Kaiser Permanente Disbands Security Team Over Database Scandal

Kaiser Permanente has disbanded an eight-member security team operating from Oakland to Los Angeles, following allegations that its leader accessed information from a confidential law enforcement database. Internal police records and whistleblower accounts reveal the depth of the scandal, which has led to the termination of multiple security personnel, including a former assistant chief of the Oakland Police Department.

The investigation was triggered by a whistleblower, Rhonda Injejikian, who reported concerns in fall 2024 regarding Khyber Mangal, the head of Kaiser’s security team. According to a report from the Oakland Police Department (OPD), Mangal allegedly presented information that could only have been sourced from the California Law Enforcement Telecom System (CLETS), a database restricted to law enforcement use. The whistleblower expressed concern that this misuse had likely been ongoing, as detailed in the OPD report.

The Alameda County District Attorney’s Office, led by Assistant District Attorney Casey Bates, declined to file criminal charges against Mangal, citing insufficient evidence to support a criminal case. Bates stated, “The absence of charges is not surprising, as such cases can be challenging for prosecutors.”

Under California law, unauthorized use of the CLETS database is prohibited. The investigation focused on whether Mangal had improperly accessed sensitive information for a private security operation. This led to the termination of Craig Chew, Kaiser’s national director of corporate security, who previously served as chief of inspectors for the Alameda County District Attorney’s Office.

The fallout from the allegations has resulted in a significant shakeup within Kaiser’s security division, with at least eight employees let go. In addition to Chew, other notable departures include former Oakland Police Department officers Omega Crum, Trevelyon “Tony” Jones, Nancy Cerecedes, and Jason S. Sena, who were part of the Northern California security unit. While no records indicate that Jones, Cerecedes, or Sena misused the CLETS database, their involvement in the unit raised concerns.

Kaiser also terminated three employees from its Southern California security team, including George Mueller Jr., the senior manager of security and investigations. Attorneys representing the dismissed personnel have indicated plans to file a defamation lawsuit against Kaiser, claiming that statements made during their terminations were unjustified.

Injejikian, the whistleblower, has refrained from further comment, but her actions prompted a criminal inquiry initiated by the OPD on November 17, 2024. This was triggered by concerns that physicians were relying on illegally obtained information for restraining orders against individuals whom they believed posed a threat.

The OPD investigation revealed that Mangal ran CLETS searches on at least nine individuals, some of whom had been the focus of Kaiser’s security operations. In one case, a patient allegedly threatened pharmacy staff, while another individual made violent statements regarding Kaiser’s Psychiatry Department.

An internal affairs investigation into Mangal is ongoing, with him currently on non-administrative leave. His attorney, Michael Rains, has opted not to comment due to the active nature of the investigation.

In a statement, Kaiser Permanente emphasized its commitment to security and compliance with laws and regulations. The organization stated, “We take matters of security and inappropriate behavior among our staff seriously and will investigate any claims of wrongdoing.”

The implications of this scandal extend beyond Kaiser, raising significant questions about the integrity of the CLETS database. Dave Maass, director of investigations at the Electronic Frontier Foundation, highlighted the importance of maintaining strict adherence to access protocols. He noted, “Once you start ignoring the rules, everything begins to fall apart.”

As the investigation develops, the case illustrates the complex relationship between healthcare security and law enforcement protocols, emphasizing the need for vigilance in safeguarding confidential data. The repercussions for those involved, as well as the policies governing security operations, will likely continue to unfold in the coming months.