Skip to main content

Report an Incident or File Complaint

What is a HIPAA security incident?

A HIPAA security incident is the attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system. All suspected HIPAA Incidents must be reported in a timely manner.

What is a HIPAA complaint?

If you believe that a HIPAA-covered entity or its business associate violated your (or someone else’s) health information privacy rights or committed another violation of the Privacy, Security, or Breach Notification Rules, you may file a complaint.

Reporting a HIPAA incident or filing a complaint

Office of HIPAA Compliance

Contact the Office of HIPAA Compliance by phone at 989-774-2829 or email them directly.

CMU HIPAA Contacts

If you would like to report a HIPAA incident or complaint, you may also contact any person listed on the CMU HIPAA contacts page directly. 

General Counsel

Contact  John Danner from General Counsel.

Call CMU Ethics Hotline

Call (confidential) at 1-866-294-9379.

File a report via the  CMU Ethics Hotline Website .