DUI Arrests Without Convictions Are Held Sufficient Cause For California Medical Board To Discipline Doctor

On August 25, 2009, the California Third District Court of Appeal issued an opinion that held that a Northern California doctor’s repeated arrests for driving while intoxicated could serve as a proper basis for professional discipline, even though those arrests did not result in any criminal convictions.

In an opinion by Justice Harry Hull, the panel upheld the Medical Board of California’s decision revoking Dr. Louis H. Watson’s medical license but staying the revocation, and placing the doctor on probation for five years, with 30 days of actual suspension.

Dr. Watson was arrested on four occasions between July 2000 and August 2005 for driving under the influence of alcohol. According to the 2004 accusation filed against him by the board, two of these arrests occurred after police officers observed Dr. Watson driving erratically and two were subsequent to minor traffic collisions. On each occasion, Dr. Watson performed poorly on field sobriety tests but later breath or blood tests indicated his blood alcohol level was below the legal limit.

A misdemeanor complaint filed against Dr. Watson regarding the first incident was dismissed in November 2000 but a criminal matter was pending against Dr. Watson in connection with his last arrest in August 2005 at the time of his administrative hearing. No charges were filed based on his other two arrests.

The accusation also detailed Dr. Watson’s 2003 negotiated plea of no contest to battery, arising from an incident in which he hit another man in the back of the head in the parking lot of a home improvement store. Dr. Watson served one year on probation as a result of his conviction.

Watson further allegedly failed to disclose this conviction, as well as the medical board’s investigation and the drunken driving charges, in response to questions asking about such matters on two applications for reappointment to hospital medical staffs and two applications for professional liability insurance.

Following an administrative hearing, the medical board found each of the alleged incidents had been established and provided cause for discipline. Dr. Watson then petitioned for a writ of mandamus in the Sacramento Superior Court.

Sacramento Superior Court Judge Patrick Marlette granted the petition in part, finding that the board erred in relying on the battery incident to support discipline because that incident has no bearing on Watson’s qualifications to practice medicine.

Additionally, one of the alleged misstatements in an application for professional liability insurance could not serve as a basis for discipline because it was filed after Watson’s battery conviction had been expunged, Judge Marlette said.

Judge Marlette also struck the board’s finding that Watson suffered from a substance abuse disorder, along with two conditions of probation prohibiting the use of alcohol and requiring testing of bodily fluids. In all other respects, Marlette denied the petition.

On appeal, Dr. Watson argued that his use of alcohol could only be the basis for professional discipline if there were a proven nexus between his drinking and his ability to practice medicine safely. Justice Hull agreed that a logical connection between the two was required, as set forth in Business and Professions Code Sec. 2239which provides that a licensed physician’s use of alcohol “to the extent, or in such a manner as to be dangerous or injurious to the licensee, or to any other person or to the public, or to the extent that such use impairs the ability of the licensee to practice medicine safely” may subject him to discipline.

Noting the statute’s use of the disjunctive “or” between its clauses, Justice Hull reasoned that Sec. 2239 defines two distinct ways in which a licensee’s use of alcohol could merit disciplinary measures. Based on Griffiths v. Superior Court (2002) 96 Cal.App.4th 757—which involved a doctor with multiple misdemeanor convictions involving alcohol—and Weissbuch v. Board of Medical Examiners (1974) 41 Cal.App.3d 924—which concerned a physician’s use of narcotics—Justice Hull concluded that an express finding of an actual adverse impact on a doctor’s day-to-day practice of medicine is not required for discipline to be imposed and that a finding of unprofessional conduct could be based on a potential for future harm.

As driving under the influence of alcohol not only “reflects poorly” on a physician’s common sense and professional judgment, but also “demonstrates an inability or unwillingness to obey legal prohibitions against such conduct and constitutes a serious breach of a duty owed to society,” Justice Hull opined that Dr. Watson “posed a danger to himself and others” by repeatedly engaging in such conduct.

