Stay informedWhat you need to know about cybersecurity

As our ability to communicate and interact with our patients is improved by new technologies, an unfortunate side effect is an increase in criminals targeting patients with phone or Internet scams. Please review the information below to learn about known issues and how to stay safe.

Current issues

What you need to know

UW Health advises people to be vigilant when callers or emails request personal or financial information such as health history, Social Security, Medicare ID numbers or payment information.

Listed below are known scams. Please note, scam efforts are constantly changing and can be very sophisticated. While these are the ones we are currently aware of, there may be others.

If you have any doubts, contact UW Health.

MyChart

We have been made aware of a fraudulent website targeting UW Health MyChart users. These types of websites could be used to acquire usernames, passwords or other sensitive information.

How to stay safe

  • Access MyChart through the mobile app on your phone

  • If you access MyChart through a web browser, ensure the address begins with https://mychart.uwhealth.org

  • Do not enter your information if you are uncertain or have doubts about the site

For problems with accessing MyChart or to report any suspicious sites or activity, please call: (877) 768-0732

Examples of other scams

Scammers frequently target patients of health care systems for numerous reasons, including fraudulent Medicare claims. Other types of scams that may occur:

  • Scammers claiming to be UW Health employees, contacting people by phone and asking about common health conditions, such as knee or back pain.

  • “Phishing” emails imitating UW Health branding, such as logos and colors, attempting to coax patients into giving out MyChart login credentials.

  • "Phishing" text messages that may include links to malicious sites or request login credentials.

How to stay safe

Protect your information

Protect your information online

  • Use a strong password that is unique to every website you use.

  • Always utilize multifactor authentication for websites that offer it.

  • Install security updates when available to your computer, phone and tablet.

  • Utilize antivirus/antimalware software on all personal computers.

  • Do not click on a suspicious link, visit the site directly through a known web address or mobile app.

  • Monitor personal credit reports.

How to detect a scam

Know this about UW Health when we contact you:

  • We do not participate in lotteries or promotions offering monetary prizes or gift cards.

  • We will not contact patients by phone to demand emergency payment of an insurance premium for a policy that is about to lapse or to pay a bill. We might call to offer account resolution options such as a payment plan or financial assistance.

  • We will not get agitated or threaten a customer if a payment is needed.

  • Our patients might occasionally receive a call, text or email for pre-registration or patient satisfaction surveys. If you are suspicious, gather any information if possible, hang up and call the UW Health hospital or clinic you visited or plan to visit.

  • We use regular billing periods and regularly scheduled premium notices to notify customers of any amounts they owe.

  • If the UW Health name or logos are used in a communication and you are suspicious, call the UW Health facility you visit to help determine what you received is authentic.

  • UW Health works with small number of third-party vendors who occasionally contact patients. If you are suspicious of a call from another company about your care at UW Health, hang up and call UW Health to verify we do business with them.

  • We might send overdue accounts to a collection agency who could call to assist with your payment. If you are suspicious, hang up and call UW Health.

What to do if you shared information with a scammer

Report any identify theft to the Federal Trade Commission (FTC).

Do not feel embarrassed or ashamed. Many people have been impacted by scammers.

If you provided financial or account information to a suspected scam artist, contact your bank, credit card company and credit monitoring services to report possible fraud, and carefully monitor any affected accounts for suspicious activity in the weeks following the incident.

If you clicked on a link in an email, run a virus scan on your device. If it is a mobile phone, consider contacting your phone service provider for assistance. For personal laptop or desktop computers, consider contacting a service that specializes in computer maintenance.

If you accessed a link through a work computer, contact your company's IS/IT department.

You may be asked to file a police report. This can also help law enforcement know how widespread the issue is.