How to Report HIPAA Violations in Oregon
The federal government created HIPAA (Health Insurance Portability and Accountability) Act to ensure that individuals can maintain their health insurance after leaving a job. HIPAA also standardizes medical records transmitted electronically. Because transmitting confidential health records in a standardized electronic format creates a risk that a hacker may be able to access that information, the Department of Health and Human Services mandated security requirements that health care organizations need to follow. When these requirements aren't followed, a complaint can be filed against the health care organization.Instructions
-
-
1
Verify that the health care organization is covered by HIPAA. Not all organizations are. According to the HIPAA website, the organization must be a "health plan, health care clearinghouse, and any health care provider that conducts certain health care transactions electronically."
-
2
Fill out the HIPAA complaint form. The form can be downloaded from the HIPAA website. You will need to name the organization that committed the violation and describe the violation.
-
3
File the complete form, either electronically or on paper by mail or fax, to the Oregon regional office. The complaint must be filed within 180 days of the violation. Direct the complaint to:
Oregon Department of Health and Human Services
Office for Civil Rights
2201 Sixth Avenue
Mail Stop RX-11
Seattle, WA 98121
206-615-2290
TDD: 206-615-2296
Fax: 206-615-2297
-
1