Cyber criminal pretends to be OCR investigator to obtain PHI

April 24, 2020 Gracie Awalt

April 24, 2020

By Gracie Awalt, Marketing Associate

The Office for Civil Rights (OCR) is alerting health care professionals about  an increase in malicious behavior by cyber criminals seeking protected health information (PHI). This increase is occurring as physician practices, hospitals, and other health care organizations are focused on the COVID-19 public health emergency.

According to the alert, an individual posing  as an OCR Investigator is calling health care organizations and asking for patient PHI. When the caller is asked for an OCR complaint transaction number or other verifiable information, the caller does not provide the information.

Alert staff members about this caller and instruct them to not release any PHI without first obtaining authentication or confirmation that the request is legitimate. Ask for the investigator’s email address, which will end in signifying its authenticity. If the investigator provides this valid address, ask for a confirmation email from this address before providing any PHI.

According to the FBI, current scams involving cyber criminals include:

  • sending fake emails from the Centers for Disease Control that contain links to malware designed to compromise systems;  
  • sending phishing emails that ask for the recipient’s personal information in order to receive economic stimulus checks; and
  • selling counterfeit personal protective equipment and treatments.

Read the FBI’s public service announcement on COVID-19 fraud schemes to learn more.

Contact if you have additional questions or concerns.


Previous Article
Building a therapeutic physician-patient relationship
Building a therapeutic physician-patient relationship

The practice of plastic surgery often produces uncertainties. Patients judge the success of surgical outcom...

Next Article
Cyber criminals hijack video calls; FBI provides recommendations
Cyber criminals hijack video calls; FBI provides recommendations

Our increased use of teleconferencing has created new opportunities for cyber criminals to hack into video ...