OCR Issues Alert Regarding Phishing Email Disguised as Official OCR Audit Communication

Patrick Haggerty
BakerHostetler
Contact
LinkedIn
Facebook
X
Send
Embed

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published an alert on Nov. 28 describing a phishing email being circulated on mock HHS departmental letterhead under the signature of OCR Director Jocelyn Samuels. The email prompts recipients to click a link regarding possible inclusion in the HIPAA Privacy, Security, and Breach Rules Audit Program. The link takes the recipient to a nongovernmental website marketing a firm’s cybersecurity services. The HHS OCR stated that it is in no way associated with the firm. The email is targeting employees of covered entities and their business associates. Covered entities and business associates should, therefore, make their workforce members aware of this phishing campaign and remind workforce members to be vigilant and not click on links or attachments that seem suspicious. The HHS OCR has stated that you can reach out to them at OSOCRAudit@hhs.gov. if you have a question as to whether a communication you receive from them regarding a HIPAA audit is legitimate.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© BakerHostetler | Attorney Advertising

Written by:

BakerHostetler
BakerHostetler
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

BakerHostetler on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide