By Mark Gutglueck
An unknown number of patients who underwent surgery at San Antonio Community Hospital may have been or could yet be the victims of identity theft perpetrated by a surgical technician formerly employed there, the Sentinel has learned.
The perpetrator, who has used a number of aliases, has been identified by the Sentinel as James Sannon. Sannon’s mode of operation involved crimes carried out in three distinct stages: a bold and audacious, indeed, risky effort to capture the personnel information of his victims, followed by employing that information to make charges against the victims’ credit cards or to apply for and obtain newly issued charge cards in their names, and ultimately decamping or otherwise hiding in plain sight.
Part cat burglar, part conman, part fraudster, Sannon remains a man of some mystery. He claimed to be from Paris and that his mother was wealthy. He burnished that story by driving a top-of-the-line late model white BMW and by socializing, involving seeming aplomb and social skill, with some of the doctors at San Antonio Community Hospital as if he was their professional equal. Nevertheless, when those who spoke French encountered him, it was learned that he could not speak French. In actuality, it appears, he was a Kenyan. And while he served in the trenches with the doctors at San Antonio Community Hospital in its operating rooms as a surgical technician, he was not a doctor.
His crimes exhibited a certain flair and daring, together with a sophisticated understanding of the confidentiality and secrecy under which both hospitals and banks operate and those institutions’ aversion to negative publicity. Sannon was able to manipulate the manner in which this confidential information is closely guarded to benefit himself. Still the same, the boldness of his action was akin to and on occasion crossed the line straight over into the province of recklessness, and indeed virtual foolishness.
With regard to one aspect of Sannon’s modus operandi, at this point there is absolute clarity. He was among some two dozen surgical technicians employed at San Antonio Community Hospital, having been hired there in February 2016. As one of the non-physician medical team members, Sannon was assigned a locker in the men’s locker room. Oftentimes one operation would follow another and the surgical technicians and other support personnel would be engaged for hours at a time, returning only to the locker room before breaking for meals or at the end of their shifts. Sannon, who like all of his colleagues was in a position to know what any particular day’s schedule was and who was scrubbed in and tied up in the surgical suites at any given time, would make his way back to the locker room. Knowing precisely which locker was whose, he would defeat the locks using a blade or penknife and access the contents. He would rifle through the contents of his colleagues’ wallets. While on occasion he stole cash, he only rarely or never stole credit cards or identification, such as a driver’s license or a social security card. Rather, he would use his cell phone camera to photograph those materials, front and back.
Armed with the credit card numbers, expiration dates and security codes, he would then make purchases over the phone. In other cases, he used the personal information he had accumulated to apply for and obtain credit cards in the names of his victims. With those issued credit cards in his possession, he would use them in making purchases directly at brick and mortar retailers or restaurants.
The first discovery of the thefts that the Sentinel was able to verify came on March 5, 2016 when one of the victims, checking his on-line bank statement, came across notation that his USAA card had been used to book a room in a hotel in La Quinta, through expedia.com for $645.76.
On one occasion, another hospital employee came into the locker room while Sannon was engaged in pillaging one of his colleague’s lockers. Sannon was able to coolly maintain his composure and make it appear that the locker was his own.
By June 2016, it was apparent that there had been a rash of thefts and that charges were being made against the credit cards of several of the medical professionals, all of them men, working at San Antonio Community Hospital.
“He had access to our wallets and personal information from the locker room we shared,” one of those hospital employees told the Sentinel. “The locks on our lockers were able to be easily popped open with a pair of scissors. When security came to the locker room to interview my fellow employees about the thefts, they said to us that they had told the head of the surgical department to pull the lockers and replace them with ones that would be able to be securely locked. They said that they never got a reply from the head of our department after that request.”
While much in the way that Sannon operated indicated his understanding of the weaknesses and blind spots in the system and law enforcement’s lack of priority on identity theft cases and a commensurate reluctance or delay in follow-up with regard to evidence relating to such matters, he nevertheless proved careless in carrying out at least some his thefts, providing information that allowed investigators, once they locked onto the matter, to trace his involvement. In this regard, he perhaps presumed that his activity would not provoke a serious investigation. Alternatively, he may have thought that the address he was using to receive the cards issued in the names of his colleagues – where he actually resided for a time – would prove problematic for investigators, since the physical address was a condominium complex where dozens of others lived. Or, he may have allowed the address and his name to have been compromised because he intended, shortly after collecting up all of the credit cards issued in the names of his colleagues which had been sent to that complex, to leave that address and his identity as James Sannon behind as he moved elsewhere under another assumed name.
