Skip to main content
U.S. flag

An official website of the United States government

Here’s how you know

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS
A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

  • About HHS
  • Programs & Services
  • Grants & Contracts
  • Laws & Regulations
  • Radical Transparency
  • Big Wins
  • About OCR
  • Filing with OCR
  • Civil Rights
  • Conscience and Religious Freedom
  • Health Information Privacy
  • Newsroom
Breadcrumb
  1. HHS
  2. OCR Home
  3. About Us
  4. OCR Reports to Congress
  • About Us
    • Mission & Vision
    • Budget & Systems
    • Reports to Congress
    • Jobs & Internships
    • Contact Us
    • Office for Civil Rights Speaker Request

OCR Reports to Congress

Annual Reports to Congress on Implementation of the Age Discrimination Act of 1975

  • Fiscal Year 2021*
  • Fiscal Year 2020*
  • Fiscal Year 2019*
  • Fiscal Year 2018*

Reports to Congress on Privacy Rule and Security Rule Compliance

Section 13424(a) of the Health Information Technology for Economic and Clinical Health (HITECH) Act requires the Secretary of the Department of Health and Human Services (the Department) to prepare and submit an annual report to Congress regarding compliance with the Privacy and Security Rules promulgated under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) (Pub. L. 104-191). In addition, Section 13424(a)(2) of the HITECH Act requires that each report be made available to the public on the web site of the Department.

The following report was prepared in accordance with these statutory requirements. For the years for which the report is prepared, the report summarizes complaints received by the Department of alleged violations of the provisions of Subtitle D of the HITECH Act, as well as of the HIPAA Privacy, Security and Breach Notification Rules at 45 CFR Parts 160 and 164.

2022 Annual Report to Congress on HIPAA Privacy, Security, and Breach Notification Rule Compliance

2021 Report to Congress on HIPAA Privacy, Security, and Breach Notification Compliance

2020 Report to Congress on HIPAA Privacy, Security, and Breach Notification Compliance

2019 Report to Congress on HIPAA Privacy, Security, and Breach Notification Compliance*

2018 Report to Congress on HIPAA Privacy, Security, and Breach Notification Compliance*

2015-2016-2017 Report to Congress on HIPAA Privacy, Security, and Breach Notification Compliance - Submitted to Congress on February 22, 2019.

2013 - 2014 Submission Letter to the Report to Congress on HIPAA Privacy, Security and Breach Notification Compliance

2013 - 2014 Report to Congress on HIPAA privacy, Security and Breach Notification Compliance

2011 – 2012 Submission Letter for the Report to Congress on HIPAA Privacy, Security and Breach Notification Compliance

2011 – 2012 Report to Congress on HIPAA Privacy, Security and Breach Notification Compliance

2009 - 2010 Submission Letter for the Report to Congress on Privacy Rule and Security Rule Compliance

2009 - 2010 Report to Congress on Privacy Rule and Security Rule Compliance

Reports to Congress on Breach Notification Program

Section 13402(i) of the HITECH Act requires the Secretary of Health and Human Services (“the Secretary”) to prepare and submit to Congress an annual report containing the number and nature of breaches reported to the Secretary, and the actions taken in response to those breaches. Section 13424(2) of the HITECH Act requires the Secretary to make each report available to the public on the HHS website.

The following report was prepared to fulfill these statutory requirements. This report provides an overview of the breach notification requirements, as well as a discussion of the reports the Secretary received that occurred during the reporting period.

2022 Report to Congress on the Breach Notification Program

2021 Report to Congress on HIPAA Privacy, Security, and Breach Notification Compliance

2020 Report to Congress on the Breach Notification Program

2019 Report to Congress on the Breach Notification Program*

2018 Report to Congress on the Breach Notification Program*

2015-2016-2017 Report to Congress on the Breach Notification Program - Submitted to Congress on February 22, 2019.

Submission Letters for the 2013 - 2014 Report to Congress on the Breach Notification Program

2013 - 2014 Report to Congress on the Breach Notification Program

Submission Letters for the 2011 - 2012 Report to Congress on the Breach Notification Program

2011 - 2012 Report to Congress on the Breach Notification Program

Submission Letters for the 2009 - 2010 Report to Congress on the Breach Notification Program

2009 - 2010 Report to Congress on the Breach Notification Program

* People using assistive technology may not be able to fully access information in this file. For assistance, contact the HHS Office for Civil Rights at (800) 368-1019, TDD toll-free: (800) 537-7697, or by emailing OCRMail@hhs.gov.

Content created by Office for Civil Rights (OCR)
Content last reviewed May 31, 2024
Back to top

Subscribe to Email Updates

Receive the latest updates from the Secretary and Press Releases.

Subscribe
  • Contact HHS
  • Careers
  • HHS FAQs
  • Nondiscrimination Notice
  • Press Room
  • HHS Archive
  • Accessibility Statement
  • Privacy Policy
  • Budget/Performance
  • Inspector General
  • Web Site Disclaimers
  • EEO/No Fear Act
  • FOIA
  • The White House
  • USA.gov
  • Vulnerability Disclosure Policy
HHS Logo

HHS Headquarters

200 Independence Avenue, S.W.
Washington, D.C. 20201
Toll Free Call Center: 1-877-696-6775​

Follow HHS

Follow Secretary Kennedy