Health Information Compliance Alert
Fraudulent Cybersecurity Firm Masquerades As the OCR in Phishing Scam
PDF
Plus: ONC Offers Webinar on Changes to Health IT Certification
Falling in line with cyber Monday’s tradition of glitches and deceit, a cybersecurity firm targeted HIPAA entities and business associates masquerading as OCR director, Jocelyn Samuels, through email that used an HHS letterhead in a phishing scam.
“The email prompts recipients to click a link regarding possible inclusion in the HIPAA Privacy, Security, and Breach Rules Audit Program. The link directs individuals to a non-governmental website marketing a firm’s cybersecurity services,” the HHS press release from Nov. 28, 2016 said. “In no way is this firm associated with the U.S. Department of Health and Human Services or the Office for Civil Rights. We take the unauthorized use of this material by this firm very seriously.”
The HHS and OCR jointly urged covered entities and their associates to alert employees immediately of the fraudulent activity and to contact the OCR directly with any leads or information regarding the scam.
Resource: For the link to the HHS press release and details on how to contact the OCR regarding this phishing operation, visit https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/audit/.
In other news…
If you missed the Dec. 7, 2016 ONC webinar on the Health IT Certification Program: Enhanced Oversight Final Rule, don’t fret. You’ve got another chance to sign up before the rule goes into effect on Dec. 19, 2016.
With MU changing to ACI starting Jan. 1, 2017, changes in the way CMS regards health IT, CEHRT, and compliance are on the front line of the ONC’s objectives to improve, review, and implement new policies, regulations, and certification avenues for providers, their associates, and vendors.
The ONC webinar on Dec. 14, 2016 (Link here: https://attendee.gotowebinar.com/register/9020450947695778820) offers information on the Health IT Certification Program: Enhanced Oversight Final Rule and all that itentails.
To take a look at the final rule in the Federal Register, visit https://www.federalregister.gov/documents/2016/10/19/2016-24908/onc-health-it-certification-program-enhanced-oversight-and-accountability.
Health Information Compliance Alert
- Case Study:
Malware Issue Highlights Large Organization Need for HIPAA Security Plan
Lack of firewall in secondary systems shows why risk analysis is crucial in healthcare settings. [...] - Compliance:
Be MACRA Ready: Navigate the Certified Health IT Product List
Starting Jan. 1, your payment might depend on the quality of your EHR. Despite the [...] - Clip And Save:
Know These MIPS Measures for the Advancing Care Information Transition
With two paths for success, MACRA’s new EHR requirements offer options for engagement. As Meaningful [...] - HIPAA:
Feast on Patient Fodder in the New Year -- But, Make Sure It's HIPAA-Compliant
Utilize HIPAA-friendly feedback for a 2017 revenue boost. With the quality of your medical care [...] - Toolkit:
Close Up Your Practice Loopholes with These Authentication Tips
With cyberattacks on the rise, make safeguarding data an end-of-year priority. Hacking—it’s everywhere. It’s commonplace [...] - Enforcement News:
Fraudulent Cybersecurity Firm Masquerades As the OCR in Phishing Scam
Plus: ONC Offers Webinar on Changes to Health IT Certification Falling in line with cyber [...]