Jump to content

medical collections, Interesting HIPPA laws


cbairey
 Share

Recommended Posts

HIPAA says the healthcare provider or health plan may disclose only the following information about you to a collection agency or credit bureau.

Name and address.

Date of birth.

Social Security number.

Payment history.

Account number.

Name and address of the one claiming the debt.

[45 CFR 164.502(B),164.514(d)]

part of the HIPAA Regulations, the Privacy Rule requires Associate to enter into a contract containing specific requirements with Associate prior to the disclosure of PHI, as set forth in, but not limited to, Title 45, §§ 164.502(e) and 164.504(e) of the Code of Federal Regulations (CFR)

I beleive this means, a "associate" aka CA MUST have a contract with the OC stating they will protect your "information" before they can "assign", I will be asking for this contract on all medical CA's from now on.. i would think if a OC "assigned" a medical debt without this HIPPA contract then CA And OC would be in Violation of HIPPA..

so if i am correct a CA needs to prove : a HIPPA Contract AND proof of "assignment"

Link to comment
Share on other sites

HIPAA says the healthcare provider or health plan may disclose only the following information about you to a collection agency or credit bureau.

Name and address.

Date of birth.

Social Security number.

Payment history.

Account number.

Name and address of the one claiming the debt.

[45 CFR 164.502(B),164.514(d)]

part of the HIPAA Regulations, the Privacy Rule requires Associate to enter into a contract containing specific requirements with Associate prior to the disclosure of PHI, as set forth in, but not limited to, Title 45, §§ 164.502(e) and 164.504(e) of the Code of Federal Regulations (CFR)

I beleive this means, a "associate" aka CA MUST have a contract with the OC stating they will protect your "information" before they can "assign", I will be asking for this contract on all medical CA's from now on.. i would think if a OC "assigned" a medical debt without this HIPPA contract then CA And OC would be in Violation of HIPPA..

so if i am correct a CA needs to prove : a HIPPA Contract AND proof of "assignment"

You are not correct.

It may well be that the "contract" must exist (frankly I'm not sure about that) but that does not mean that the CA is obligated to provide that information to you.

You can ask for anything and I would always advise a consumer ask for what they need but that doesn't mean the consumer will get it or that the CA is obligated to provide it.

Link to comment
Share on other sites

You are not correct.

It may well be that the "contract" must exist (frankly I'm not sure about that) but that does not mean that the CA is obligated to provide that information to you.

You can ask for anything and I would always advise a consumer ask for what they need but that doesn't mean the consumer will get it or that the CA is obligated to provide it.

I have to disagree, i had a very long chat with the civil rights an DHHS dept in Seattle today, a Collection Agentcy MUST have a signed "business associates Contract with the "medical provider" , and it MUST be shown to you if you ask.(45 CFR 160.103) a "collection agentcy is under the same HIPPA rules as a "medical provider" as its considered "confidential" .

a "healthcare provider may ONLY disclose ,name,address, DOB, SSN,Payment history( as long as it does NOT show a "ID able procedure ( ie fat removal) , account number, name and address of healthcare provider,

HIPPA requires "associate" to enter into a Contract containing specific requirments with the Associate PRIOR to the disclosure of PHI ,, Title 45,164.502(e) and 164.504(e) of the code of federal Regulations and that contract MUST say extaly how the information is to be used disclosed, protected and stored, destroyed.. and that a individual has right of access.

YOU MAY SEE at anytime IF you Request it,it is YOUR PHI...

a CA MUST have this Contract AND a proper Assign, as i was told today 90%+ of Dr's ignore this Important fact and makes them and the CA's NON HIPPA compliant, ( means also 90% of CAs dont have it either)

so, when DVing a "medical Collections" you may indeed ask for a Hippa Authorization BTW OC and CA ,because they MUST have this before they get your "medical" information..( if you want proof of billing say the fat removal )and the CA sends that to you WITHOUT the HIPPA btw OC & CA BOTH are in violation of Hippa and the Privacy act..

Link to comment
Share on other sites

I have to disagree, i had a very long chat with the civil rights an DHHS dept in Seattle today, a Collection Agentcy MUST have a signed "business associates Contract with the "medical provider" , and it MUST be shown to you if you ask.(45 CFR 160.103) a "collection agentcy is under the same HIPPA rules as a "medical provider" as its considered "confidential" .

a "healthcare provider may ONLY disclose ,name,address, DOB, SSN,Payment history( as long as it does NOT show a "ID able procedure ( ie fat removal) , account number, name and address of healthcare provider,

HIPPA requires "associate" to enter into a Contract containing specific requirments with the Associate PRIOR to the disclosure of PHI ,, Title 45,164.502(e) and 164.504(e) of the code of federal Regulations and that contract MUST say extaly how the information is to be used disclosed, protected and stored, destroyed.. and that a individual has right of access.

