MEDICAL BILLS AND YOUR PRIVACY - HIPAA AMENDMENTS
This article is written by J.Kristi Feathers and is her opinion only. Portions of this article (The HIPPA Act) has been cited from federal resources. This article is for informational purposes only. If you need legal advice on a HIPPA situation please contact an attorney. The Privacy Rule requires a "business associate" (collection agency or billing firm) to reasonably limit the amount of information disclosed for such purposes to the minimum necessary as well as to abide by reasonable requests for confidential communications.
This could be a loophole for debtors against collection agencies because collection employees often know less about their industry restrictions than does the debtor. This could lead to violations and eventually case law to support such violations. If collection agency employees are not careful, they could lose out on collecting medical debts by inadvertently knowing too much about the debtors medical condition. This will no doubt lead to many consumers seeking that the debts be pulled back by the medical provider to avoid potential suits against the provider.
Debtors who know how to protect themselves will use this provision to threaten collectors and gain the upper hand in settling the debt without it hitting their credit reports. Basically, debtors who discover that the collector knows their diagnosis and treatment will threaten the agency that their privacy has been violated. The agency, wanting to avoid unnecessary suits will most likely agree to remove the negative entry on the consumers credit report by agreeing to settle with such terms. The debtor will gain a clearer credit report by having the item removed rather than listed as "paid collection".
Overview of HIPAA: The Health Insurance Portability and Accountability Act (HIPAA): The first-ever federal privacy standards to protect patients' medical records and other health information provided to health plans, doctors, hospitals and other health care providers took effect on April 14, 2003. Developed by the Department of Health and Human Services (HHS), these new standards provide patients with access to their medical records and more control over how their personal health information is used and disclosed. They represent a uniform, federal floor of privacy protections for consumers across the country. State laws providing additional protections to consumers are not affected by this new rule. Congress called on HHS to issue patient privacy protections as part of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). HIPAA included provisions designed to encourage electronic transactions and also required new safeguards to protect the security and confidentiality of health information. The final regulation covers health plans, health care clearinghouses, and those health care providers who conduct certain financial and administrative transactions (e.g., enrollment, billing and eligibility verification) electronically. Most health insurers, pharmacies, doctors and other health care providers were required to comply with these federal standards beginning April 14, 2003. As provided by Congress, certain small health plans have an additional year to comply. HHS has conducted extensive outreach and provided guidance and technical assistant to these providers and businesses to make it as easy as possible for them to implement the new privacy protections. These efforts include answers to hundreds of common questions about the rule, as well as explanations and descriptions about key elements of the rule. These materials are available at www.hhs.gov/ocr/hipaa. You may also file a complaint for violations. http://www.hhs.gov/ocr/privacyhowtofile.htm
If you have received a medical bill or many medical bills consider the following strategy to reduce it and keep the debt off your credit reports:
--Review the bill as soon as it arrives and look at every charge. Many times you will find excessive charges for procedures that you don't even recall. Review it closely and make sure the amount is accurate.
--Contact the Provider of Service and ask for a complete breakdown of all charges including all medication, x-ray and lab fees. When it arrives go over it and highlight any portions that you believe are over charged or excessive.
--Call the provider right away and make sure all insurance information is accurate and that you are only being billed the portion allowed by your insurance. Don't pay the bill(s) until after you have received a EOB- Explanation of Benefits so that you only pay the amount required by your insurance company.
--If the debt has been sold to a collection agency, send a request immediately to the CA asking for a "validation of debt". If the debt collector has too much of your medical information --that could result in a violation of HIPAA and possibly FDCPA for third party disclosure.
--Protect your medical records by requesting proof that you signed an authorization allowing the medical provider to release your information to a third party collector. This law is covered under the HIPAA Act and if you did not authorize it then the provider may have violated the HIPAA by giving your records to the debt collector. This may be a great reason to have your debt pulled back from the collector and sent back to the provider. If that happens, a collector is not authorized to report the debt to your credit reports, so be sure and check your credit and if it's listed, dispute it.
The collector is allowed under law to have information about you such as your name, social security number and address but unless you authorized it, a medical provider should not include your medical records and diagnosis to a collection agency. While you cannot sue under HIPPA (yet) you can file a complaint and better yet possibly have the debt canceled if too much personal medical information was revealed about you without your consent. Additionally a health care provider violation of HIPAA could result in FDCPA litigation against a collection agency. Be careful signing those patient authorizations and speak up if too much has been revealed.
Understand HIPAA as to not look foolish
The key here is knowledge. Read the HIPPA before you assume the agency has violated your privacy.
Our sample letters include a HIPPA request to send to collection agencies.
All Rights Reserved. Copyright © 2004 G&G Advanced Medical Consulting, Inc.