Skip to Main Content

File a Complaint

The new and improved Administrative Simplification Enforcement and Testing Tool (ASETT) is now available for use. 

How to File a Complaint

To file your HIPAA transactions, code sets, unique identifiers (employer and provider Identifiers) or operating rules complaint electronically, go to the Administrative Simplification Enforcement Testing Tool (ASETT),  

Prior to entering ASETT, each potential user must complete the one-time registration process to gain access to the system. This registration process is set up to protect the security of users’ information and collect the needed information to process a complaint. ASETT is fully integrated with CMS’ Enterprise Identity Management (EIDM) system and the CMS Enterprise Portal. Collectively, these tools provide ASETT users an additional level of security for filing complaints, and attaching supporting documentation and transactions, through Multi-Factor Authentication (MFA) and Remote Identity Proofing.

Quick Start Guide & User Manual 
The Quick Start Guide
 provides a brief reference on the steps you need to register an account, log in, file a complaint and test a transaction.  The user manual provides step-by-step instructions for users to effectively use all ASETT functions and features.   

FAQs
Have questions?  Please review our 
Frequently Asked Questions and let us know if you have additional questions that we have not answered.

To file a HIPAA transactions and code sets paper complaint, rather than an electronic one, please click here.

To file a HIPAA Privacy Rule and Security Rule complaint, please contact the HHS Office for Civil Rights (OCR).  OCR manages HIPAA privacy and security complaints and enforcement activities.

When filing Administrative Simplification HIPAA-related complaints, please complete the OMB approved form 0938-0948 in its entirety and return to the Centers for Medicare & Medicaid Services (CMS) with any related supporting documentation.

.