Deny.

Defend.

Depose. And Then They Tried to Bury Us Both.

By Samara Dorn - Grand Junction, Colorado AdministrativeErasure.org –Founder — A Bureaucratic Hit Job Exposed July 19th, 2025

View or Download the Original PDF Here

A manifesto, a murder, and a metadata smear: What Luigi Mangione and a transgender Medicaid patient have in common will stop you cold. They called it a manifesto.

Luigi Mangione etched three words into the brass casings of the bullets he used to allegedly assassinate UnitedHealthcare CEO Brian Thompson: Deny. Depose. Delay.

Days later, when he was arrested, police recovered his handwritten statement, allegedly…He described the killing as a political act—targeted, deliberate, and directed at an industry he saw as profiting from patient suffering. The public was stunned. Executives shook.

And I sat there—watching it unfold—just trying to refill a prescription that had been denied since November.

Two Cases. One System. One Doctrine.

Mangione is currently facing the death penalty.

I am fighting to be seen as human in a civil court.

He’s accused of murder.

I was flagged as a potential national security threat—for asking to refill my estrogen.

The difference between us is strategy.

But the machine that came for us? It’s the same.

What Happened to Luigi Mangione?

According to prosecutors, Luigi Mangione walked into a UnitedHealthcare investor event and shot CEO Brian Thompson at point blank range. Days later, when police apprehended him, they found a manifesto in his pocket. It was cold, analytical—and scathing.

He rejected the idea of mass violence. He chose one man. One symbol. One industry.

He wrote that Thompson “had it coming.”

He engraved the words Deny, Depose, Delay on shell casings.

He cited Michael Moore and systemic healthcare corruption.

And then—Aetna, a UnitedHealth subsidiary, leaked Mangione’s medical records to the prosecution, violating federal privacy protections in the middle of a death penalty case.

His body was on trial. So was his mind. His records. His privacy.

And UnitedHealth’s machine helped put them there.

What Happened to Me?

I’m not on trial for anything.

What I did do was ask for hormone medication after surgery. What UnitedHealthcare did in response was: Deny coverage Defend appeals Retaliate when I pushed back And Now? Deposing— In Court

Just as I predicted on December 10th, 2024.

Thirty-five days after I last contacted a provider, they transmitted my PHI to federal law enforcement. Not because of an emergency. Not under subpoena. Not as part of any protected disclosure.

They escalated me to the Department of Homeland Security—FRAMING me as a national security concern, without legal process or clinical evidence.

And when that failed?

They took a second bite at the apple—forwarding my information to the Grand Junction Police Department.

This wasn’t about care. This was reputational damage control—by proxy.

The Parallel Is Not Coincidence—It’s Code

What Happened to Mangione vs. What Happened to Me

Both stories orbit the same corporate empire. Both were shaped by the same doctrine. But one ended in a courtroom—and the other nearly ended in silence.

Insurer Involved: Luigi Mangione’s case involved Aetna, a subsidiary of UnitedHealth Group. My case involves UnitedHealthcare of Colorado, also a subsidiary of UnitedHealth Group.

Nature of the Disclosure: In Mangione’s situation, his medical records were leaked to prosecutors during a death penalty case—an extraordinary breach of privacy. In mine, my protected health information (PHI) was disclosed to the Department of Homeland Security, and then rerouted to the Grand Junction Police Department—without a warrant, subpoena, or lawful exception.

Framing Phrase: Mangione engraved the words “Deny. Depose. Delay.” on the shell casings he used in the shooting. My lawsuit is built around the corporate phrase “Deny. Defend. Depose.”—the exact sequence UnitedHealthcare used against me.

Mechanism of Escalation: In his case, the escalation came through reputation destruction in a capital trial—weaponizing his health history to secure a death sentence. In mine, the escalation happened through metadata profiling and a false national security referral—a digital smear with real-world consequences.

End Result: Mangione is now facing the death penalty. I’ve been subjected to surveillance, emotional trauma, and administrative erasure—with no criminal charges, just retaliation masked as care.