Justice Hull added that a criminal conviction for driving under the influence was not required for professional discipline to comport with due process since Sec. 2239 provides licensees with “fair warning” of the conduct it prohibits, even if it is not a bright-line standard. Justices Coleman Blease and Ronald B. Robie joined Hull in his decision.

The case is Watson v. Superior Court (Medical Board of California). A copy of the opinion is located at: http://www.courtinfo.ca.gov/opinions/documents/C059957.PDF

Attorney Commentary: There are a couple of things for licensed professionals to learn from this published decision:

(1) Even if you win your criminal case, the Medical Board can pursue the underlying allegations since it has a different burden of proof.

(2) Be very careful in completing hospital privilege and malpractice applications. It appears that the Medical Board investigation may have resulted from the doctor's failure to complete the application accurately. Hospitals have a duty to report the alleged misrepresentations or failures to disclose to the Medical Board.

(3) In our practice we have seen two driving under the influence convictions lead to probation even if there was no effect on the practice of medicine. Especially now that the diversion program has been abandoned, alcohol related arrests and/or convictions will be disciplined more aggressively by the Medical Board. The diversion program was eliminated in part due to lobbying by claims that consumers were not being protected by it.

(4) The Medical Board often seeks probation in these types of cases since they want to have a means by which to monitor the doctor and have some control over his or her behavior. The problem is that probation is hard on a career -- posting on a website, loss of insurance contracts, difficulty in getting employed, etc.

Any questions or comments should be directed to: tgreen@greenassoc.com  or call 213-233-2260 to arrange for an appointment. Tracy Green is a principal at Green and Associates. They focus their practice on the representation of professionals, including individual physicians, before licensing and regulatory agencies such as the Medical Board.

The firm website is: http://www.greenassoc.com/

Intro To HIPAA For Health Care Providers: Frequently Asked Questions

The first time that health care providers encounter the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), the incredibly vast framework of privacy and security regulations may very well appear completely overwhelming. This is especially true when the question at issue – whether it is from a litigation or compliance perspective – is particularly narrow in scope. For the initiated and uninitiated alike, it is fairly easy to get lost in the morass of cross-referenced sub-parts that any given legal question implicates.

Through its privacy and security requirements, HIPAA impacts not only the medical community, but all individuals and industries that come into contact with the medical community. The implementation of HIPAA requires the development of new policies and procedures addressing the use and disclosure of medical information, as well as the appropriate utilization of available technology. Equally as important, as HIPAA has become more and more pervasive, compliance with the privacy and security regulations have necessarily involved attitudinal changes by everyone associated with the health care industry. HIPAA directly impacts the manner in which patients, providers, and payors interact with each other.

What Information is Protected by HIPAA?

The HIPAA Privacy Rule covers all uses or disclosures of "Protected Health Information" ("PHI") whether in paper, electronic, or oral form. PHI has many characteristics that make it somewhat easy to spot. Whether a malpractice attorney is attempting to acquire the medical records of a plaintiff, or a transactional attorney is assisting with due diligence in connection to the sale of a clinic, it is imperative that PHI is treated appropriately. Being able to recognize PHI is the first step. PHI has the following characteristics:

•It is created or received by a Covered Entity (as defined below);
•It relates to an individual's past, present, or future physical or mental health, or condition, or payment for health care. This includes "payment" information; and
•It identifies or can be used to identify a specific individual.
The following are illustrative examples of information that are considered "patient identifiers":

•Name, name of employer, names of relatives;
•Social security number, plan beneficiary number;
•Fax number, telephone number;
•Address, email address;
•Birth date, fingerprint, picture;
•Internet Protocol (IP) address, web site URL; and
•Vehicle license number.

Generally speaking, PHI may be used or disclosed without first acquiring the patient's consent in very limited circumstances. Other than allowing disclosure to the individual about whom the PHI describes, the Privacy Rule generally allows disclosure of PHI without the patient's consent for the purposes of treatment, payment, or health care operations. Additionally, there are certain situations, such as in response to an order of court, or subpoenas (so long as certain additional requirements are met), where PHI may be disclosed without the patient's consent. In most other situations, a patient must provide consent before his PHI can be used or disclosed.

