Liaison Information Report (LIR) Healthcare & Public Heath Sector Pharmaceutical Industry

Similar documents
TLP to IEP Evolution: What, Why & How

WASHINGTON UNIVERSITY HIPAA Privacy Policy # 7. Appropriate Methods of Communicating Protected Health Information

RelayHealth Legal Notices

The rise of major Adversaries is the most relevant trend in 2014, targeting Government and Critical Services

ARTAS Versions EOD and EOS Dates and Supported Hardware Solutions

Achieving Cyber-Readiness through Information Sharing Analysis Organizations (ISAOs)

Providence Web Site Terms of Use and Privacy Policy

AUSTRALIA Building Digital Trust with Australian Healthcare Consumers

SYDNEY FESTIVAL PRIVACY POLICY

HIPAA AND SECURITY. For Healthcare Organizations

HIPAA Compliance & Privacy What You Need to Know Now

Pharmacist Resource Center User Guide

at Kaiser Permanente Mary Henderson HIPAA Program Director Kaiser Permanente

Ordering New & Refill Prescriptions Online With Costco Mail Order

Completing the NHS Prescription Services request for information and data proforma

Elders Estates Privacy Notice

PLEASE NOTE. - Text the phrase MICHAELBERWA428 to the number /23/2016 1

Virtua Health, Inc. is a 501 (c) (3) non-profit corporation located in Marlton, New Jersey ( Virtua ).

PULSE TAKING THE PHYSICIAN S

Your mymeritain Personalized Member Website

HCCA Managed Care Conference. Agenda 2/12/2015

NYSVMS WEBSITE PRIVACY POLICY

HIPAA Privacy and Security. Rochelle Steimel, HIPAA Privacy Official Judy Smith, Staff Development January 2012

ATLANTICARE HEALTH-E YOU PATIENT PORTAL

mhealth: Privacy Challenges in Smartphone-based Personal Health Records and a Conceptual Model for Privacy Management

Terms & Conditions. Privacy, Health & Copyright Policy

Orientation. Certification, Licensure, Registration. Pharmacy Technician Training Systems PassAssured, LLC

Inside the OCR Investigation/Audit Process 2018 PBI HEALTH LAW INSTITUTE TUESDAY, MARCH 13, 2017 GREGORY M. FLISZAR, J.D., PH.D.

We offer background check and identity verification services to employers, businesses, and individuals. For example, we provide:

AUTHORIZATION TO RELEASE HEALTH INFORMATION

When the Other Brother Steps Up: State Privacy Enforcement Actions

How to use Novixus.com. Step by Step guide to using the new novixus.com website

Welcome toa webinar about understanding BC s Personal Information Protection Act or PIPA for short.

HIPAA Federal Security Rule H I P A A

Mobile Application Privacy Policy

Results, 2 nd Quarter Data Security. HIMSS Analytics ehealth TRENDBAROMETER Q2/2017

TLP:GREEN FBI. FBI Liaison Alert System #A mw SUMMARY TECHNICAL DETAILS

CTI BioPharma Privacy Notice

DeliverySlip for Dental Practices

Information Privacy and Security Training Authored by: Office of HIPAA Administration

LifeWays Operating Procedures

Patient Portal User s Guide

Off-label unsolicited requests How to respond?

Introduction Privacy, Security and Risk Management. What Healthcare Organizations Need to Know

HIPAA Privacy & Security Training. Privacy and Security of Protected Health Information

Social Security Number Protection Policy.

HAGA CLICK AQUÍ PARA TRADUCCION AL ESPAÑOL DE LA POLÍTICA DE PRIVACIDAD

PRIVACY POLICY. 3.1 This policy does not apply to the collection, holding, use or disclosure of personal information that is an employee record.

WEB-202: Building End-to-end Security for XML Web Services Applied Techniques, Patterns and Best Practices

WEBSITE USAGE TERMS AND CONDITIONS

CliniSys Website Privacy Policy

1. Muscat & Co Mortgage Solutions Ltd - Privacy Notice

APF!submission!!draft!Mandatory!data!breach!notification! in!the!ehealth!record!system!guide.!

