OCR Alert: Beware of HIPAA Fraud Scam

Share: Share on Facebook Share on Twitter Share on LinkedIn

OCR Alert: Beware of HIPAA Fraud Scam

Share: Share on Facebook Share on Twitter Share on LinkedIn
OCR Alert HIPAA Fraud

QUESTION: We received a postcard in the mail notifying us of a mandatory HIPAA compliance risk assessment from the Secretary of Compliance, HIPAA Compliance Division. What caused our practice to be scrutinized and how should we respond?

Question from San Francisco, California subscriber

ANSWER: Unfortunately – or fortunately, you have been the target of an attempted phishing scam, not an actual government audit. The postcards are trying to lure recipients to set up risk assessments with a private company. The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently warned about the HIPAA compliance fraudulent mailings.

Healthcare organizations, like yours, have been reporting receiving the fraudulent communications over the past weeks. The postcards are deceptively disguised as official notice from OCR. The alert is addressed to HIPAA Privacy and Security Officers and direct the recipient to immediately take steps to address the HIPAA noncompliance. The directives include calling, emailing or visiting a website. The website link, however, goes to a non-government website that promotes a private company’s consulting services.

Here is an example from OCR alerting practices of the HIPAA fraud scam that features a postcard with a DC return address. It is NOT from HHS/OCR.

OCR Alert HIPAA Fraud

You can protect your practice from becoming victims of fraud in the future by alerting staff to the misleading communication and its signs of abuse. An official OCR communication would include OCR’s physical address or its email address ending in @HHS.gov. Also, in the event, you receive any follow-up regarding the postcard, you should report the suspected incident to the Federal Bureau of Investigation (FBI).

For more ways to reduce your risk of getting targeted for a HIPAA audit or penalty, HIPAA compliance expert and consultant, Jay Hodes, can help. OCR Alert HIPAA Fraud.

During his online training session, “Prevent Most Common HIPAA Violations and Massive Penalties,” he will breakdown the most common reasons physician practices get into HIPAA trouble.


Additional HIPAA Resources To Help Your Practice Stay Out of Trouble

girl-stop-hand-275x320 docprivacy-275x320 Docandassistcomp-275x320
.
HIPAA and Ransomware: Protect Against Attacks and Violation Penalties
HIPAA: Risk Assessment Requirements
Prevent Most Common HIPAA Violations and Massive Penalties
.
REGISTER NOW
.
REGISTER NOW
.
REGISTER NOW

Meet Your Writer

Jen Godreau
CPC, CPMA, CPEDC, COPC, AHIMA ICD-10-CM/PCS Approved Trainer

Content Director

Jen Godreau, CPC, CPMA, CPEDC, COPC, AHIMA ICD-10-CM/PCS Approved Trainer is an expert in practice management, billing and coding, and revenue cycle management, and brings almost 20 years of experience to the content team at Training Leader. Prior to joining Training Leader, Jen led implementations of EMRs and revenue cycle management services including credentialing. She has led teams who have created numerous software programs and tools for compliance, coding, and auditing. Her passion for all things compliance and coding has filled thousands of articles and allowed her to provide practice management consulting and due diligence for hundreds of practices.

Jen's advocacy led to the overturning of neonatology supervision restrictions, creation of new CPT ENT codes, and winning of Medicare monitoring auditing contracts. She wrote the diagnosis study guide for AAPC's Certified Otolaryngology Coder (CENTC) exam and edited the AAPC Professional Medical Coding Curriculum.

Jen has a Bachelor of Arts from Wittenberg University in Springfield, Ohio. She became a Certified Professional Coder (CPC) in 2001, added her designation as a Certified Pediatric Coder (CPEDC) in 2009, became a Certified Medical Coding Auditor (CPMA) in 2010, and a Certified Ophthalmology Professional Coder (COPC) in 2017. She is an AHIMA ICD-10-CM/PCS approved trainer.

{"cart_token":"","hash":"","cart_data":""}