Skip Navigation

Report to Congress on Privacy Rule and Security Rule Compliance

Section 13424(a) of the Health Information Technology for Economic and Clinical Health (HITECH) Act requires the Secretary of the Department of Health and Human Services (the Department) to prepare and submit an annual report to Congress regarding compliance with the Privacy and Security Rules promulgated under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) (Pub. L. 104-191). In addition, Section 13424(a)(2) of the HITECH Act requires that each report be made available to the public on the web site of the Department.

The following report was prepared in accordance with these statutory requirements. For the years for which the report is prepared, the report summarizes complaints received by the Department of alleged violations of the provisions of Subtitle D of the HITECH Act, as well as of the HIPAA Privacy, Security and Breach Notification Rules at 45 CFR Parts 160 and 164.

Submission Letter for the Report to Congress on Privacy Rule and Security Rule Compliance

Report to Congress on Privacy Rule and Security Rule Compliance

Submission Letter for the 2011 – 2012 Report to Congress on HIPAA Privacy, Security and Breach Notification Compliance

2011 – 2012 Report to Congress on HIPAA Privacy, Security and Breach Notification Compliance