.HEALTH REGISTRATION POLICY

PAKISTAN HOW TO SPEED UP THE INTRODUCTION OF EHEALTH SERVICES IN DEVELOPING COUNTRIES

The National Medical Device Information Sharing & Analysis Organization (MD-ISAO) Initiative Session 2, February 19, 2017 Moderator: Suzanne

PDMP User s Guide. Oregon Health Authority Prescription Drug Monitoring Program

User Manual/Guide for Direct Using encompass 3.0. Prepared By: Arête Healthcare Services, LLC

ISAO SO Product Outline

PRIVACY POLICY CHILDREN S PRIVACY

Title: Personal Health Record Policy and Procedure. Manual: Health Information Management

When does QuestCDN collect personally identifiable information?

Scope of the Member State mechanism

Information Privacy and Security Training 2016 for Instructors and Students. Authored by: Office of HIPAA Administration

CHAPTER ONE: EXECUTIVE SUMMARY

Privacy Policy. How we handle your information you provide to us. Updated: 14 March 2016

Prescription. Information Services. Gateway: 01/NHSBSA/RxS/06/2018

GENERAL PRIVACY POLICY

Patient Portal - Patient User Guide

PIP Desk Reference. The Pharmaceutical Information Program. Pharmaceutical Information Program (PIP) Desk Reference March

The HUMANE roadmaps towards future human-machine networks Oxford, UK 21 March 2017

WELCOME. October 19, 2017 The Mandarin Oriental Washington, DC

NaviNet Drug Authorizations. User s Guide

Federal Breach Notification Decision Tree and Tools

Communications to Community Pharmacy

Security and Privacy Breach Notification

Critical HIPAA Privacy & Security Crossover Areas

Implementing the Administration's Critical Infrastructure and Cybersecurity Policy

COLLECTION & HOW THE INFORMATION WILL BE USED

TechTarget, Inc. Privacy Policy

CS Database Design - Assignments #3 Due on 30 March 2015 (Monday)

UK Healthcare: DMARC Adoption Report Security in Critical Condition

2017_Privacy and Information Security_English_Content

LIFEWAY PREMARITAL INFORMATION FORM LIFEWAY REFERRAL INFORMATION

The Data Center is Dead Long Live the Virtual Data Center

Putting It All Together:

Medtech Evolution electronic Prescribing User Guide

UPDATE: HEALTHCARE CYBERSECURITY & INCIDENT RESPONSE Lindsay M. Johnson, Esq. Partner, Freund, Freeze & Arnold, LPA

NAVINET USER GUIDE CO N F I D E N T I A L 2017 CoverMyMeds LLC. All Rights Reserved.

Policy & Procedure Privacy Policy

TERMS OF USE Terms You Your CMT Underlying Agreement CMT Network Subscribers Services Workforce User Authorization to Access and Use Services.

HIPAA 101: What All Doctors NEED To Know

Endpoint Security for Wholesale Payments

HIPAA and Research Contracts JILL RAINES, ASSISTANT GENERAL COUNSEL AND UNIVERSITY PRIVACY OFFICIAL

POSTMARKET MANAGEMENT OF CYBERSECURITY IN MEDICAL DEVICES FINAL GUIDANCE MARCH 29, TH ANNUAL MEDICAL DEVICE QUALITY CONGRESS

HIPAA Tips and Advice for Your. Medical Practice

Department of Veterans Affairs Direct and My HealtheVet Blue Button. Glen Crandall VA Direct Program Manager

We will start at 2 minutes after the hour

Training Guide for Practitioners. Washington State Department of Health Washington State Prescription Monitoring Program

Keeping It Under Wraps: Personally Identifiable Information (PII)

Transcription:

