Access All Live + All On-Demand Trainings for 1 Year! SAVE $500 NOW

All Blogs

OCR Alert: Beware of HIPAA Fraud Scam


Posted Aug 13, 2020
Share: Share on Facebook Share on Twitter Share on LinkedIn
All Blogs

OCR Alert: Beware of HIPAA Fraud Scam

Posted August 13, 2020
Share: Share on Facebook Share on Twitter Share on LinkedIn
OCR Alert HIPAA Fraud

QUESTION: We received a postcard in the mail notifying us of a mandatory HIPAA compliance risk assessment from the Secretary of Compliance, HIPAA Compliance Division. What caused our practice to be scrutinized and how should we respond?

Question from San Francisco, California subscriber

ANSWER: Unfortunately – or fortunately, you have been the target of an attempted phishing scam, not an actual government audit. The postcards are trying to lure recipients to set up risk assessments with a private company. The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently warned about the HIPAA compliance fraudulent mailings.

Healthcare organizations, like yours, have been reporting receiving the fraudulent communications over the past weeks. The postcards are deceptively disguised as official notice from OCR. The alert is addressed to HIPAA Privacy and Security Officers and direct the recipient to immediately take steps to address the HIPAA noncompliance. The directives include calling, emailing or visiting a website. The website link, however, goes to a non-government website that promotes a private company’s consulting services.

Here is an example from OCR alerting practices of the HIPAA fraud scam that features a postcard with a DC return address. It is NOT from HHS/OCR.

OCR Alert HIPAA Fraud

You can protect your practice from becoming victims of fraud in the future by alerting staff to the misleading communication and its signs of abuse. An official OCR communication would include OCR’s physical address or its email address ending in @HHS.gov. Also, in the event, you receive any follow-up regarding the postcard, you should report the suspected incident to the Federal Bureau of Investigation (FBI).

For more ways to reduce your risk of getting targeted for a HIPAA audit or penalty, HIPAA compliance expert and consultant, Jay Hodes, can help. OCR Alert HIPAA Fraud.

During his online training session, “Prevent Most Common HIPAA Violations and Massive Penalties,” he will breakdown the most common reasons physician practices get into HIPAA trouble.

Additional HIPAA Resources To Help Your Practice Stay Out of Trouble

girl-stop-hand-275x320 docprivacy-275x320 Docandassistcomp-275x320
.
HIPAA and Ransomware: Protect Against Attacks and Violation Penalties
 		HIPAA: Risk Assessment Requirements
 Prevent Most Common HIPAA Violations and Massive Penalties
.
REGISTER NOW
.
REGISTER NOW
.
REGISTER NOW

Meet Your Writer

Jen Godreau
CPC, CPMA, CPEDC, COPC
Content Director

Jennifer Godreau, CPC, CPMA, CPEDC, COPC, has almost 20 years of experience in billing, coding, compliance, and practice management. She develops the content and programs for Healthcare Training Leader, a practice-specific online training company offering step-by-step advice on increasing reimbursement and avoiding compliance violations. Prior to joining Healthcare Training Leader, Jennifer supervised the program delivery for EMRs, practice management systems and compliance and revenue cycle services for more than 6,000 providers. Thousands of software products - encoders, claims management, auditing, and HIPAA compliance, have been created with her teams and helped thousands of practices more easily reduce revenue losses and comply with complex regulations. Her passion for breaking down healthcare rules and requirements in simple steps has provided practical advice, education, and risk reduction strategies to numerous associations, payers and medical specialties especially in primary care, otolaryngology, eye care, and pediatrics. Jennifer’s advocacy resulted in supervision rule revisions, new CPT codes, and CMS compliance contracts. She oversaw the provider auditing and education for one of the major corporate integrity health system settlements. Jennifer has authored and presented on numerous healthcare compliance and payment challenges. Her education guides include the Certified Otolaryngology Coder (CENTC) exam study guide and the AAPC Professional Medical Coding Curriculum. Jennifer has a Bachelor of Arts from Wittenberg University in Springfield, Ohio. She holds certificates in coding, auditing, pediatric coding, and ophthalmology billing and coding, and is AAPC Vice President of the Naples, FL chapter. Please reach out to Jennifer for step-by-step guidance at [email protected]