[spag1024]

Agreed. The organization would likely get fined for a breach, not the engineer. I work a senior IT role in Healthcare and I've seen what breaches look like. I've never even heard of someone going to prison, let alone for what this story tells.

[JamesBarney]

Yeah to go to prison you have to really screw up, in a way that is malicious and willful. Though the CEO driving over to his MLM buddy with a thumbdrive of PHI might do it.