A former employee of the Long Beach Veterans Affairs Medical Center in Southern California has been sentenced to three years in prison for stealing the personal information of more than 1,000 patients, according to the facility.
In April, a police search of the vehicle of Albert Torres, then a clerk at the VA, revealed patient data — including names, dates of birth and full Social Security numbers.
Torres was initially pulled over after a records search indicated that the license plates on his vehicle did not match the VIN number of the car, according to a press release from the VA Long Beach Healthcare System. The facility reported that police spotted a pill bottle in his car for which he did not have a prescription — it was later found to contain Gabapentin, a medication sometimes used to treat anxiety, epilepsy or pain associated with shingles.
After obtaining a search warrant for Torres’s apartment, police found hard drives and flash drives containing the personal information of an additional 1,014 patients, as well as cleaning supplies, worth $1,031.
VA Long Beach Healthcare System spokesperson Richard Beam said that Torres initially said he was in possession of the information “so that he could work from home,” but that VA workers very rarely, if ever, take home hard copies of patient information.
“It’s disappointing that somebody would take advantage of those we are entrusted to care for,” Beam told the Daily Breeze .
Beam added that the VA conducts annual employee training on patient privacy, HIPPA and cybersecurity, but incidents like this are very difficult to prevent completely — access to the same type of information that was stolen is required to schedule and care for veterans, he said.
In a statement, the VA said it has no reason to believe any of the data was used for fraudulent purposes, and that all potentially affected patients will receive notification letters and 12 months of free credit monitoring services.