Earlier this month, EDNY Judge Joanna Seybert examined the elements of Aggravated Identify Theft in an interesting context: a motion to unseal grand jury minutes in a health care fraud prosecution, United States v. Cwibeker.
Defendants were charged with billing Medicare for fictitious or non-compensable treatments of residents of assisted living facilities. Defendants would allegedly visit residents at the facilities, not provide Medicare-reimbursable services, and then generate a list of patients they allegedly visited. Defendants would then use the list to submit fictitious claims to Medicare. Significantly, defendants legally obtained the personal information from residents in the first instance; the alleged subsequent unlawful use of the information formed the basis of the criminal charges.
Defendant Cwibeker argued that patients had consented to use of their personal information, and non-consent is an element of the Aggravated Identity Theft charge. Thus, the grand jury minutes should be unsealed because this element was likely not disclosed.
The Court first noted the long-established policy of maintaining secrecy of the grand jury. The Court next looked to the Supreme Court’s three part analysis for allowing disclosure. A party must show: (1) the material sought is needed to avoid a possible injustice; (2) the need for disclosure is greater than the need for continued secrecy; and (3) the request is structured to cover only the material needed.
The Court denied the motion, holding that non-consent of the defendant’s purported patients for releasing the information is not an element of the Aggravated Identity Theft offense, which provides that whoever “knowingly transfers, possesses or uses, without lawful authority, a means of identification of another person,” is subject to an additional two years in prison. The Court found that consent of the victim has no bearing on “without lawful authority” under the statute, as it is the improper use of the information that forms the offense. The Court distinguished a Seventh Circuit case where the person whose identity was appropriated was a participant in the fraud. In Cwibeker, the Medicare recipients whose identification was misappropriated were victims, with no knowledge of or participation in the alleged fraud.
This case highlights again the need for vigilance concerning patients’ personal information. Courts will hold persons who seek to profit from the improper use of such information accountable. Providers must take all available steps to safeguard patient information, however, as those who allow such information to fall into the wrong hands will also be held accountable.