HIPAA 404 Footer
Patient Portability (website)
Maricopa should audit MIHS (InfoSec patient data breach). If I understand the services correctly, it is to benefit an individual and not introduce additional traumas by electronic patient data exposure. Policy, procedure and annual employee training generally reduce these risks.
HIPAA covered entities normally are required to assess their own compliance. In addition, the U.S. DHHS Office for Civil Rights randomly audits HIPAA covered entities and also does complaint audits.
You can file a HIPAA complaint with MIHS; you also can file a HIPAA complaint with OCR online at http://www.hhs.gov/ocr/privacy/hipaa/complaints/index.html .
You may contact the Office of Civil Rights Region IX by phone: (415) 437-8310; by fax: (415) 437-8329; by mail: Office for Civil Rights, U.S. Department of Health and Human Services, 90 7th Street, Suite 4-100, San Francisco, CA 94103.