Skip Navigation
United States Flag

An official website of the United States government. Here's how you know >

U.S. Flag An official website of the United States government.
Change Font Size

Privacy Policy Notice
(as of September 30, 2016)

Thank you for visiting our HHS OIG website and for reviewing our Privacy Policy. Our policy is clear:

  • We collect no personally identifiable information (PII) about you unless you choose to provide that information to us.
  • Any PII you chose to provide will be maintained in accordance with Federal privacy requirements.
  • Non-PII information related to your visit to our websites may be automatically collected and temporarily stored.

Types of Information Collected

When you browse through any website, information about your visit can be collected. We automatically collect and temporarily store the following information about your visit:

  • the name of the domain you use to access the Internet (for example,, if you are using an American Online account, or, if you are connecting from Stanford University's domain);
  • the date and time of your visit;
  • the pages you visited; and
  • the address of the website you came from when you came to visit.

We use analytical software to collect and aggregate this information to create reports and analyses, which are used to help us make our site more useful to visitors. These data and reports are only available to web managers and other designated staff who require this information to perform their duties. HHS OIG retains the data from analysis as long as needed to support its mission. Again, there is no PII included in this data.

Session and Persistent Cookies

When visiting websites, a small text file called a "cookie" may be placed on your computer. This allows HHS OIG to collect non-PII data while you are navigating through the website. HHS OIG uses two types of cookies on its websites:

  • Session cookies are temporary text files that expire when you leave our websites. When cookies expire, they are automatically deleted from your computer.
  • Persistent cookies are multi-session cookies that are stored on your computer and expire 2 years after your last visit to our websites. After 2 years, they are automatically deleted from your computer. We use persistent cookies to collect non-PII data about users who frequently visit our websites and to test variations of our site design and content to optimize our webpages. In the Office of Management and Budget (OMB) Memo 10-22 Guidance, our use of persistent cookies is defined as "Usage Tier 2 Multi-session without Personally Identifiable Information (PII)," which "encompasses any use of multi-session Web measurement and customization technologies when no PII is collected."

If you do not want cookies placed on your computer, you can set your browser to block them. Blocking these cookies from your computer will not affect your access to the content and tools in our websites. Instructions to opt out are available on

Personally Provided Information

You do not have to give us personal information to visit our websites.

If you choose to provide us with additional information about yourself through an e-mail message, form, survey, etc., we will only retain the information as long as needed to respond to your question or to fulfill the stated purpose of the communication.

However, note that all communications addressed to HHS OIG are maintained, as required by law, for historical purposes. These communications are archived on a monthly basis. All communications addressed to HHS OIG are protected by the Privacy Act which restricts our use of them, yet permits certain disclosures.

Third-Party Applications

There may be third-party applications and/or services embedded on the Department of Health and Human Services Office of the Inspector General website (Official Link: to improve its functionality. Third party websites and/or applications are not government owned or operated. Our integration of these products is intended to provide a seamless user experience. By using the third-party website or application to communicate with the Department of Health and Human Services Office of the Inspector General, you may be providing nongovernmental third-parties with access to personally identifiable information (PII). Where applicable, privacy policies particular to these applications are provided.

Twitter: OIG uses Twitter to send short messages (up to 140 characters)-or tweets-to share information with the public. While visitors may read the OIG Twitter feed without subscribing to it, visitors who want to subscribe to (or follow) OIG Twitter feeds must create a Twitter account at To create an account, you must provide some personal information, such as name, user name, password and email address. Visitors have the option to provide additional personal information including a short biography, location, or picture. Most information you provide for a Twitter account is available to the public, but you can modify how much of your information is visible by changing your privacy settings at the website. OIG staff members do not take possession of the personal information belonging to Twitter followers. Nor do they respond to direct messages or comment. OIG does, however, monitor the number of subscribers.

YouTube: HHS OIG posts videos on YouTube to make them available to the public. You do not need to register with either YouTube or Google (YouTube owner) to watch OIG videos. When visitors watch videos, YouTube may record non-personally identifiable information about its site usage, such as channels used, videos watched, and data transfer details to improve its services. If you log on to the YouTube site before watching OIG videos, YouTube may associate information about your site use with your YouTube account. If you log on to YouTube and comment on an OIG video, any personal information you included when registering for your account will be visible to visitors who click on the comment.

GovDelivery: HHS OIG uses GovDelivery to distribute email updates to the public. GovDelivery is not government-owned or government-operated, and OIG's account with them is part of an overall account that the Department of Health & Human Services has with GovDelivery. To receive email updates from OIG, you must voluntarily provide your email address via the subscription option on the homepage or through HHS newsletter subscription options. GovDelivery collects and maintains the list of email addresses and distributes OIG's email updates. OIG does not use email addresses for any purpose other than to distribute the email updates.

HootSuite: HootSuite is a password-protected, third-party application that uses a series of tools to manage, track, and analyze approved OIG social media accounts. OIG does not take possession of any personal information provided by users to HootSuitewhen such users visit OIG social media platforms. The public can access OIG-specific information distributed through HootSuite by visiting OIG's individual social media accounts. OIG uses to shorten long website links in external communications including social media and e-mail updates. If a member of the public clicks on a link, certain technical information about their click through will be gathered and stored. This information is the referring Internet domain (such as Twitter, Facebook, etc.) from which the user accessed the link and the date and time the user clicked on the link, and does not include any personal information provided by users to


HHS OIG discloses personal information about those using HHS OIG internet sites or social media only when consistent with the Privacy Act, the Freedom of Information Act, and other Federal privacy requirements.

Where electronic communications, such as tweets, email or other similar messages, convey a threat of violence against the OIG or Department of Health and Human Services, suggest waste, fraud or abuse in an HHS program, or otherwise suggest a violation of law, the OIG may collect, maintain or disseminate the tweets/etc., as well as the name and profile information associated with the sender's account, for the purpose of OIG meeting its obligations under the Inspector General Act of 1978 and as a statutory law enforcement agency.

Intrusion Detection

This site is maintained by the U.S. Government. It is protected by various provisions of Title 18, U.S. Code. Violations of Title 18 are subject to criminal prosecution in Federal court.

For site security purposes and to ensure that this service remains available to all users, we employ software programs to monitor traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage. In the event of authorized law enforcement investigations, and pursuant to any required legal process, information from these sources may be used to help identify violators.

Systems of Records

Some information originally collected through traditional paper systems can now be submitted electronically, i.e., electronic commerce transactions and information updates about eligibility benefits. Electronically submitted information is maintained and destroyed pursuant to the Federal Records Act, and in some cases may be subject to the Privacy Act. If information that you submit is to be used in a Privacy Act system of records, there will be a Privacy Act Notice provided.

Office of Inspector General, U.S. Department of Health and Human Services | 330 Independence Avenue, SW, Washington, DC 20201