OCR warns hospitals of HIPAA compliance scams

The US Office for Civil Rights has warned healthcare providers about fraudulent postcards claiming to be from the Department of Health and Human Services, asking for compliance with a mandatory risk assessment. The postcards, addressed to hospital privacy officers, direct recipients to a non-governmental website for consulting services. Providers are advised to verify the legitimacy of communications by checking for the OCR address or email address.