Liaison Information Report (LIR) Healthcare & Public Heath Sector Pharmaceutical Industry 25 May 2018 LIR # 180525001 Criminals Posing as Pharmacists Conducting Fraudulent Prescriptions Requests without Doctors or Patients Knowledge Throughout the United States The Washington Field Office, in coordination with Office of Private Sector, prepared this LIR to inform healthcare partners in the medical industry about fraudulent prescriptions affecting physicians and patients across the United States. FBI information indicated there are approximately sixty reported fraudulent prescription requests. If you have knowledge of such activity, report it to your security office, wfhealthcarefraud@ic.fbi.gov, and your local FBI Field Office. Since March 2017, several partially-identified pharmacies and pharmaceutical companies have requested medical prescriptions and/or supplies without the physician s and patient s knowledge. The companies sent the alleged fraudulent requests through a fax-to-computer system originating from doctors offices across the United States. These requests included ointments, over-the-counter medications, and diabetic supplies. The following are the reported partially-identified companies who allegedly conducted fraudulent requests: RX Works Max Health Benefits E-Healthy Solutions Health Solutions Pharmacy Works Fraudulent prescriptions were also reported from several legitimate pharmacies and pharmaceutical companies. At this time, it appears these businesses are not complicit in the scheme. The Scheme The perpetrators represented themselves as representatives of the above-mentioned companies. They contacted patients to obtain the patients primary care contact information. The perpetrators then use the information to obtain authorization from the physician via fax. (See Appendix for an example of the fax request). Page 1 of 5

FBI information indicated the perpetrators used the following Fax numbers: 800-581-1299 866-705-4069 866-462-7769 561-331-6061 800-868-8136 866-242-5573 866-308-4114 866-583-0576 888-641-0060 888-290-8812 The fraudulent prescription requests included the following medications: Diclofenac sodium solution (1.5 percent) and gel (3 percent) Omeprazole sodium bicarbonate Triamcinolone acetonide cream (0.1 percent) Lidocaine ointment This LIR was created by the FBI Washington Field Office, in coordination with Office of Private Sector (OPS) and disseminated from OPS s Sector Analytic Unit. Please direct any requests and questions to your FBI Private Sector Coordinator at your local FBI Field Office: https://www.fbi.gov/contact-us/field-offices. If you have knowledge of such activity, report it to your security office, wf-healthcarefraud@ic.fbi.gov, and your local FBI Field Office. Page 2 of 5

Appendix: Examples of the Fraudulent Prescriptions Request Page 3 of 5

Page 4 of 5

Not for disclosure, restricted to participants only. TLP:AMBER Traffic Light Protocol (TLP) Definitions Color When should it be used? How may it be shared? TLP:RED Sources may use TLP:RED when information cannot be effectively acted upon by additional parties, and could lead to impacts on a party's privacy, reputation, or operations if misused. Limited disclosure, restricted to participants organizations. TLP:GREEN Limited disclosure, restricted to the community. TLP:WHITE Disclosure is not limited. Sources may use TLP:AMBER when information requires support to be effectively acted upon, yet carries risks to privacy, reputation, or operations if shared outside of the organizations involved. Sources may use TLP:GREEN when information is useful for the awareness of all participating organizations as well as with peers within the broader community or sector. Sources may use TLP:WHITE when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Recipients may not share TLP:RED information with any parties outside of the specific exchange, meeting, or conversation in which it was originally disclosed. In the context of a meeting, for example, TLP:RED information is limited to those present at the meeting. In most circumstances, TLP:RED should be exchanged verbally or in person. Recipients may only share TLP:AMBER information with members of their own organization, and with clients or customers who need to know the information to protect themselves or prevent further harm. Sources are at liberty to specify additional intended limits of the sharing: these must be adhered to. Recipients may share TLP:GREEN information with peers and partner organizations within their sector or community, but not via publicly accessible channels. Information in this category can be circulated widely within a particular community. TLP:GREEN information may not be released outside of the community. Subject to standard copyright rules, TLP:WHITE information may be distributed without restriction. Page 5 of 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback