Service Providers

Alert: Phishing Email

Alert: Watch Out for Phishing Email
Disguised as Official Audit Communication

An important message for HRC Service Providers (Our HIPAA Business Associates) from:
US Dept. of Health and Human Services
Office for Civil Rights in Action
November 28, 2016

It has come to our attention that a phishing email is being circulated on mock HHS Departmental letterhead under the signature of OCR’s Director, Jocelyn Samuels.

This email appears to be an official government communication, and targets employees of HIPAA covered entities (like Harbor Regional Center) and their business associates (like our service providers).

The email prompts recipients to click a link regarding possible inclusion in the HIPAA Privacy, Security, and Breach Rules Audit Program. The link directs individuals to a non-governmental website marketing a firm’s cybersecurity services.

In no way is this firm associated with the U.S. Department of Health and Human Services or the Office for Civil Rights. We take the unauthorized use of this material by this firm very seriously.

In the event that you or your organization has a question as to whether it has received an official communication from our agency (Health and Human Services Office for Civil Rights) regarding a HIPAA audit, please contact us via email atOSOCRAudit@hhs.gov.