To that end, each individual maintains six basic privacy rights. An individual has the right to:

•Receive a Covered Entity's Notice of Privacy Practices;
•Request restrictions of certain uses of PHI (although Covered Entities are not required to grant such restrictions);
•Be given access to the individual's own PHI;
•Request that an amendment or correction be made to his PHI;
•Request an accounting of PHI disclosures; and
•File complaints regarding PHI use or disclosure.

Additionally, a Covered Entity's use or disclosure (not including "treatment, payment, or operations," or with consent) of PHI must be only to the "minimum necessary" extent. This minimum necessary standard essentially requires a provider to consider what minimum amount of PHI will meet the purpose of the disclosure. Furthermore, once a Covered Entity agrees to a restriction regarding the use or disclosure of an individual's PHI, this restriction must be honored.

Likewise, use and disclosure of PHI must be consistent with a Covered Entity's Notice of Privacy Practices. When the exchange of health information is deemed necessary, but the value of the information is not the personally identifiable aspect of the information, PHI is often "de-identified." PHI can be freely used to create de-identified data, and no restrictions are placed on its use and disclosure.

To Whom does HIPAA Apply?

Although HIPAA appears to be extremely pervasive, it maintains authority over only certain types of entities. HIPAA specifically applies only to "Covered Entities." Generally, a Covered Entity is one of the following:

•Health care provider. This includes any person or entity that (a) furnishes, bills, or is paid for health care; (b) uses electronic means to transmit any of the following: health claims, remittance or payment advice, or any of the other electronic transactions included in HIPAA.

•Health plan. This includes any organization or entity that provides or pays the cost of medical care, including Medicare and Medicaid, HMOs, or PPOs.

•Health care clearinghouse. These are organizations that process data elements or transactions.

Most of the time, HIPAA questions will involve the activities of or information held by either a provider or plan. Because providers and plans must utilize the services of many different entities, it was necessary to find a way to extend the protections afforded by HIPAA when these essential non-Covered Entities are handling or creating PHI.

These non-Covered Entities that play such a critical role in the health care arena are termed "Business Associates." Examples of common Business Associates are billing firms, accreditation organizations, document destruction contractors, lawyers, and third-party administrators.

Importantly, a Business Associate relationship is formed contractually. When a Covered Entity engages another person or entity to perform a function on behalf of the Covered Entity that requires the disclosure of PHI or the creation of new PHI by that person or entity, it is imperative that the Covered Entity requires that person or entity to sign a contract called a "Business Associates Agreement" (often referred to as a BAA). The BAA extends the requirements of HIPAA to the Business Associate and requires the Business Associate to be aware of its responsibilities under HIPAA.. Furthermore, a Covered Entity that does not require Business Associates to sign a BAA is in violation of HIPAA itself.

Federal vs. State Law

Although the term "preemption" is typically thought of in terms of an ERISA analysis, many HIPAA issues require a preemption analysis. As a general rule, HIPAA should be thought of as a regulatory "floor" of provisions. In other words, HIPAA provides a baseline of privacy requirements that state law cannot abrogate. This is not to say, however, that state law will not provide the answer to a given privacy concern.

State privacy laws are preempted by HIPAA if the state law is contrary to HIPAA. In order to determine whether the state law is contrary, two questions should be asked:

1.Would a Covered Entity find it impossible to comply with both the state and federal requirements?

2.Does the state law stand as an obstacle to the accomplishment and execution of the full purposes and objectives of the Privacy Rule?

Generally, if the answer to either of these questions is "yes," then the state law requirement will be preempted by HIPAA. It is important to keep in mind, however, that stronger state laws that are not contrary to HIPAA will apply. Such laws typically further limit the use or disclosure of PHI, create greater rights of access to PHI to the individual, strengthen authorization protection, or impose greater record-keeping requirements.

