Complaint Portal Assistant
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR),
enforces federal civil rights laws, conscience and religious freedom laws, the Health Insurance Portability
and Accountability Act (HIPAA) Privacy, Security, and Breach Notification Rules, and the Patient Safety Act and Rule, which together protect
your fundamental rights of nondiscrimination, conscience, religious freedom,
and health information privacy at covered entities.
- Federal Civil Rights Laws
help to protect you from unfair treatment or discrimination because
of your race, color, national origin, disability, age, or sex.
- Federal Conscience and Religious Freedom Laws
help to protect you from coercion, discrimination on the basis of
conscience or religion, and burdens on the free exercise of religion.
If you believe that a
covered entity
discriminated
against you or violated your (or someone else's) civil rights, conscience rights,
or religious freedom rights, you may file a complaint with OCR. You may file a
complaint for yourself, your organization, or for someone else.
The following are some examples of potential covered entities
(including institutions and personnel) that must abide by federal civil rights, conscience, and religious freedom laws:
• State and local government agencies that are responsible for administering health care
• State and local government income assistance and human service agencies
• Hospitals
• Medicaid and Medicare providers
• Physicians and other health care professionals in private practice with patients assisted by Medicaid
• Family health centers
• Community mental health centers
• Alcohol and drug treatment centers
• Nursing homes
• Foster care homes
• Public and private adoption and foster care agencies
• Day care centers
• Senior citizen centers
• Nutrition programs
• Any entity established under the Affordable Care Act
• Health insurance plans or companies
• HMOs
• Pharmacies
• Homeless shelters
• Health researchers.
- The HIPAA Privacy Rule
is a federal law that gives you rights over your health information and sets rules and limits
on who can look at and receive your health information. The Privacy Rule applies to all forms
of individuals' protected health information, whether electronic, written, or oral.
The HIPAA Security Rule is a federal law that requires security for health information in electronic form.
In addition, the Patient Safety Act and Rule establishes a voluntary reporting system to enhance the data available
to assess and resolve patient safety and health care quality issues,
and provides confidentiality protections for patient safety concerns.
If you believe that a covered entity violated your (or someone else's)
health information privacy rights or committed another violation under the HIPAA Privacy, Security, and Breach Notification Rules or the Patient Safety Act and Rule, you may file a complaint with OCR.
The following are some examples of covered entities that must
meet the requirements of the federal Privacy, Security and Breach Notification Rules:
• Health Plans
• Health care clearinghouses
• and Health care providers that conduct a portion of their business electronically using a HIPAA
covered transaction. OCR can investigate complaints against covered entities and their business associates.
You may file a complaint for yourself, your organization, or for someone else.
Question 1 - What is the nature of your complaint?
If you have any questions or need help filing a civil rights, conscience or religious freedom,
or health information privacy complaint, you may email OCR at
OCRMail@hhs.gov or call the U.S. Department
of Health and Human Services, Office for Civil Rights toll-free at: 1-800-368-1019, TDD: 1-800-537-7697.
We provide alternative formats (such as Braille and large print),
auxiliary aids and services (such as a relay service), and language assistance.