Skip to Main Navigation
Skip to Main Content
The University of Texas at Dallas

HIPAA Privacy Manual

Section 18: Privacy Complaint Policy

Policy:

Any individual who believes the rights granted by the Health Insurance Portability and Accountability Act (HIPAA) privacy regulations or any other state or federal laws dealing with privacy and confidentiality have been violated may file a complaint regarding the alleged privacy violation.

Procedure for Filing HIPAA Complaints:

Any privacy related complaint made by a patient, faculty member, employee, student, or volunteer at anytime must be forwarded to the Privacy Officer or to the Institutional Compliance Program. Complaints may also be made anonymously by calling the Ethics Hotline at 1-888-228-7707.

Investigation of Complaints:

The Privacy Officer will contact both Patient Services and the Information Security Officer to investigate the alleged privacy violations. Patient Services will investigate complaints made by patients regarding alleged breaches of their privacy. In addition, Patient Services may be requested to assist in investigations regarding complaints made by employees who believe fellow employees have violated patient privacy standards.

In situations involving students, the CPO shall notify the Student Affairs Office of the investigation.

Simultaneously, the Privacy Officer will request an investigation be undertaken by the ISO of any applicable information technology systems to determine if a breach of privacy has occurred whether the complaint is made by a patient, faculty member, employee, or student. If during the course of an investigation an individual is found to be in violation of an institutional policy, he/she will be subject to the disciplinary process for faculty, staff, students, or volunteers