For example, many states have more stringent state laws regarding the use and disclosure of HIV/AIDS records, drug and alcohol treatment records, DNA records, and sexual assault victim records. Additionally, some states (with California being a prime example) have extremely intricate and detailed bodies of law that provide more stringent requirements that parallel much of the Privacy Rule.

Privacy vs. Security

Although the HIPAA statute and regulations address much more than privacy and security (i.e. health care transaction standards fraud and abuse provisions, provisions regarding medical savings accounts), HIPAA has become synonymous with patient privacy. Furthermore, as electronic medical records have become more prevalent (i.e., the recently passed Stark law exception and Anti-kickback statute safe harbor dealing with e-prescribing), the security regulations will become implicated on a more regular basis.

To a large extent, the privacy and security requirements are distinct regulatory provisions. A quick review of the security regulations, however, reveals many provisions that appears to be equally related to privacy. Generally, the following distinction between HIPAA privacy and HIPAA security hold true: Privacy generally refers to the rights of an individual to limit the use and disclosure of PHI; Security generally refers to the obligations of Covered Entities to safeguard health information from improper use or disclosure. In other words, the Privacy Rule addresses the "what," and the Security Rule addresses the "how."

Importantly, and to further complicate matters, the Security Rule essentially provides Covered Entities with a list of security issues that must be addressed. At no point does the Security Rule instruct Covered Entities how to implement these security standards. Although what appears to be a lack of direction in the Security Rule may seem frustrating to a provider (or an attorney advising the provider), the various administrative, technical, and physical safeguards described in the Security Rule are specifically designed to be both flexible and scalable. Security "solutions" should be proportionate to an organization's risks, and be based on organizational circumstances such as size, complexity, and capabilities

Enforcement

Violating HIPAA can be very costly. Civil penalties range from $100 per incident to $25,000 per person per year per standard violated. On the criminal side of enforcement, illegally obtaining or disclosing PHI can result in a fine of up to $50,000 and one year in prison. Obtaining PHI under "false pretenses" can be punished with fines up to $100,000 and five years in prison. Obtaining or disclosing PHI with the intent to sell, transfer, or use the PHI for commercial gain, personal gain, or malicious harm can result in even stiffer penalties - up to $250,000 and ten years in prison.

Civil enforcement of HIPAA is handled by the Department of Health and Human Services' Office of Civil Rights ("OCR"), while criminal enforcement is overseen by the Department of Justice. The final Enforcement Rule was issued in February of 2006, and makes the HIPAA enforcement provisions applicable to all aspects of the Administrative Simplification Standards (not only the Privacy Rule). Importantly, the Enforcement Rule affirms that the OCR's enforcement philosophy is one of voluntary compliance.

That being said, and although enforcement measures have not been traditionally onerous, it seems that the tide is changing with regard to enforcement and the mindset of those investigating reported HIPAA violations.

Do Not be Fooled by the Myths

When discussing privacy and security issues with fellow health care providers, patients or friends, one of the first obstacles to overcome is their preconceived assumptions about what HIPAA does or does not permit. The following are a few of the many common myths regarding the Privacy Rule:

■ Myth - A hospital is prohibited from sharing information with the patient's family without the patient's express consent.
■ Fact - The Privacy Rule permits the disclosure to a patient's family members (not just immediate family) or close friends of medical information that is directly relevant to that person's involvement with the patient's care. If the patient is in the room when a provider is about to disclose such information and the patient does not object to such disclosure, the provider may freely disclose the information. On the other hand, if the patient is unable to provide consent (if, for example, the patient is unconscious or due to an emergency situation), the provider must determine whether such disclosure is in the best interest of the patient.

■ Myth -HIPAA does not permit providers to communicate with patients via email.
■ Fact - So long as the communication is made with reasonable and appropriate safeguards (such as encryption) to protect against any reasonably anticipated threats to the security of the information, email communication is permitted.

■ Myth - A patient's family member can no longer pick up prescriptions for the patient from a pharmacy.
■ Fact - This is simply not true. If a pharmacy does not allow this practice, the prohibition is one set forth in the pharmacy's policies and not one mandated by HIPAA.

In addition to addressing the many commonly circulated myths regarding the Privacy Rule, there are many provisions within the regulations to which health care providers and their attorneys should pay special attention.

The Privacy Rule specifically addresses the manner in which records should be released in response to a court order or subpoena. Additionally, there are provisions that address how Covered Entities should interact with a patient's personal representative. Although these provisions can appear somewhat intricate, a careful reading of the regulatory language, along with the published comments within the federal register, and diligent cross-referencing throughout the Privacy Rule will enable a thorough understanding of the concerns at issue.

Any questions or comments should be directed to: tgreen@greenassoc.com. Tracy Green is a principal at Green and Associates. They focus their practice on the representation of professionals, particularly health care professionals including individual physicians, corporate providers and group practices.
Their website is: http://www.greenassoc.com/

Two Recent Auto Insurance Fraud Cases For Reporting Vehicles As Stolen From Ventura County

There are two recent auto insurance fraud cases prosecuted by the Ventura County District Attorney's Office. Both cases involve falsely reporting a stolen vehicle and illustrate how one bad decision can snowball out of control and lead to criminal prosecution. As the economy worsens, these type of cases increase.

In addition, Ventura County is known for being hard on crime and the first case where there's been a sentencing involved jail time of 218 days where the loss amount was less than $3,000. The second case involves potential jail time. Thus, venue (where the case is being prosecuted) matters.

Auto Insurance Fraud - 1st Case of Falsely Reporting Stolen Vehicle

On August 19, 2009, Paul Lafflito of Simi Valley was sentenced after previously pleading guilty to felony evading a peace officer and felony auto insurance fraud. Mr. Lafflitio was placed on formal probation for three years and ordered to serve 218 days in the Ventura County jail. He was ordered to pay restitution of $1,278 to Alliance United Insurance Company and an additional $1,592 to the property owners where he crashed his truck.

The allegations in the case were as follows. On March 25, 2009, at 9:00 p.m., two Simi Valley Police Department officers were working undercover in an unmarked patrol vehicle. They were stopped for a red light at the intersection of Sycamore and Royal when they saw a silver Dodge Ram pick-up truck approach the intersection. The Dodge failed to stop for the red light. As the Dodge drove through the intersection, one of the officers shined his spotlight into the cab of the Dodge and got a good look at the driver, Mr. Lafflitio.

The officers tried to pull over the Dodge but the truck sped away. Mr. Lafflitio drove at times between 90 and 100 mph while fleeing from the officers. Because he was driving so fast and recklessly, the officers decided to terminate the pursuit. Minutes later, however, the officers discovered Lafflitio's truck crashed and abandoned on private property off Wood Ranch Parkway. The officers discovered Mr. Lafflitio was the registered owner of the truck and called him. Mr. Lafflitio answered his cell phone and told the officers that he was “night-clubbing” in Hollywood. He added the vehicle must have been stolen from where he last parked it in Simi Valley. He said he would come to the police department the following day to report it stolen.

Unbeknownst to Mr. Lafflitio, both officers got a good look at him driving as the pursuit began. Additionally, cell phone tracking evidence placed Mr. Lafflitio in Simi Valley at the time of the pursuit, not in Hollywood as he told the officers. When Mr. Lafflitio arrived at the Simi Valley Police Department the next day, he was identified and arrested. The officers subsequently learned that prior to arriving at the police department, Mr. Lafflitio called Alliance United Insurance Company and falsely reported his vehicle was stolen.

Auto Insurance Fraud - 2nd Case Of Falsely Reporting Stolen Vehicle

On July 29, 2009, Rodolfo Donjuan of Camarillo pleaded guilty to one count of felony auto insurance fraud. This case was investigated by the California Department of Insurance Fraud Division.

Mr. Donjuan contacted the Ventura County Sheriff's Department on July 18, 2008, and reported his 2000 Chevrolet Silverado had been stolen from a friend's house in Camarillo . The Silverado was subsequently located abandoned and wrecked a short distance away. Mr. Donjuan also filed a claim with his insurance carrier, Infinity Insurance.

