Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

OCR warns hospitals of HIPAA compliance scams

From: InfoSec News <alerts () infosecnews org>
Date: Thu, 13 Aug 2020 06:11:28 +0000 (UTC)
https://www.healthcareitnews.com/news/ocr-warns-hospitals-apparent-hipaa-compliance-scams

By Mike Miliard
Healthcare IT News
August 11, 2020
The Office for Civil Rights at the U.S. Department of Health and Human Services has warned health systems about what appears to be something of an old-fashioned and low-tech phishing attempt: fraudulent postcards, most addressed to hospital privacy officers, that warn of noncompliance with a mandatory risk assessment.
According to a report in the National Law Review, OCR on August 9 sent a listserv alert that it had become "aware of postcards being sent to health care organizations disguised as official OCR communications, claiming to be notices of a mandatory HIPAA compliance risk assessment."
The American Hospital Association, meanwhile, notes that the cards, addressed to "HIPAA Compliance Officer," purport to be from someone with a nonexistent title at HHS ("Secretary of Compliance, HIPAA Compliance Division") and bear a D.C. return address that doesn't belong to HHS. 

[...]



--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
Follow InfoSec News on Twitter
https://twitter.com/infosecnews_
Follow InfoSec News on LinkedIn
https://www.linkedin.com/company/infosecnews/
Previous By Date Next
Previous By Thread Next

Current thread: