Scammers fraudulently collect sensitive information and steal donations by creating and using fake social media platforms (e.g., Facebook, charity websites, phishing, email, and Twitter) to ask for donations.
These fake websites will usually do one of two things:
- Ask for a credit card number to steal donations; and/or
- Infect your electronic device with malicious software (malware) that can extract sensitive information passwords, usernames, or account numbers) that is subsequently used to commit fraud.
- Never allow remote access to your computer unless such access is known to be legitimate, and the requestor’s authenticity can be verified (e.g., calling your IT Help Desk to verify the identity of IT support personnel requesting remote access to perform maintenance) – AND is done over a secure connection.
- Do not trust unsolicited phone calls, emails, or texts – be suspicious & ask questions.
- Hang up the phone if you are suspicious of the caller, do not trust Caller ID to be accurate, scammers almost always spoof an innocent 3rd party’s phone number.
- Be suspicious of requests for personal information over telephone, email, or text.
- Do NOT download & install unknown software or purchase unsolicited online services.
- Do not connect unknown devices or USB drives.
- Verify the identity of the caller directly with CE or BA officials, or with the company the caller claims to represent.
- Record the caller’s information if you suspect a scam and report it in accordance with your organization’s policies and procedures.
Covered Entities and Business Associates need to understand patients are entrusting them with their most private and intimate details, they expect it to remain secure.
Besides, it is YOUR practice, YOUR patient’s, YOUR reputation and YOUR legacy! Why are you leaving yourself wide open to such risks?
Don’t know where or how to start or update your HIPAA security compliance training? Let’s chat about your compliance program – schedule a call with HIPAA alli today!