Rico Prunty, 41 years old, of Sierra Vista, Arizona, was sentenced by United States District Court Senior Judge James T. Moody after pleading guilty to aggravated identity theft and a criminal violation of the Health Insurance Portability and Accountability Act (HIPAA), announced United States Attorney Clifford D. Johnson. Prunty was sentenced to 54 months in prison followed by 2 years of supervised release and was ordered to pay $132,521.98 in restitution to the victims of the offense. According to documents in the case, between July 2014 and May 2017, Prunty, an employee at an Arizona medical facility, unlawfully accessed medical intake forms containing patients’ individually identifiable health information (e.g., names, dates of birth, addresses, employer information, social security numbers, diagnoses, and medical information) and provided that information to his co-conspirators in northwest Indiana. His co-conspirators used the information to open new credit card accounts and access existing credit card accounts without the knowledge, permission, or authority of these patients. Over the course of the scheme, Prunty illegally accessed the individually identifiable health information of almost 500 patients, resulting in a total loss of $132,521.98. Co-conspirators Vincent Prunty, Temika Coleman, and Gemico Childress were previously sentenced for their roles in the scheme to terms of imprisonment of 154 months, 121 months, and 134 months respectively.