OCR warns hospitals of HIPAA compliance scams
Healthcare IT News
The Office for Civil Rights at the U.S. Department of Health and Human Services has warned health systems about what appears to be something of an old-fashioned and low-tech phishing attempt: fraudulent postcards, most addressed to hospital privacy officers, that warn of noncompliance with a mandatory risk assessment.
According to a report in the National Law Review, OCR on August 9 sent a listserv alert that it had become "aware of postcards being sent to health care organizations disguised as official OCR communications, claiming to be notices of a mandatory HIPAA compliance risk assessment."
The American Hospital Association, meanwhile, notes...