Phishing For Healthcare Records In The Cloud

Staff received an email, which appeared to be an official email. However, it was a phishing email that allowed an unauthorized third party access to a Wyoming Medical Center account.

by | April 29, 2016       << Back to Blog    

Join the Conversation on Facebook!

Click to enlarge

Phishing is a scam where you receive an email that looks like it's coming from a legitimate person or company you recognize, however, it is actually an email coming from a hacker trying to get you to either open an infected attachment or click on a link that takes you to a fake website with malware or with a login page that attempts to get your login credentials to a legitimate site.  Phishing emails are easily confused with legitimate emails because they use the corporate logos of real companies and often time have an elaborate message that basically tricks you into taking some action. I have seen phishing emails in disguised are coming from UPS, USPS, IRS, banks, Facebook, HR department, and more.  Now imagine a phishing email that looks like it's coming from your cloud EHR vendor... Depending on how creative the email message is drafted, your staff may click on links, provide EHR login details, reset passwords or open an attachment. Any action taken by your staff on this phishing email will likely open the doors to a hacker and gain access to your EHR in the cloud.

Phishing scams occurs in all industries.  Here is a recent healthcare data breach in a medical center due to a phishing scam.

Phishing Scam Leads to Potential Healthcare Data Breach in Wyoming Medical Center

http://wyomingmedicalcenter.org/pulse/public-notice-health-insurance-portability-and-accountability-act  

Next time you get an email with an attachment and a link, think twice before opening or clicking.  Even if you have antivirus program running, your computer can still get infected.

If it's too late and you are in a bind or if you want to be proactive and get your network security and HIPAA compliance checked by HIPAA certified professionals, give us a call or visit www.WorryFreeMD.com 

 



About Fernando Sosa
Fernando Sosa is a technology consultant, project management professional, and software developer who helps small businesses and nonprofit organizations make the most of their information technology resources.


Comments: