Skip to Content

HIPAA Privacy - Complaints to the Covered Entity 164.530(d)(2)

580  Matthew Burdick September 29, 2022  Administrative Requirements (Privacy)

Overview:
ยง164.530(d)(1)
Standard: Complaints to the covered entity.
A covered entity must provide a process for individuals to make complaints concerning the covered entity's policies and procedures required by this subpart and subpart D of this part or its compliance with such policies and procedures or the requirements of this subpart or subpart D of this part.


Action Items:
1) Obtain and review policies and procedures to determine how complaints are received, processed, and documented.
2) Obtain and review a sample of documentation of complaints for consistency with the established performance criterion.


Related Documents:
1) Policies and procedures to determine how complaints are received, processed, and documented.
2) Sample of documentation of complaints for consistency with the established performance criterion.


Additional Guidance:
A covered entity must have procedures for individuals to complain about its compliance with its privacy policies and procedures and the Privacy Rule. The covered entity must explain those procedures in its privacy practices notice. Among other things, the covered entity must identify to whom individuals can submit complaints to at the covered entity and advise that complaints also can be submitted to the Secretary of HHS.
Not Rated
Secure Code