File a Complaint
The improved Administrative Simplification Enforcement and Testing Tool (ASETT) is available for use. You can use ASETT to file a complaint with the CMS National Standards Group (NSG) about alleged violations of the HIPAA Administrative Simplification requirements.
Follow the steps in this infographic to file a complaint.
How to File a Complaint
To file your HIPAA transactions, code sets, unique identifiers (employer and provider Identifiers) or operating rules complaint electronically, go to the Administrative Simplification Enforcement Testing Tool (ASETT).
ASETT is fully integrated with CMS’s Identity Management (IDM) system. This tool provides registered ASETT users an additional level of security for filing complaints through Multi-Factor Authentication (MFA) and Remote Identity Proofing and allows attaching supporting documentation. Unregistered users can still file a complaint by clicking on the “Get Started” button on the ASETT home page.
Learn more about ASETT with these resources:
ASETT Demonstration Video (Video)
This demonstration video walks users through how to register for ASETT, how to use it to file complaints against HIPAA covered entities for noncompliance with Administrative Simplification standards for electronic health care transactions, and how to test their electronic health care transactions, as well as their trading partners' transactions for potential noncompliance.
Reaching Compliance with ASETT (Video)
To help the health care community use electronic standards for administrative transactions, CMS has released the Reaching Compliance with ASETT video.
- Explains the benefits of complying with Administrative Simplification standards, including substantial cost savings
- Describes how ASETT—the Administrative Simplification Enforcement and Testing Tool—allows you to test transactions, both your own and your business trading partners’ transactions
- Tells you how to use ASETT to file a complaint if you have any noncompliant business trading partners
Enforcing HIPAA Administrative Simplification Requirements (Video)
Enforcing Administrative Simplification requirements is essential to ensuring the health care community reaps the benefits of standardized transactions and reduced administrative costs. Learn more about how CMS enforces Administrative Simplification requirements in this video.
Provides a brief reference on the steps you need to register an account, log in, file a complaint and test a transaction.
Provides step-by-step instructions for users to effectively use all ASETT functions and features.
Have questions? Please review our FAQs and let us know if you have additional questions that we have not answered.
Provides an overview and step-by-step instructions of how to test transactions in ASETT.
Provides an overview of how to file a complaint for noncompliance with Administrative Simplification requirements.
File a Paper Complaint
To file an Administrative Simplification HIPAA-related paper complaint rather than an electronic one, please complete this OMB-approved form 0938-0948 and return it to the Centers for Medicare & Medicaid Services (CMS) with any related supporting documentation.
To file a HIPAA Privacy Rule and Security Rule complaint, please contact the HHS Office for Civil Rights (OCR). OCR manages HIPAA privacy and security complaints and enforcement activities.