The means by which one files a privacy report to the Office of Civil Rights used to be extremely cumbersome and burdensome. In the event that a scenario like the one described happened to me, I would be fully within my rights to file a complaint, because my medical information is supposed to be confidential. Improvements to HIPAA security have been made that have eased the process by which privacy complaints are received, filed, and dealt with. The primary change is that the authority for administration and enforcement of privacy and security standards with regards to health has been combined, which makes receiving complaints and processing them much easier and faster.
Critical sections of the complaint that need to be filled out include the portions on what exactly has been compromised in regards to the patient’s private medical information, as well as how it has affected their lives in an adverse way. This information allows the OCR to categorize the complaint and recognize its severity. Without filling out this information in detail, the complaint may be ignored or sidelined in favor of more pressing ones, so it is important for those filing complaints to make these sections as thorough as they can.
Overall, the simplification of the process of filing privacy complaints has made them much more accessible to the masses. Prior to the overhaul of HIPAA security legislation, filing complaints was an extremely cumbersome and lengthy process, which likely lead to many people whose health privacy was violated to simply not file them. The changes in HIPAA security have significantly streamlined the process and made it much easier for those who have had their privacy violated to file complaints and receive justice. Following these steps will make life much easier for those who have had their private information leaked by their medical professionals.
- Touchet, B. K., Drummond, S. R., & Yates, W. R. (2004). The impact of fear of HIPAA violation on patient care. Psychiatric Services, 55(5), 575-576.
- Withrow, S. C. (2010). How to avoid a HIPAA horror story: the HITECH Act has expanded the financial risk for hospitals that do not meet the privacy and security requirements under HIPAA. Healthcare Financial Management, 64(8), 82-89.