CyberSecurity Hits Home at the Department of Health and Human Services

Ironically, the U.S. Department of Health and Human Services’ Office of Civil Rights (OCR) was targeted. This week OCR notified the healthcare industry via listserv, that a phishing email was unlawfully used to communicate with covered entities and business associates. From the OCR listserv today, November 30, 2016: “Covered entities and business associates should alert their employees of this issue and take note that official communications regarding the HIPAA audit program are sent to selected auditees from the email address OSOCRAudit@hhs.gov” and not the slightly different, OSOCRAudit@hhs-gov.us.  This is potentially believable because OCR is launching Phase 2 HIPAA audits of business associates now and communicating with email. Clever timing by cyberattackers.

Reduce your risks by understanding the basics. Workforce training, contingency plans and risk analysis can save you time and money if your practice is hit. Take control and implement defenses against cyberattacks with easy step by step guidance contained in The HIPAA E-Tool. Prepare for a potential audit at the same time. 

The HIPAA E-Tool® makes compliance fast and easy. Get your free HIPAA Quick Start Kit, complete with a webcam privacy guard, HIPAA Hot Zone labels and a HIPAA checklist delivered directly to your office.

Share This Post

Share on facebook
Share on twitter
Share on linkedin

Maggie Hales

Maggie Hales is a lawyer specializing in health information privacy and security. As CEO of ET&C Group LLC she advises health care providers and business associates in 36 states, Canada, Egypt, India and the EU, using The HIPAA E-Tool® to deliver up to date policies, forms and training on everything related to HIPAA compliance.

Copyright © 2019 The ET&C Group LLC.
The HIPAA E-Tool® is a registered trademark of The ET&C Group LLC
Terms of Service | Privacy Policy

Free hipaa kit!

hipaa compliance Quick start kit
Delivered free