Skip to content Skip to navigation

OCR Issues Alert about Phishing Email Disguised as Official OCR Audit Email

November 28, 2016
by Heather Landi
| Reprints
Click To View Gallery

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued an alert Monday regarding a phishing email disguised as an official OCR audit communication.

“It has come to our attention that a phishing email is being circulated on mock HHS Departmental letterhead under the signature of OCR’s Director, Jocelyn Samuels. This email appears to be an official government communication, and targets employees of HIPAA covered entities and their business associates,” OCR stated in the alert.

The email prompts recipients to click a link regarding possible inclusion in the HIPAA Privacy, Security, and Breach Rules Audit Program. The link directs individuals to a non-governmental website marketing a firm’s cybersecurity services, according to OCR.

“In no way is this firm associated with the U.S. Department of Health and Human Services or the Office for Civil Rights. We take the unauthorized use of this material by this firm very seriously,” OCR stated.

The agency advises that any organizations with questions as to whether they have received an official communication from OCR regarding a HIPAA audit should contact that agency via email at OSOCRAudit@hhs.gov.

Get the latest information on Cybersecurity and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More

Topics

News

Health Catalyst Incorporates Regenstrief’s NLP Solution in Its Analytics Platform

At the HIMSS17 conference in Orlando, the nonprofit Regenstrief Institute announced a partnership with analytics vendor Health Catalyst involving Regenstrief's artificial intelligence-powered text analytics technology.

Survey: Cybersecurity Getting More Attention at the C-Suite and Board Level

Cybersecurity has been elevated to a central concern for healthcare providers, with more attention at the board level and the C-suite, according to a new survey by Orem, Utah-based KLAS Research and the College of Healthcare Information Management Executives (CHIME). The study found that 42 percent of organizations have a vice president or C-level official in charge of cybersecurity and for 39 percent of organizations, the head of cybersecurity is at the director level.

Partnership for Health IT Patient Safety Focuses on Patient Identification

The Partnership for Health IT Patient Safety has rolled out its second set of Safe Practice Recommendations with a focus on reducing patient misidentification.

IBM Watson Health Expands Imaging, Population Health Efforts

IBM’s Watson Health kicked off HIMSS17 in Orlando on Monday with a slew of announcements, including a clinical imaging review platform and partnerships with several large provider organizations on population health and value-based health initiatives.

Federal Government Affirms $100M in Funding to Help Small Practices with Quality Payment Program

The Centers for Medicare & Medicaid Services (CMS) has affirmed the awarding of approximately $20 million to 11 organizations for the first year of a five-year program to provide on-the-ground training and education about the Quality Payment Program.

DoD Deploys Cerner EHR System, MHS Genesis, at Fairchild AFB

Last week, the U.S. Defense Department deployed a commercial, off-the-shelf electronic health record system from Cerner at Fairchild Air Force Base in Spokane, Washington as part of a DOD-wide roll out of the EHR system.