How Do I Report a HIPAA Violation?

What Constitutes a HIPAA Violation?

HIPAA violations can be more than blatant unauthorized disclosure of your medical records. Here are some other examples of potential violations:

• Your doctor or healthcare provider disclosed information to a family member that has no business knowing your health situation.  

• If your doctor improperly disposes of a copy of your medical records, they can be found in violation of the HIPAA.  

• An accidental switching of medical files can be a HIPAA violation.  

• A security breach can also qualify as a HIPAA violation, if another party was able to access your personal information

There are many more examples of potential HIPAA violations.  You can speak with an attorney if you believe your HIPAA rights have been breached.

How Do I Report a HIPAA Violation?

In order to report a HIPAA violation, you can file a complaint with the Office for Civil Rights. Note that they only investigate claims against “covered entities” like your doctor, hospital, or health care provider.  You must file your complaint in writing within 180 days of the violation, and it must both describe the violation and who committed it.

After writing your complaint, sign it and fax or mail it to the Office of Civil Rights in the area where the violation happened.  You can also email your complaint to OCRComplaint@hhs.gov.

For more help handling a potential HIPAA violation, we can help you find a lawyer.