OCR Issues Alert about Phishing Email Disguised as Official OCR Audit Email | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

OCR Issues Alert about Phishing Email Disguised as Official OCR Audit Email

November 28, 2016
by Heather Landi
| Reprints
Click To View Gallery

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued an alert Monday regarding a phishing email disguised as an official OCR audit communication.

“It has come to our attention that a phishing email is being circulated on mock HHS Departmental letterhead under the signature of OCR’s Director, Jocelyn Samuels. This email appears to be an official government communication, and targets employees of HIPAA covered entities and their business associates,” OCR stated in the alert.

The email prompts recipients to click a link regarding possible inclusion in the HIPAA Privacy, Security, and Breach Rules Audit Program. The link directs individuals to a non-governmental website marketing a firm’s cybersecurity services, according to OCR.

“In no way is this firm associated with the U.S. Department of Health and Human Services or the Office for Civil Rights. We take the unauthorized use of this material by this firm very seriously,” OCR stated.

The agency advises that any organizations with questions as to whether they have received an official communication from OCR regarding a HIPAA audit should contact that agency via email at OSOCRAudit@hhs.gov.

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More

Topics

News

HIT Advisory Committee Advances Recommendations on Core Data Sets for Interoperability

The Health Information Technology Advisory Committee, a federal advisory committee to the Office of the National Coordinator for Health IT (ONC), voted Wednesday to approve nine recommendations to update the list of data elements that vendors must exchange to be considered interoperable.

ACP Study: Only 37 Percent of MIPS Measures Are Valid

A new study from the American College of Physicians Performance Measurement Committee rated as valid only 37 percent of the 86 Quality Payment Program measures for 2017 deemed relevant to ambulatory general internal medicine.

Intermountain Healthcare Launches Study to Unlock Genomic Data

Researchers from the Salt Lake City, Utah-based Intermountain Healthcare have announced a long-term prospective study that they think has the potential to help physicians and others unlock genomic data.

UNC Health Care Receives HIMSS Analytics Stage 7 Designation

UNC Health Care, an integrated health care system based in Chapel Hill, N.C., has achieved Stage 7 designation on the HIMSS Analytics’ Electronic Medical Record Adoption Model (EMRAM).

FDA Announces Plan to Advance Medical Device Safety and Cybersecurity

The Food and Drug Administration (FDA) has announced new proposals aimed at advancing medical device cybersecurity, including placing new responsibilities on manufacturers, both before and after their devices hit the market.

Black Book: 9 in 10 Small Practices Not Optimizing Advanced EHR Functionalities

Eighty-eight percent of small practices of six or less practitioners still aren't optimizing advanced EHR (electronic health record) tools such as patient engagement, secure messaging, decision support and electronic data sharing, according to the latest Black Book survey