Newsletter Signup

monthly newsletter on medical billing best practices

Home > Medical Billing Resource Center > Unpaid Medical Bills and Your Privacy

by J. Kristi Feathers
Article contributed by Carreon And Associates -

This article is written by J.Kristi Feathers and is her opinion only. Portions of this article (The HIPPA Act) has been cited from federal resources. This article is for informational purposes only. If you need legal advice on a HIPPA situation please contact an attorney. The Privacy Rule requires a "business associate" (collection agency or billing firm) to reasonably limit the amount of information disclosed for such purposes to the minimum necessary as well as to abide by reasonable requests for confidential communications.

This could be a loophole for debtors against collection agencies because collection employees often know less about their industry restrictions than does the debtor. This could lead to violations and eventually case law to support such violations. If collection agency employees are not careful, they could lose out on collecting medical debts by inadvertently knowing too much about the debtors medical condition. This will no doubt lead to many consumers seeking that the debts be pulled back by the medical provider to avoid potential suits against the provider.

Debtors who know how to protect themselves will use this provision to threaten collectors and gain the upper hand in settling the debt without it hitting their credit reports. Basically, debtors who discover that the collector knows their diagnosis and treatment will threaten the agency that their privacy has been violated. The agency, wanting to avoid unnecessary suits will most likely agree to remove the negative entry on the consumers credit report by agreeing to settle with such terms. The debtor will gain a clearer credit report by having the item removed rather than listed as "paid collection".

Overview of HIPAA: The Health Insurance Portability and Accountability Act (HIPAA): The first-ever federal privacy standards to protect patients' medical records and other health information provided to health plans, doctors, hospitals and other health care providers took effect on April 14, 2003. Developed by the Department of Health and Human Services (HHS), these new standards provide patients with access to their medical records and more control over how their personal health information is used and disclosed. They represent a uniform, federal floor of privacy protections for consumers across the country. State laws providing additional protections to consumers are not affected by this new rule. Congress called on HHS to issue patient privacy protections as part of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). HIPAA included provisions designed to encourage electronic transactions and also required new safeguards to protect the security and confidentiality of health information. The final regulation covers health plans, health care clearinghouses, and those health care providers who conduct certain financial and administrative transactions (e.g., enrollment, billing and eligibility verification) electronically. Most health insurers, pharmacies, doctors and other health care providers were required to comply with these federal standards beginning April 14, 2003. As provided by Congress, certain small health plans have an additional year to comply. HHS has conducted extensive outreach and provided guidance and technical assistant to these providers and businesses to make it as easy as possible for them to implement the new privacy protections. These efforts include answers to hundreds of common questions about the rule, as well as explanations and descriptions about key elements of the rule. These materials are available at You may also file a complaint for violations.

Protecting your credit
Past due debts on your credit reports can ruin your credit rating but some of the biggest offenders are medical debts. They account for almost 1/3 of all collection accounts and once they're sold off to collection agencies they become "credit killers". Unlike a past due credit card, a medical debt can be sold quickly to numerous collection agencies over and over. They are quick to collect for agencies because very few people dispute them. Well, take heart, you can lower the debt, settle the debt and even remove it from your credit reports so....before you pay that medical charge off listen up. Believe it or not a medical bill is much easier to dispute and remove from your credit reports than a credit card bill. Medical debts are rarely questioned by consumers and this is a major mistake. Most medical debts are overbilled. If a consumer were actually to take time and ask for a "breakdown of charges" they would most likely find over charging- and a lot of it. Medical debts are so difficult to determine for consumers because you receive a complex bill in the mail with lab charges, physician charges and separate hospital related fees. Medical debts are also shipped off to collection agencies fairly quick which means they land on your credit reports before you have even had a chance to review the bill.

If you have received a medical bill or many medical bills consider the following strategy to reduce it and keep the debt off your credit reports:

--Review the bill as soon as it arrives and look at every charge. Many times you will find excessive charges for procedures that you don't even recall. Review it closely and make sure the amount is accurate.

--Contact the Provider of Service and ask for a complete breakdown of all charges including all medication, x-ray and lab fees. When it arrives go over it and highlight any portions that you believe are over charged or excessive.

--Call the provider right away and make sure all insurance information is accurate and that you are only being billed the portion allowed by your insurance. Don't pay the bill(s) until after you have received a EOB- Explanation of Benefits so that you only pay the amount required by your insurance company.

--If the debt has been sold to a collection agency, send a request immediately to the CA asking for a "validation of debt". If the debt collector has too much of your medical information --that could result in a violation of HIPAA and possibly FDCPA for third party disclosure.

--Protect your medical records by requesting proof that you signed an authorization allowing the medical provider to release your information to a third party collector. This law is covered under the HIPAA Act and if you did not authorize it then the provider may have violated the HIPAA by giving your records to the debt collector. This may be a great reason to have your debt pulled back from the collector and sent back to the provider. If that happens, a collector is not authorized to report the debt to your credit reports, so be sure and check your credit and if it's listed, dispute it.

The collector is allowed under law to have information about you such as your name, social security number and address but unless you authorized it, a medical provider should not include your medical records and diagnosis to a collection agency. While you cannot sue under HIPPA (yet) you can file a complaint and better yet possibly have the debt canceled if too much personal medical information was revealed about you without your consent. Additionally a health care provider violation of HIPAA could result in FDCPA litigation against a collection agency. Be careful signing those patient authorizations and speak up if too much has been revealed.

Understand HIPAA as to not look foolish
Many consumers selectively read what they want in the HIPAA law and run screaming "violations, violations" without understanding what a violation entails. Remember a debt collector is considered a "business associate" under HIPAA and is allowed to use your information to collect a debt but it is a gray area as to how much is too much information. It may be too soon to tell since the HIPAA amendments are new (April 2003) but apples to oranges that any portion of your personal medical records will no doubt be "violations of privacy". Financial information and location should be all the debtor has on you not your treatment and diagnosis. expressly authorized it in your signed documents with the medical provider so again- read them well.

The key here is knowledge. Read the HIPPA before you assume the agency has violated your privacy.

Our sample letters include a HIPPA request to send to collection agencies.

> Return to the Medical Billing Resource Center

Services | About Us | Case Studies | Medical Billing Resource Center | Contact Us | Links
All Rights Reserved. Copyright © 2004 G&G Advanced Medical Consulting, Inc.