During the next two months, Mr. Donjuan gave Infinity Insurance conflicting statements about the theft of his vehicle. His insurance claim was transferred to Infinity's Special Investigations Unit.

On September 24, 2008, Mr. Donjuan was deposed under oath by an Infinity Insurance attorney. During the deposition, Mr. Donjuan was confronted with his inconsistent statements and admitted that he had lied. Mr. Donjuan stated he had been drinking beer and was driving when he crashed his vehicle. Mr. Donjuan said he ran away from the scene because he was afraid.

Mr. Donjuan will be sentenced on August 25, 2009. The maximum penalty for this charge is five years in state prison and a fine of up to $50,000. His sentence will depend on a number of factors and could range from probation to state prison depending upon his prior record and whether he has paid restitution to the insurance company.

Any questions or comments should be directed to: tgreen@greenassoc.com or 213-233-2260. Tracy Green is a principal at Green and Associates in Los Angeles, California. Ms. Green focuses her practice on the representation of licensed professionals, individuals and businesses in civil, business, administrative and criminal proceedings. She has significant experience in defending individuals, licensed professionals and businesses in insurance fraud investigations. The firm website is: http://www.greenassoc.com/

New York Chiropractor Pleaded Guilty To Defrauding Private Insurance Companies

On August 21, 2009, chiropractor Michael Horowitz, a chiropractor, pleaded guilty in Manhattan Federal court to a scheme to defraud insurance companies of more than $750,000 by billing for medical services that were not performed. The plea was to one count of conspiracy to commit health care and mail fraud (Count Three of the Indictment) before United States Magistrate Judge James C. Francis IV.

According to the Complaint, the Indictment to which Dr. Horowitz, D.C., pleaded guilty, and statements made in court: Dr. Horowitz, D.C., practiced chiropractics at "Horowitz Family Chiropractic" in downtown Manhattan. In February 2002, Christopher Green joined Dr. Horowitz and opened "Wall Street Chiropractic" on Wall Street in New York City.

From at least 2003 to December 2006, it was alleged that Horowitz and Green defrauded insurance companies including, Empire Blue Cross Blue Shield, AETNA, and CIGNA. Specifically, it was alleged that the two billed insurance companies for providing chiropractic treatments that were not in fact provided. We see many cases where Medicare and Medicaid (Medi-Cal) fraud is prosecuted, but medical fraud cases where private insurers are the alleged victims are also on the rise.

In his plea, Dr. Horowitz admitted to false billings totaling $773,099.18. Christopher Green had plead guilty in August 2007 to participating in the same health care fraud conspiracy. Thus, it appeared that Green had plead out early was cooperating against Horowitz. Sentencing is set for December 3, 2009 by United States District Judge Richard M. Berman.

Posted by Tracy Green. Any questions or comments should be directed to: tgreen@greenassoc.com or 213-233-2260. The firm website is: http://www.greenassoc.com/

DEA Serves Search Warrant On Beverly Hills Pharmacy In Jackson Case. What Should You Do If Your Business Or Home Is Served With A Search Warrant?

According to an article in the Los Angeles Times, on August 22, 2009, the Drug Enforcement Agency (DEA) served a search warrant on Mickey Fine Pharmacy in Beverly Hills relating to an investigation into Michael Jackson's death. During the search, the DEA agents seized prescription drug records and spent five hours sifting through records at for "evidence of improper dispensing of controlled substances."

Special Agent Jose Martinez was quoted in the L.A. Times as saying that Jackson was known to have prescriptions filled at the Roxbury Drive store, running up a $101,000 drug bill in 2005, which the pharmacy collected after filing a lawsuit. The DEA search, part of a multi-agency investigation into Jackson's June 25 death, suggested that detectives are looking beyond Jackson's personal physician and the role of the anesthetic propofol.

A copy of the Los Angeles Times article can be found at: http://www.latimes.com/news/local/la-me-jackson-pharmacy22-2009aug22,0,4035804.story

Attorney Commentary: If your business or home is the subject of a search warrant, and the police are at the door with a search warrant, what do you do?

