You can contact Christine at [email protected]. You can follow Christine on Twitter at https://twitter.com/ChrisCalHIPAA