OCR: Phishing email targeting HIPAA covered entities

Nov 29, 2016 - 03:45 PM

The Department of Health and Human Services’ Office for Civil Rights yesterday alerted the public to a phishing email targeting employees of entities covered by the Health Insurance Portability and Accountability Act and their business associates. The email appears to be an official government communication from OCR Director Jocelyn Samuels and prompts recipients to click a link regarding possible inclusion in the HIPAA Privacy, Security, and Breach Rules Audit Program, the agency said. However, the link directs individuals to a non-governmental website marketing a firm’s cybersecurity services. “In no way is this firm associated with the U.S. Department of Health and Human Services or the Office for Civil Rights,” the agency said. Organizations with questions as to whether they have received an official communication from the agency regarding a HIPAA audit may email the agency at OSOCRAudit@hhs.gov.

Related News Articles

Headline
CMS releases update on post-shutdown provider claims
The Centers for Medicare & Medicaid Services released an updated notice Nov. 20 on the processing of Medicare provider claims impacted by the government…
Headline
Webinar to provide strategies on protecting hospital leadership
The AHA will host a webinar Dec. 18 at 1 p.m. ET on strategies to better protect senior leaders in hospitals. Attendees will learn ways to reduce…
Headline
CMS increases Medicare hospital outpatient department payment rates by 2.6% in CY 2026
The Centers for Medicare & Medicaid Services Nov. 21 issued a final rule that, among other provisions, increases Medicare hospital outpatient prospective…
Perspective
Why Gratitude Can Be a Powerful Medicine
Public
Imagine a powerful practice that strengthens human connection, improves well-being, boosts psychological health and supports a healthy workplace culture. And…
Headline
CMS issues updated guidance on Medicare telehealth services 
The Centers for Medicare & Medicaid Services will retroactively pay claims for telehealth services provided during the government shutdown through Jan. 30…
Headline
Agencies release guide to protect against bulletproof hosting provider cybercrimes 
U.S. and international agencies Nov. 19 released a guide on mitigating potential cybercrimes from bulletproof hosting providers. A BPH provider is an internet…