Information Security News mailing list archives
OCR warns hospitals of HIPAA compliance scams
From: InfoSec News <alerts () infosecnews org>
Date: Thu, 13 Aug 2020 06:11:28 +0000 (UTC)
https://www.healthcareitnews.com/news/ocr-warns-hospitals-apparent-hipaa-compliance-scams By Mike Miliard Healthcare IT News August 11, 2020The Office for Civil Rights at the U.S. Department of Health and Human Services has warned health systems about what appears to be something of an old-fashioned and low-tech phishing attempt: fraudulent postcards, most addressed to hospital privacy officers, that warn of noncompliance with a mandatory risk assessment.
According to a report in the National Law Review, OCR on August 9 sent a listserv alert that it had become "aware of postcards being sent to health care organizations disguised as official OCR communications, claiming to be notices of a mandatory HIPAA compliance risk assessment."
The American Hospital Association, meanwhile, notes that the cards, addressed to "HIPAA Compliance Officer," purport to be from someone with a nonexistent title at HHS ("Secretary of Compliance, HIPAA Compliance Division") and bear a D.C. return address that doesn't belong to HHS.
[...] -- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ Follow InfoSec News on Twitter https://twitter.com/infosecnews_ Follow InfoSec News on LinkedIn https://www.linkedin.com/company/infosecnews/
Current thread:
- OCR warns hospitals of HIPAA compliance scams InfoSec News (Aug 12)