The employee who first discovered that someone had used his credit card on March 5, 2016 said he was victimized at least five times by Sannon. Following the discovery of the use of his credit card to secure the hotel room in La Quinta, the employee said he reported what had occurred to the Rancho Cucamonga sheriff’s station, as he was a resident of Rancho Cucamonga.
On July 13, 2016, while looking at an online bank statement, he discovered a payment for a Southern California Edison Bill for $76.75 together with a finance fee of $1.65 to JP Morgan to make the transaction. Knowing his household did not use credit cards to make utility payments, he had his wife call the bank to make a further inquiry.
On July 16, 2016, a restaurant in Los Angeles called Pa Ord Noodles sought to make a charge against a credit card in his name for $44.53 twice. When the charge was declined the second time, the proprietor of the restaurant confiscated the card.
On July 29, 2016, the victim was contacted by the American Express fraud department and asked to verify if he had ordered a card in his name.
Shortly thereafter, he retrieved a phone message from Bank of America’s fraud department in which he was asked to verify if a card had been ordered in his name. On Monday August 1, 2016, Bank of America told him that an American Express card was also on the bank’s fraud report and informed him that the address where the credit cards where to be mailed to was in Chino, at 16250 Homecoming Drive. At that moment, it all came clear to the victim.
“We were friends at work, or at least I thought we were,” he said of Sannon. “We saw each other nearly every day. I Googled the address and saw that this was the same apartment complex where James Sannon had said he lived. I got the phone number and called to inquire about apartment availability and spoke to the manager, named Dominique. She said that everybody knew James. The next day, Tuesday August 2, 2016, I took off work to go to the sheriff’s station to report the findings. I met with investigative specialist Ruben Bautista, who interviewed me at length. We discovered that James Sannon was a convicted criminal and that he had many money fraud convictions. James Sannon’s criminal record starts in 2012, at about the time he came to the United States. One conviction was for unlawful entry into the U.S. There was a breaking and entering conviction and a burglary arrest from 2013. There was a possession of stolen property.”
The victim continued, “The next day, Wednesday, I went into work and had been moved to the night shift, 3 to 11 p.m., after calling off the day before to file my report. The night was uneventful, even though I was having a great deal of anxiety over the incidents that had occurred that week. I knew that James Sannon was still on the San Antonio Hospital premises and that made me very uneasy, knowing that over the past several months the men’s locker room had had several thefts of cash and wallets.”
The victim said that he was contacted on Thursday August 4, 2016 by sergeant James Haynes with the sheriff’s office, who told him there was no timeline developed as to when Sannon would be brought in for questioning or an arrest, but that the department was getting the case file together to hand it over to the Chino Police Department, which had jurisdiction over where Sannon lived. When the victim told Haynes that he was worried, in light of what he had come to know, about Sannon being allowed to continue to have access to the hospital premises, Haynes told him that if there was someone at the hospital that he trusted, he could confide in that individual. Accordingly, the victim called the San Antonio Hospital security department, and was told to expect a call back from security head Glen Wikenson or human resources director Sandra Wier, but was told not to go to work that day, even though he was scheduled to do so. The following day, Friday August 5, 2016, he was called by Wier, who said she had spoken with Haynes. She told the victim that Sannon had been “removed” from the hospital on a “paperwork discretion” that was unrelated to the victim or the incidents in the locker room. Wier also told the victim that it was her “opinion” that James had no prior convictions for any crimes at the time of his hiring at the hospital in February 2016.
When the victim came to work for the August 7, 2016 night shift, he was pulled aside by the night shift manager and told that he was being was given a “gag order” regarding what had happened and that she was aware of what James Sannon had been discovered doing. The victim agreed to keep quiet.
“That night all I heard all night in all of my cases and break rooms was how James Sannon had been caught ripping people off and had been fired,” he said. “The rumor was that James was caught using other people’s credit cards. Employees named Robert and Sergio had charges on their credit cards that led back to James. Other employees said that James was with them the day that they had placed cash in their lockers. One was hit for $250 and another for $300.”