1. Do not lose your cool. Act calm (even if you are very nervous and scared). Act professional and respectful with the police or investigators even if you are angry and they are not acting in a professional manner. However, do not speak or volunteer information (see #3 below). If you have a lawyer, call him or her. If there are confidential records (medical or legal), there are certain measures that need to be taken within 72 hours in California state cases.

2. Ask for a copy of the warrant and cards from investigators. A search warrant gives the police the legal authority to search the premises named in the warrant. Ask for a copy of the warrant. Obtain a card from the lead investigator or officer conducting the search. This can help your lawyer determine which agencies are involved in the investigation.

3. You have the right to remain silent. Use it. Do not engage in conversation with the investigators or officers executing the warrant since everything you say is evidence. There is no guarantee that your statements will be accurately reflected in any report. What you say will not help you. Politely decline to answer any questions.

4. Do not consent to a search.  Before you consent to any further searches or any other locations, seek advice of counsel.

5. If you don't have an experienced lawyer, hire one after the search. If a search warrant has been issued, a judge may have determined that there is probable cause to believe you or your business has committed a crime. Or you or your business may be a witness in the case. Regardless of your status as suspect or witness, there is an ongoing criminal investigation. You need to prepare in advance.

There are things that a competent attorney can do to improve your chances of not being charged or things that can later help you win any case that may be filed. The attorney can also evaluate the case early, engage in damage control and, if appropriate, make a presentation to the prosecuting agencies in order to avoid prosecution.

Any questions or comments should be directed to: tgreen@greenassoc.com or 213-233-2260.
Tracy Green is a principal at Green and Associates in Los Angeles, California. Ms. Green focuses her practice on the representation of licensed professionals, individuals and businesses in civil, business, administrative and criminal proceedings. She has significant experience in defending individuals, licensed professionals and businesses in search warrants and investigations.
The firm website is: http://www.greenassoc.com/

Washington Man Charged With Federal Crimes in San Jose, California For Unauthorized Access Of Private Email Account

A recent case regarding unauthorized access of a Yahoo email account shows how accessing someone's email account can be a federal crime. Think of someone you know in a troubled relationship who finds out their partner's password and authorizes their email without authorization. Even if not done for financial gain, it is a crime. In professional and personal relationships, email is a tempting means of accessing private information about someone.

On July 15, 2009, a federal grand jury in San Jose, California indicted Gregory Alexander, of Everett, Washington, for unauthorized access of the private email account of a member of a not-for-profit organization’s board of directors. Mr. Alexander was charged with computer fraud and aggravated identity theft. He is currently out of custody on a $100,000 personal recognizance bond. The case is being prosecuted in San Jose since that is where Yahoo is located.

According to the indictment, Mr. Alexander used a username and password belonging to Randall Hough, a member of the United States Chess Federation’s (UCSF) Board of Directors, to access Hough’s private email account on 34 separate occasions spanning from November 2007 to June 2008. Mr. Alexander was the webmaster for a chess site known as chessdiscussion.com. Additionally, the indictment notes that Mr. Alexander obtained information from Hough’s account on an unspecified number of those occasions.

The maximum statutory penalty for each count of computer fraud in violation of 18 U.S.C. § 1030(a)(2) is 10 years and a fine of $250,000. The maximum statutory penalty for the count of aggravated identity theft in violation of 18 U.S.C. § 1028A(a)(1) is two years. However, any sentence following conviction would be imposed by the court after consideration of the U.S. Sentencing Guidelines and the federal statute governing the imposition of a sentence, 18 U.S.C. § 3553. Please note, an indictment contains only allegations against an individual and, as with all defendants, Mr. Alexander must be presumed innocent unless and until proven guilty.

For a copy of the indictment, go to:
http://www.usdoj.gov/usao/can/press/press_documents/AlexanderIndictment.pdf

Posted by Tracy Green. Any questions or comments should be directed to: tgreen@greenassoc.com or 213-233-2260. The firm website is: http://www.greenassoc.com/