About Careers Internship MedBlog Contact us
English (US)
Medindia
LOGIN REGISTER
Medindia

Health Insurance Portability and Accountability Act [HIPAA] - Filing a Complaint

Written by -   Dr. Sameer Sippy
Medically Reviewed by -   The Medindia Medical Review Team
Last Updated on Sep 28, 2014

Filing a Complaint

If an individual feels that a covered entity has violated his/her or some other individual’s health information privacy rights or committed a violation of the Privacy or Security Rule, he/she has the liberty to file a complaint with OCR (Office for Civil Rights). Based on the complaints lodged, OCR can investigate complaints filed against such covered entities.

Requirements for filing a Complaint

While filing a complaint, the following points should be borne in mind:

  • The complaint should be filed in writing-either on paper or electronically, by mail, fax, telefax or e-mail.
  • Disclosing the name of the covered entity involved in violation of HIPAA and describe the acts or omissions that he/she believes has resulted in the violations of the Privacy or Security Rule and on occurrence of violation pertaining to the procedures in HIPAA systems and processes, complaint needs to be lodged within 180 days from the date of occurrence. Relaxation regarding the deadline of 180 days period can be made possible only if the concerned individual can show "good cause." or a valid reason for the same.
Advertisement

Anyone can file a complaint alleging a violation of the Privacy or Security Rule. For this purpose, it is recommended that the individual makes use of OCR Health Information Privacy Complaint Form Package. He/She can request a copy of this form from an OCR regional office.

Retaliation is strictly prohibited by HIPAA

Under HIPAA, an entity cannot does not have right to retaliate against an individual for filing a complaint. In case of any retaliatory action, the concerned individual should notify OCR immediately, without much delay.

Procedures for submission of a Complaint

For submitting or lodging a complaint, one of the following methods may be used as described below:

If an individual wants to mail or fax the complaint, it is recommended to cross-verify that such a complaint is delivered to the appropriate OCR regional office based on the location wherein the alleged violation occurred. OCR has ten regional offices and each regional office covers specific states. The complaint to be lodged or filed should be sent highlighting the attention of the OCR Regional Manager.

Advertisement

In case, if the lodged complaint is an email, it is not mandatory or binding to sign the complaint and consent forms because submission by an email represents your signature.

In case, if the complaint is handwritten on the paper, in that event the letter needs to be signed by the concerned individual for validating the complaint pertaining to the violation of HIPAA.

Published on Sep 18, 2014
Last Updated on Sep 28, 2014

Advertisement
Recommended Reading
Health Articles A-Z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Get Health and Wellness Secrets from Our Engaging eBooks
Sign up for Wellness Consult a Doctor Sign up for Selfcare

What's New on Medindia

View All

Articles

Stay Connected

Available on the Android Market Available on the App Store

Health Insurance Portability and Accountability Act - Related News

View All