This isn’t isolated. It’s industrial. Clarifying the Timeline

When Mangione’s bullet casings hit the news—etched with the words “Deny. Depose. Delay”—I was just trying to refill my medication.

It was already national news.

The public already knew what those words meant. So did UnitedHealthcare.

And still—they did it anyway.

They denied my medication. They delayed my care. They defended the denials. And when I fought back, they escalated me—first to the Department of Homeland Security.

And when that didn’t work, they rerouted my metadata and narrative to the Grand Junction Police Department.

So no—I didn’t invent the pattern. I didn’t even name it first. But I lived it.

And now I’m suing the doctrine that made both of us disposable.

This System Doesn’t Just Deny Care—It Eliminates People

It doesn’t always pull a trigger. Sometimes, it redacts you from personhood. Sometimes, it flags you in a spreadsheet. Sometimes, it calls the police when it can’t shut you up. Sometimes, it says “safety” and means “we’re done with you.”

Luigi Mangione’s name will live in court dockets for years. Mine will live in public records, metadata trails, and (hopefully) civil case law.

But both of us? We were treated like threats. One of us responded with firepower. The other responded with filings.

Why I’m Posting This Now

Because I referenced Mangione in my complaint before this story even broke nationally.

Because we are already part of the same case study, even if the courts don’t say so.

Because I know what it feels like to have your humanity algorithmically deleted.

And because if UnitedHealth is willing to bury one of us in court and the other in a body bag… …they’re not going to stop with us.

If You're Reading This Inside the Machine

If you're reading this from behind a corporate firewall—hi. Maybe you’re a paralegal. Maybe you’re in PR. Maybe you're a senior exec still pretending none of this is systemic. Maybe you’re just trying to figure out if I’m dangerous enough to escalate again.

Let me save you the internal memo:

          I am.

Dangerous to your doctrine, at least.

Look at what your system produced: A man on trial for murder after your own affiliate leaked his medical records to the prosecution. A trans woman escalated to the Department of Homeland Security for requesting a legally-covered medication.

A doctrine—Deny. Defend. Depose.—so baked into your policies that someone carved it into bullet casings, while another built a lawsuit around it.

You didn’t break us by accident. You broke us by design. You just didn’t expect we’d write it all down.

You’ve spent years gaslighting the public with taglines like “Optum Cares” and “United for Good,” while inside you’re running a patient offboarding algorithm with the ethics of a slot machine.

So go ahead. Screenshot this. Forward it to Legal. Flag it for “Executive Risk.”

I know how your email metadata works—I’ve seen your logs. You taught us your doctrine: Deny. Defend. Depose. And now it’s being archived—in court, in headlines, and in history.

We are not going away. We are not deleting posts. And we’re not asking for permission anymore.

🔗 Read More: Systemic Denial After Surgery – A Survivor’s Report of Sabotage by UnitedHealthcare
A firsthand exposé of retaliatory denials, metadata weaponization, and life-threatening care obstruction following gender-affirming surgery.

🔗 Read More: The 35-Day ‘Myth’ of Imminent Threat
Disproving the emergency claim UnitedHealthcare used to justify disclosing PHI to law enforcement—35 days after last contact.

🔗 Read More: The Civil Rights Lineage of My Complaint Against UnitedHealthcare
Tracing the legal, ethical, and historical roots of a transgender patient’s challenge to surveillance-enabled discrimination.

The 35-Day ‘Myth’ of Imminent Threat

Introduction This section establishes the legal and factual invalidity of Defendants’ claimed reliance on HIPAA’s “emergency exception” under 45 C.F.R. § 164.512(j). The Defendants disclosed Plaintiff’s protected health information (PHI) to law enforcement 35 days after final contact, without warrant, subpoena, or valid exception.

At no point did Defendants possess a legally cognizable belief that Plaintiff posed an imminent threat to herself or others. The timeline, content, and procedural posture of the disclosure confirm that it was neither protective nor reactive—but retaliatory. This was not emergency intervention. It was surveillance-enabled punishment for asserting healthcare rights.

I. HIPAA’s Emergency Disclosure Exception: Scope and Standard

Under 45 C.F.R. § 164.512(j)(1)(i), HIPAA permits disclosure of PHI without patient authorization when a covered entity, in good faith, believes the disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public.

To invoke this exception lawfully, four conditions must be met:

Temporal Proximity – Threat must be immediate or about to occur.

Probability – Threat must be more likely than not.

Specificity – A discernible act or target must be foreseeable.

Intervention Capability – Disclosure must be made to someone positioned to prevent the harm.

Failure to meet any of these elements voids the exception. Courts interpreting “imminent” across multiple jurisdictions consistently require that harm be impending and immediate, not merely speculative or delayed.

Doe v. Providence Hospital, 628 F.2d 1354 (D.C. Cir. 1980): “Imminent means the threatened harm is ‘about to occur’—not days or weeks in the future.”

Tarasoff v. Regents, 17 Cal. 3d 425 (1976): Confidentiality may be breached only when “the danger is imminent—i.e., present, serious, and foreseeable.”

People v. Sisneros, 55 P.3d 797 (Colo. 2002): Interprets “imminent danger” as requiring a true emergency, not generalized concern.

Medical literature further narrows this scope: Modern psychiatric and behavioral health literature sharply limits the scope of what can legally or ethically be called “imminent” risk.

According to the American Psychiatric Association’s Practice Guidelines for the Psychiatric Evaluation of Adults (2023), imminent risk is defined as the likelihood of violent or self-harming behavior occurring within the next 24 hours. This aligns with best practices in clinical decision-making, where interventions are triggered by present, acute risk—not long-term projections.

Similarly, in Evaluating Mental Health Professionals and Programs (Oxford University Press, 2022), Gold and Shuman emphasize that risk assessments extending beyond 24 to 48 hours fall into the category of “future risk” and no longer qualify as imminent. Their analysis underlines that disclosures justified under emergency exceptions must be grounded in real-time clinical danger, not speculative possibilities.

Further supporting this distinction, John Monahan’s article The Prediction and Management of Violence in Mental Health Services, published in Behavioral Sciences & the Law (2021), warns that predictive validity of violence risk models diminishes significantly after a 72-hour window. In other words, the further in time a potential risk is projected, the less reliable and legally actionable it becomes.

II. What Actually Occurred: 35 Days of Non-Emergency Silence

December 10, 2024: Final call between Plaintiff and UHC grievance staff. No threats, no escalation, no behavioral health referral.

December 11 – January 13, 2025: No contact initiated by either party. No internal welfare check, no mental health follow-up, no 911 call.

January 14–15, 2025: A UnitedHealthcare employee contacts police and discloses PHI on the 15th

Internal staff acknowledged post-facto: “We probably weren’t allowed to send that...but it’s done.” (Paraphrased.) See Exhibit N, Page 2,

Elapsed time: 35 full days.

PHI Disclosed Includes: Audio recordings of patient calls Medication and psychiatric history Behavioral risk scores Gender-affirming surgical data

No clinical provider authorized or reviewed the disclosure.

The employee admitted, “I’m not supposed to do this…”, suggesting knowledge of impropriety.

III. Legal Analysis: Why the Exception Fails

A. No Imminence Thirty-five days of complete silence—no contact, no incident, no outreach—makes any claim of “imminent” threat categorically invalid. No court has accepted such a delay as compatible with emergency doctrine.

B. No Concrete Threat Plaintiff made no threats to self or others. Emotional tone and political frustration were mischaracterized as danger. Call recordings confirm expressive speech—not crisis or violence.

C. No Clinical Justification No psychiatrist or behavioral health professional authorized the disclosure. HIPAA requires that safety-based disclosures rest on professional judgment, not clerical speculation. Defendants failed this duty.

D. No Valid Recipient The Grand Junction Police Department took no responsive action. No officers were dispatched, and the case was closed without follow-up—indicating no actionable concern even from law enforcement.

E. No Good Faith Defendants cannot rely on good faith when: The disclosing employee expressed doubt and internal conflict (“I’m not supposed to do this”).

The disclosure occurred five weeks after any alleged concern. There was no contemporaneous internal effort to intervene or monitor.

The disclosed materials included extensive non-essential PHI—more aligned with reputational damage than protective urgency.

Good faith must be objectively reasonable. Here, it was absent.

IV. Retaliatory Pattern and Timing Plaintiff had recently: Filed internal grievances over hormone therapy denial Invoked federal and Colorado anti-discrimination protections.

Warned of regulatory complaints

After her final December call, she went silent—choosing legal strategy over continued confrontation. Defendants responded not with resolution, but with silence, followed by a targeted, over inclusive disclosure.

This pattern—escalation, silence, metadata flagging, retaliatory disclosure—constitutes a clear abuse of HIPAA’s safety exception as a tool of institutional control, not care.

V. Colorado Law Reinforcements Colorado statutes mirror HIPAA’s requirements and impose even stricter standards:

C.R.S. § 10-16-104.3(3)(b) – Prohibits disclosure of mental health info absent “serious threat” and necessity to prevent harm.

C.R.S. § 12-245-220 – Requires licensed clinician involvement in emergency disclosures. Scharrel v. Wal-Mart, 949 P.2d 89 (Colo. App. 1997) – Rejects generalized concern as basis for breach. Defendants complied with none of these.

Conclusion This was not emergency care. It was delayed, unjustified retaliation under color of safety. A 35-day delay obliterates any credible invocation of the “imminent threat” doctrine. The PHI disclosure was motivated not by concern—but by complaint fatigue, administrative vengeance, and reputational framing.

To preserve the integrity of HIPAA and state medical privacy law, such misuse must be recognized not only as a violation—but as a weaponization of patient trust.

This section is incorporated as a factual and legal basis for all privacy, negligence, and emotional distress counts within the Plaintiffs Complaint and Demand for Jury Trial.

A PDF copy of The 35-Day ‘Myth’ of Imminent Threat is available HERE

❓ Frequently Asked Questions (FAQ) This isn’t just about one incident. This is a blueprint. This page explains how a transgender patient trying to refill a state-covered, time-sensitive medication was reclassified as a potential threat—flagged by algorithms, profiled by policy, and handed to law enforcement. It also reveals how the same infrastructure could be used against anyone whose identity, condition, or voice is deemed inconvenient.

🧠 What is "Administrative Erasure"? Administrative Erasure is the systemic dismantling of someone’s legal or social identity through backend infrastructure—not with force, but with process. It happens when data replaces context. When metadata replaces humanity. When compliance becomes a weapon.

It doesn’t rely on overt criminality. It doesn’t need a judge or a diagnosis. It just needs a system trained to escalate rather than understand.

In Samara Dorn’s case:

A Tier 2, legally protected hormone — estradiol valerate — was denied despite medical necessity.

Her voice, raised in desperation, was flagged as threatening.

Her gender and psychiatric history were quietly shared with police.

Her First Amendment speech was reframed as instability.

All without a subpoena. Without a warrant. Without her knowledge. This wasn’t a glitch. It was policy.

This isn’t healthcare. It’s institutionalized profiling—with trans lives in the crosshairs.

⚖️ Did Samara Dorn make violent threats? No. And the police confirmed this. Samara spoke out—forcefully, lawfully, and politically—against being denied a medication she needed to survive. She used charged rhetoric, but never crossed into illegality.

According to the Grand Junction Police Department:

No charges were filed.

No threat was substantiated.

The case was closed voluntarily within 72 hours.

“Samara denied needing any support... and stated that [S]he ‘doesn't have any trust with LE’ and would not want to speak with us further without an attorney.” (Exhibit O – GJPD Narrative Log)

This was over before it began. But UnitedHealthcare kept going anyway.

📤 What did UnitedHealthcare send to law enforcement? Without legal process, consent, or clinical justification, UnitedHealthcare transmitted:

🔊 Five full call recordings, capturing Samara’s voice, emotion, and speech pattern

🗂️ A narrative cover letter, framing her as a reputational and potential public safety risk

🔐 Her full legal name, surgery history, gender marker, and psychiatric medications

⏱️ Metadata logs and escalation notes, flagging her as “distressed” or “uncooperative”

They sent this package not to a patient advocate or case review board—but directly to the Grand Junction Police Department.

“We probably weren’t allowed to send that... but it’s done.” (UHC internal admission)

They also confirmed they hadn’t listened to all the calls before sending them.

That’s not care. That’s data laundering in the service of institutional retaliation.

🧬 Why was she calling UnitedHealthcare? To refill a hormone prescription: estradiol valerate, prescribed post-surgery and covered under Colorado’s Medicaid Gender-Affirming Care Guidelines.

The facts:

✅ Prescribed on November 25, 2024 by Dr. Joshua Pearson

✅ Classified as a Tier 2 drug — pre-approved by Medicaid

✅ Subject to a 28-day discard rule under FDA/USP guidelines

UHC denied it, falsely citing dosage issues—even though dosage was irrelevant to the 28-day sterility window.

Samara’s care team made multiple override attempts. Samara herself made repeated calls. Instead of correcting the denial, UHC escalated her.

And then escalated again.

🔍 Was there a DHS referral? Yes. Before contacting local police, UnitedHealthcare referred Samara to the Department of Homeland Security.

“She previously reported the following to the Department of Homeland Security and Detective Janda...” (Exhibit N – Page 2, Officer Daly)

No crime. No emergency. No medical crisis.

But her voice and identity were federalized without warning. The referral was never disclosed to her. She discovered it later through record requests.

This wasn’t a wellness check. It was a federal surveillance event triggered by trans advocacy.

🧠 Was this about mental health? Only in how it was exploited. Samara did not place her mental health at issue. Her psychotherapist-patient privilege is preserved. No clinician will testify. No diagnosis is relied upon.

Yet UHC:

Disclosed her psychiatric medication list

Included diagnostic codes with gender-related metadata

Let law enforcement interpret that as a threat signal

They didn’t escalate because she was unstable. They escalated because she was inconvenient.

A Protective Order was filed to stop this exact abuse from recurring in discovery.

💥 Why does this matter beyond Samara? Because the infrastructure is still running.

Because what happened to her could happen to:

Trans people

Disabled people

Poor people

Neurodivergent people

Medicaid recipients

Survivors

Dissenters

If your voice challenges a system trained to deny, you can be profiled.

The algorithm doesn’t ask what you meant. The database doesn’t care if you were right. The handoff doesn’t need a crime—just a trigger.

This case isn’t an outlier. It’s a warning.

⚖️ Is this FAQ part of a settlement negotiation? No. Nothing in this FAQ—or anywhere on this website—is part of any confidential settlement offer or protected negotiation under Rule 408 or Rule 403. This page is built from:

Publicly filed exhibits

Lawfully acquired police and agency records

Firsthand facts and documented metadata

Constitutionally protected survivor speech

It contains no settlement terms, demands, or offers. It may not be cited as such in court.

📜 Legal Notice – Evidentiary Rules Compliance This FAQ is a public legal education tool. It is not admissible under:

Federal Rule of Evidence 408¹

Federal Rule of Evidence 403²

Colorado Rule of Evidence 408³

Colorado Rule of Evidence 403⁴

It is protected by the First Amendment and may not be used to prove or disprove liability or damages.

Footnotes: Federal Rule of Evidence 408 — Compromise Offers and Negotiations

Federal Rule of Evidence 403 — Excluding Relevant Evidence for Prejudice, Confusion, or Waste of Time

Colorado Rule of Evidence 408 — Compromise and Offers to Compromise

Colorado Rule of Evidence 403 — Exclusion of Relevant Evidence on Grounds of Prejudice, Confusion, or Waste of Time

I Was Supposed to Stay Quiet. I Didn't.

They thought I would disappear.
They counted on silence. On shame. On exhaustion.

But here I am.
And here’s the truth:

You don’t get to erase people and expect them not to respond.
What comes next isn’t noise. It’s resistance—with receipts.

This isn’t a warning. It’s a reckoning.
And I’m not just here to speak—I’m here to be heard.

---

They called it a “welfare check.”

But I wasn’t missing. I wasn’t a danger to myself. I wasn’t having a mental health emergency.
I was a transgender Medicaid recipient who had spoken too clearly, asked too many questions, and reached the end of what the system could tolerate. That’s when the silence began—not a bureaucratic oversight, but a calculated refusal. And that’s when the data started to move.

This isn’t a conspiracy theory.
This isn’t speculation.
This is a lived account of what happens when institutional power meets metadata profiling, and healthcare denial becomes a surveillance protocol.

---

What Happened?

This site shares my first-person narrative—because no lawsuit, no headline, and no corporate statement will ever fully convey what it means to be erased while still alive.

• I was denied medically necessary care that had already been approved.
• I was then framed as a potential threat based on private health information.
• That information, protected under HIPAA, was passed to law enforcement.
• There was no emergency. No warrant. No court order.
• There was only a transgender woman alone in her home—suddenly surrounded by armed officers.

---

Why Tell This Story?

Because I survived it.
Because others might not.
Because “administrative erasure” is not a metaphor—it’s a method.
And because the people responsible will never admit what they’ve done unless the truth is louder than their silence.

I’m not here to shame individuals. I’m here to expose a systemic pattern: when someone like me becomes inconvenient, the system withdraws care and escalates control.
That’s not medicine. That’s profiling with a clinical face.

---

What You’ll Find in This Archive

• Redacted but verifiable evidence that aligns with the public record
• A survivor’s voice preserved on her own terms
• Legal filings that document the breach, the silence, and the aftermath
• Whistleblower disclosures and internal metadata patterns
• A reconstruction of what they tried to make disappear

This is not about revenge.
It’s about documentation.
It’s about survival.
And this is not a story they wanted told.

But I’m telling it anyway.

🔒 What Is Exhibit Z?

Exhibit Z is a sealed archive. It contains documents, images, disclosures, and structured metadata not yet made public due to legal strategy, risk of retaliation, or protective timing under the scope of a pending civil action.

These files are not fiction.
They’re not dramatizations.
They are redacted, timestamped, and authenticated pieces of a system that tried to rewrite reality.

But instead of releasing everything at once, we’ve chosen precision.

---

🧠 Why Keep It Sealed (For Now)?

Because exposure is a tactic, not just a truth.
And some truths only matter when you choose when and how to tell them.

Exhibit Z will be released if:

• The Rule 408 confidential settlement expires
• Defendants escalate retaliation or misinformation
• Key stakeholders deny, minimize, or distort the documented harm
• Legal counsel or press advocacy warrants escalation

---

🔐 What’s Inside?

While specifics remain sealed, Exhibit Z is known to include:

• Redacted communications from within the insurance system
• Evidence of algorithmic surveillance and metadata-based risk scoring
• Photographs, timestamps, and third-party confirmation of events and disclosures
• Internal contradictions within official records
• Proof of a chain-of-custody failure concerning protected health data

---

⏳ When Will It Open?

You’ll know.
Because it won’t be subtle.

Exhibit Z is scheduled for partial unsealing after August 11, 2025, unless settlement or suppression agreements remain in force. Full public release will follow if the system fails to take accountability.

---

🧩 For the Observers, the Press, the Cowards, and the Courts:

This page exists as notice.

To those watching from the shadows: yes, we see you.
To those preparing denials: your statements are already timestamped.
To those trying to contain this: it’s too late.