Caution: Fake HHS HIPAA Email Is Phishing Scam
The Office for Civil Rights (OCR) has issued an alert warning healthcare providers about a phishing scam disguised as an official communication from the Department of Health and Human Services.
Scam artists are circulating the email on fake HHS letterhead with the signature of Jocelyn Samuels, OCR’s director. It is aimed at covered entities and business associates, appearing to be an official government communication. The email prompts recipients to click a link regarding possible inclusion in the HIPAA Privacy, Security, and Breach Rules Audit Program, but the link directs individuals to a non-governmental website marketing a firm’s cybersecurity services.
“In no way is this firm associated with the U.S. Department of Health and Human Services or the Office for Civil Rights,” OCR states in the alert. “We take the unauthorized use of this material by this firm very seriously.”
The phishing email originates from the email address [email protected] and directs individuals to a URL at http://www.hhs-gov.us. OCR points out the subtle difference from the official email address of the HIPAA audit program: [email protected].
“Covered entities and business associates should alert their employees of this issue and take note that official communications regarding the HIPAA audit program are sent to selected auditees from the email address [email protected],” according to the alert.
The Office for Civil Rights has issued an alert warning healthcare providers about a phishing scam disguised as an official communication from the Department of Health and Human Services.
Subscribe Now for Access
You have reached your article limit for the month. We hope you found our articles both enjoyable and insightful. For information on new subscriptions, product trials, alternative billing arrangements or group and site discounts please call 800-688-2421. We look forward to having you as a long-term member of the Relias Media community.