Skip to content

Brought to you by

Dentons logo

Privacy and Cybersecurity Law

Coverage and commentary on developments in data protection.

open menu close menu

Privacy and Cybersecurity Law

  • Home
  • About Us

HHS Issues Warning About Phishing Campaign Disguised As Official Communication

By Peter Stockburger
December 4, 2016
  • Consumer Protection
  • Data Breach
  • Employee Privacy
  • Health Information Privacy
  • Marketing, Cookies & Spam
  • Privacy Rights
  • United States
Share on Facebook Share on Twitter Share via email Share on LinkedIn

As part of its efforts to assess compliance with the HIPAA Privacy, Security and Breach Notification Rules, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) engages in audits of covered entities and their business associates.

On November 28, 2016, the OCR issued an alert warning covered entities about a phishing e-mail that is being circulated on mock HHS Departmental letterhead under the signature of OCR’s Director, Jocelyn Samuels.  The e-mail purportedly prompts the receiver to click a link regarding possible inclusion in the HIPPA Privacy, Security, and Breach Rules and Audit Program, and directs the recipient to a non-governmental website.  The phishing e-mail originates from the e-mail address OSOCRAudit@hhs-gov.us and directs individuals to http://www.hhs-gov.us.  This is a slight difference from the official e-mail address for the HIPAA audit program, OSOCRAudit@hhs.gov, and the official HHS website http://www.hhs.gov.

The OCR advises covered entities and their business associates to alert employees of this issue and take note that official communications regarding the HIPAA audit program are to be sent to selected auditees from the official e-mail address OSOCRAudit@hhs.gov.

A copy of the OCR alert can be found here.

If you or one of your entities has received this phishing e-mail, the Dentons Privacy and Cybersecurity Law Group is available to help you navigate next steps.

Share on Facebook Share on Twitter Share via email Share on LinkedIn
Subscribe and stay updated
Receive our latest blog posts by email.
Stay in Touch
Peter Stockburger

About Peter Stockburger

Peter Stockburger is the office managing partner for the Firm's San Diego office, a member of the Firm's Global Data Privacy and Venture Technology Groups, and co-lead of the Firm's Autonomous Vehicles practice. With a focus on data privacy and security, Peter partners with clients around the globe to leverage data and talent to grow, operate, and protect their business.

All posts Full bio

RELATED POSTS

  • Europe
  • Privacy Rights
  • United Kingdom

Subject Access Request risk: limits in sight?

By Nick Graham
  • Consumer Protection
  • Data Breach
  • Enforcement
  • Privacy Rights
  • Record Retention
  • United States

SEC Issues Cybersecurity Alert For Brokers And Financial Advisers

By Peter Stockburger
  • Consumer Protection
  • Data Breach
  • Privacy Rights
  • Record Retention
  • United States

New ABA Opinion – Attorneys Must Take Reasonable Cybersecurity Measures To Protect Client Data

By Peter Stockburger

About Dentons

Across over 80 countries, Dentons helps you grow, protect, operate and finance your organization by providing uniquely global and deeply local legal solutions. Polycentric, purpose-driven and committed to inclusion, diversity, equity and sustainability, we focus on what matters most to you. www.dentons.com

Grow, Protect, Operate, Finance. Dentons, the law firm of the future is here. Copyright 2023 Dentons. Dentons is a global legal practice providing client services worldwide through its member firms and affiliates. Please see dentons.com for Legal notices.

Categories

  • Accountability
  • Asia Pacific
  • Canada
  • Cloud Computing
  • Consumer Protection
  • Cybersecurity
  • Data Breach
  • Data Transfers
  • Employee Privacy
  • Enforcement
  • Europe
  • General
  • Government Information
  • Health Information Privacy
  • Latin America
  • Marketing, Cookies & Spam
  • New and Proposed Laws
  • Privacy Notices
  • Privacy Rights
  • Record Retention
  • Smart Cities
  • United Kingdom
  • United States

Subscribe and stay updated

Receive our latest blog posts by email.

Stay in Touch

Dentons logo in black and white

© 2023 Dentons

  • Legal notices
  • Privacy policy
  • Terms of use
  • Cookies on this site