Earlier today, the United States Health and Human Services Office for Civil Rights (“OCR”) issued an alert concerning fraudulent postcards sent to health care organizations claiming to be official communications from OCR. The post cards inform recipients that they are required to participate in a “Required Security Risk Assessment” and directs providers to submit their risk assessment to hsaudit.org, a link that diverts individuals to a non-government website offering consulting services. You should disregard such correspondence and not provide the specified information.
As a reminder, all communications from OCR will come from either an official office or an email address ending with @hhs.gov. You can find a complete list of OCR’s headquarters and regional offices here: https://www.hhs.gov/ocr/about-us/contact-us/index.html.
* * * * *
Click Here to download the Legal Alert.