Identify the early iterations of the HIPAA act and how the law has been modified to facilitate easier access to consumer complaints and enforcement.

Imagine that you are a sophomore at Premier College. Over the past few months, you have not been well due to increased amounts of academic pressure and found yourself unable to concentrate in class or sleep well at night. You went to the student medical center for evaluation and, after consulting with the staff doctor, you were issued a prescription for the treatment of depression.

A few days later, one of your professors tells you that he too has had to take medicine for depression in the past. You ask him how he knew about your situation, and he replied that all student medical records are available to every instructor and staff member at Premier College. Hearing this, you feel that your privacy rights have been violated.

That afternoon you research privacy rights on the Internet and learn that filing a HIPAA privacy complaint to the OCR had been a tedious process before July 2009. On July 27, 2009, the Secretary of Health and Human Services (HHS) delegated to the Director of OCR the authority to administer and enforce the HIPAA Security Rule. This action improved HHS’ ability to protect individuals’ health information by combining the authority for administration and enforcement of federal standards for health information privacy and security. Those standards are outlined in the HIPAA legislation. With the new regulation, the process of filing a privacy complaint has become simpler and more effective.

Then you research the steps involved with filing a privacy complaint with the OCR (http://www.hhs.gov/ocr/privacy/hipaa/complaints/index.html), download the Health Information Privacy Complaint form at (http://www.hhs.gov/sites/default/files/ocr/privacy/hipaa/complaints/hipcomplaintform.pdf), and complete the form. While working on the form, you realize some sections are critical to your case and must be addressed carefully.

You decide to write about your experience in a paper for your Legal Issues in Information Security class. For this assignment:

1. Identify the early iterations of the HIPAA act and how the law has been modified to facilitate easier access to consumer complaints and enforcement.

2. Describe the overall process of submitting a health information privacy complaint to the OCR.

3. Identify specific sections of the complaint form that need critical attention while completing the form.

4. Analyze a few situations that can occur if the critical sections are not well identified.

5. Draft a brief summary, collating all your findings.

Required Resources

Access to the Internet
http://www.hhs.gov/ocr/privacy/hipaa/complaints/index.html
http://www.hhs.gov/sites/default/files/ocr/privacy/hipaa/complaints/hipcomplaintform.pdf

Submission Requirements

§ Format: Microsoft Word

§ Font: Arial 12-point size, Double-space

§ Citation Style: Follow your school’s preferred style guide

§ Length: No more than 500 words