Despite the consideration that San Antonio Community Hospital is in Upland, the Upland Police Department was not brought in on the matter. According to employees, hospital officials did not want to sustain any negative publicity or acknowledge that Sannon had been hired without adequate background screening. The hospital has been maintaining the fiction that at the time of his hiring, Sannon had no criminal record.
Because of that decision by the hospital’s higher-ups, the distinct possibility that others may have been victimized or may still be victimized has gone unaddressed.
According to hospital employees who were unwilling to be identified by name, Sannon had the opportunity to perpetrate the same crimes against patients at the hospital who were present in the surgical unit as he had carried out against his colleagues. The wallets and purses of surgical patients who were under the knife or in recovery could have been accessed by anyone working in the surgical suite, including Sannon, they said.
“There are 11 surgical suites in the hospital and in every patient room there are live computers with access to patient records, including social security numbers,” said one employee. “James was what we call a floater. He had a 100 percent opportunity to do something like that [i.e., steal patient information]. The scripts of surgeries for every day are printed out in multiple copies and handed out all over for everyone to look at, anywhere from five to 20 to 30 cases. The patient’s clothes, including a wallet or purse are stored under the surgical bed, along with their dentures or glasses, or what have you. Before surgery the bed is in the hallway, so the belongings always stay with the patients or in their rooms. If the patient doesn’t have a family member with them when they get rolled back to recovery, all of those belongings are there, under the bed, with them. In many of the surgeries, most in fact, the patient has been sedated.”
Cathy Rebman, San Antonio Hospital’s assistant vice president for business development and community outreach, told the Sentinel, “Anything having to do with our patients and employees is subject to confidentiality, so I cannot share with you anything relating to a specific case.” She continued, “Those we hire or those with outside agencies we contract with must undergo extensive background checks. That occurs in all of our hiring and contracting with individuals. If something comes up later, we act immediately and take action as appropriate.”
While stopping short of acknowledging that there was any problem whatsoever with Sannon’s performance or confirming that he was employed by San Antonio Hospital, Rebman said, “I am confident that if a concern was raised, we would have acted on it.”
As to the hospital’s failure to report Sannon’s action to the Upland Police Department, Rebman said, “I don’t have knowledge of that.” Generically speaking, she said, “If a concern is raised, all of the proper steps are taken to investigate, and we take action where appropriate with regard to disciplinary action or termination. We have an obligation to do that, and we certainly take the action we need to take.”
Asked if patients who had undergone surgery at San Antonio Hospital during the February to August 2016 timeframe when Sannon was employed there had been apprised about his actions so they might act to protect themselves and their identities in the event that Sannon had gotten a hold of their personal information, Rebman said, “I don’t believe I am at liberty to share that information. When a situation involves violation of the law, we involve law enforcement and in some circumstances connect the victims to the police.“
Rebman said it was not likely that Sannon or any of the surgical technicians could have accessed patients’ wallets, purses or personal information.
“They would not have access to the patients’ personal effects,” Rebman said. “Those things aren’t in a surgical tech’s work environment. Surgical techs are supervised, as per hospital protocol. Surgical technicians, because of the nature or their work environment, normally do not have access to a patient’s valuables.”
Rebman said the current scrutiny of the fallout pertaining to Sannon was pushing San Antonio Hospital toward a reexamination of all the matter’s implications.
“In this case we are unaware of any HIPAA (Health Insurance Portability and Accountability Act) patient privacy violations, and until you brought this to our attention had not considered that possibility,” Rebman said. “With this information we will investigate to see whether there was a violation. If through the investigation we determine there was access to patient information, it will be reported in accordance with federal and state law.”
Prior to Sannon’s working at San Antonio Community Hospital, Sannon was employed as a surgical technician at Pomona Valley Hospital Medical Center, where he is believed to have engaged in crimes similar to those he perpetrated in Upland.
Ruben Bautista with the San Bernardino County Sheriff’s Department referred all questions concerning Sannon to the department’s public affairs division.
Chino Police Detective Michael Johnson, who was handling one of the cases relating to Sannon, told the Sentinel, “Unfortunately, I can’t comment on any ongoing investigations.”
At this point, Sannon’s whereabouts are unknown. The Sentinel was unable to locate anyone in custody within California under his name. Nor is it clear whether he is yet using the name Sannon. He has a practice of utilizing aliases, Shannon among them.