File a Complaint

The improved Administrative Simplification Enforcement and Testing Tool (ASETT) is available for use. You can use ASETT to file a complaint with the CMS National Standards Group (NSG) about alleged violations of the HIPAA Administrative Simplification requirements.

How to File a Complaint Infographic (PDF)
Follow the steps in this infographic to file a complaint.

Complaint Process Infographic (PDF)
Find out what happens when NSG receives a complaint.

How to File a Complaint

To file your HIPAA transactions, code sets, unique identifiers (employer and provider Identifiers) or operating rules complaint electronically, go to the Administrative Simplification Enforcement Testing Tool (ASETT).  

ASETT is fully integrated with CMS’s Identity Management (IDM) system. This tool provides registered ASETT users an additional level of security for filing complaints through Multi-Factor Authentication (MFA) and Remote Identity Proofing and allows attaching supporting documentation. Unregistered users can still file a complaint by clicking on the “Get Started” button on the ASETT home page.

Learn more about ASETT with these resources:

Reaching Compliance with ASETT (Video)

To help the health care community use electronic standards for administrative transactions, CMS has released the Reaching Compliance with ASETT video.

• Explains the benefits of complying with Administrative Simplification standards, including substantial cost savings
• Describes how ASETT—the Administrative Simplification Enforcement and Testing Tool—allows you to test transactions, both your own and your business trading partners’ transactions
• Tells you how to use ASETT to file a complaint if you have any noncompliant business trading partners

Enforcing HIPAA Administrative Simplification Requirements (Video)

Enforcing Administrative Simplification requirements is essential to ensuring the health care community reaps the benefits of standardized transactions and reduced administrative costs. Learn more about how CMS enforces Administrative Simplification requirements in this video.

 

Quick Start Guide (PDF)
Provides a brief reference on the steps you need to register an account, log in, file a complaint and test a transaction.

User Manual (PDF)
Provides step-by-step instructions for users to effectively use all ASETT functions and features.

Frequently Asked Questions (PDF)
Have questions? Please review our FAQs and let us know if you have additional questions that we have not answered.

How to Test Electronic Health Care Transactions for HIPAA Compliance (PDF)
Provides an overview and step-by-step instructions of how to test transactions in ASETT.

Filing a Complaint with the Administrative Simplification Enforcement & Testing Tool (PDF)
Provides an overview of how to file a complaint for noncompliance with Administrative Simplification requirements.

File a Paper Complaint

HIPAA Administrative Simplification (Non-privacy/Security) Complaint Form (PDF)
To file an Administrative Simplification HIPAA-related paper complaint rather than an electronic one, please complete this OMB-approved form 0938-0948 and return it to the Centers for Medicare & Medicaid Services (CMS) with any related supporting documentation.

To file a HIPAA Privacy Rule and Security Rule complaint, please contact the HHS Office for Civil Rights (OCR). OCR manages HIPAA privacy and security complaints and enforcement activities.