This archived news story is available only for your personal, non-commercial use. Information in the story may be outdated or superseded by additional information. Reading or replaying the story in its archived form does not constitute a republication of the story.
KSL team coverageA tip led authorities to stolen medical billing records and to the arrest of the men behind it. That's reassuring news for the million and a half patients affected by the theft, but is their personal information safe?
Authorities are confident the suspects did not access confidential information, even though they knew early on, from media coverage, what was in those stolen tapes. A $1,000 reward was just too much for one of their friends to keep quiet about it.
Sheriff Jim Winder said, "The criminal element in this case is a circle, and within that circle, fortunately, there was someone willing to contact us."
A phone call Monday night led authorities to the missing records and to the suspects. Sheriff's deputies arrested 37-year-old Shadd Hartman on one count of possession of stolen property and one count of unlawful possession of another's ID.
Fifty-two-year-old Thomas Howard Anderson was arrested on one count of theft by receiving and one count of identity fraud. A third suspect is in jail on unrelated charges.
"These were individuals with substantial criminal histories that found an opportunity and did take these tapes," Winder said.
Investigators say last month one of the suspects randomly broke into the SUV with the records inside. The vehicle belongs to a courier for an offsite storage company. That courier broke policy by taking the records to his Kearns home.
The records contained information for 1.5 million University of Utah Hospitals and Clinics patients, including Jenni Todd. She said, "I'm glad they found it. I'm glad that they found the records and arrested some people."
But Todd says, she's still a little concerned. "It almost scares me more because if there's a ring of people, maybe they were really trying to steal our identities," she said.
But authorities don't believe any patient information was compromised. They say the suspects didn't have the means or the knowledge to access them. "They definitely are not techies. There's no question about that. I don't know if they could find their rear ends with both hands," Winder said.
But the U isn't taking any chances. IT plans to work with the FBI to determine if any patients' records are at risk. The U is still offering free credit monitoring for a year.
Jenni Todd plans to take advantage of it. She said, "Just to make sure, and it's also just good to have credit monitoring anyway."
The U has spent $2 million to notify affected patients and offer services. University Health Care says until the FBI verifies through forensic testing that the personal information was not accessed, the hospital will keep current safety measures in place.
"We take our patient confidentiality information very seriously, and so that's currently in place. And we'll continue to work with law enforcement officials to determine whether there's any risk of that information having been accessed," said David Entwistle, CEO of University Hospitals and Clinics.
University Health Care has also released a statement on the recovery of the records. To read that statement, click the related link to the right of the story.
Two class-action lawsuits have been filed in this case.