YOU MAY SEE at anytime IF you Request it,it is YOUR PHI...

a CA MUST have this Contract AND a proper Assign, as i was told today 90%+ of Dr's ignore this Important fact and makes them and the CA's NON HIPPA compliant, ( means also 90% of CAs dont have it either)

so, when DVing a "medical Collections" you may indeed ask for a Hippa Authorization BTW OC and CA ,because they MUST have this before they get your "medical" information..( if you want proof of billing say the fat removal )and the CA sends that to you WITHOUT the HIPPA btw OC & CA BOTH are in violation of Hippa and the Privacy act..

So what?

So you can go to the CA's office and they can show you the agreement...what's that going to do for you? They have NO obligation to send you a copy of it and NO obligation to do so as part of the dispute/validation process no matter how vehemently you ask for it.

What is your reference/source for the statistic that 90% of Doctors are ignoring this obligation?

A CA doesn't have to have any medical information of any kind about you to collect a debt; all they need is name, SSN, address and how much their client says you owe them...sometimes, the CA doesn't even get that much from a client.

Lot's of people have been trying to use HIPAA rules to bolster the FDCPA...it's a wild goose chase.

If your HIPAA rights have been violated the sue whoever violated them but don't make the mistake of thinking that HIPAA regulations are some "get out of jail free" card where medical related debts are concerned.

Link to comment
Share on other sites

From what I understand about reading the HIPAA DV letters versus the regular DV letters.......when you use a regular DV letter and ask a CA to validate....you are then authorizing them to recieve your medical records (or the medical bill) to send you. That's why lots of people are using the HIPPA DV letter.

I'm not sure I would want a company like NCO or Midland having my personal medical records. I do remember sending NCO a regular DV last year.....and they sent me back a 2 page itemized doctor's bill listing all the procedures I had done........So if I decided to pay the bill......where does NCO's copy of my medical records go after I pay......or don't pay? Does it just pass on down the line....or does it sit in their computer for years and years until some hacker sells my personal medical stuff?

So, I really can understand the whole HIPAA thing...especially after you pay the bill. If you send the HIPAA letter to the dr/hospital's office saying....hey I've paid you.....now get my personal records back b/c NCO has no business with them....it makes sense to me.

To be honest....I'm not even sure the doctors office has a right to send NCO my medical itemized bill for NCO to send to me.

I am thinking and wondering what laws protect medical collections. A patient always has the right to privacy. You don't lose that right just b/c you are in collections on a medical account. What?????if my itemized bill showed they were treating me for AIDS or cancer and I had NCO, that had my bill.....calling and bashing me b/c of it? We all know how some bill collectors can get pretty vicious on the phone.

Some hospitals and Doctors turn your stuff over to collections way before they hear back from a slow paying insurance company. Your insurance pays eventually....but you are still stuck with the dirty collection company.

Link to comment
Share on other sites

I found some info on HIPAA

Can my information be disclosed to a collection agency?

Yes. When you put on that faded cotton gown and sit on the examining table, you are the patient. But, your role could change to many other things, including that of debtor. You visit your doctor and pay for health insurance premiums so that you are assured of care in an emergency or in case of an illness. But, your relationship is also a business arrangement.

You are obligated to pay for any costs not covered by your health insurance. Remember : Your consent is not required to disclose information from your medical files if it is made in connection with payment.

An unpaid bill, like any other debt claimed to be owed, may be reported to a collection agency. What's more, an unpaid medical bill can appear as a negative entry on your credit report. Information that can be disclosed to a collection agency about you includes:

Your name and address

Date of birth

Social Security number

Payment history

Account number

Name and address of the health care provider or health plan that says you owe the money.

A recent study by the Federal Reserve found that over half of all collections noted on credit reports were for unpaid medical bills, www.federalreserve.gov/pubs/bulletin/2003/0203lead.pdf.

Can I dispute a medical bill?

Unfortunately, the federal law that enables consumers to dispute billing errors does not apply to medical bills. The Fair Credit Billing Act only applies to credit cards accounts and revolving charge accounts. But that does not mean that you cannot dispute billing errors.

The medical billing and insurance claims processes can be complicated and confusing. Be sure to stay on top of your medical bills and dispute matters in writing with both the health provider and insurance company when you think errors have been made. Try to get the matter resolved before the debt is reported to a collection agency and/or to the credit reporting agencies (Experian, Equifax, TransUnion).

If a medical debt is reported to a collection agency, you have rights given by credit and collection laws. Federal laws are the Fair Credit Reporting Act and the Fair Debt Collection Practices Act. State laws might also apply.

For more information about your rights under these consumer protection laws, visit the Federal Trade Commission's web site at www.ftc.gov. You can also learn more about credit reports and your right to dispute negative information by reading the Privacy Rights Clearinghouse Fact Sheet 6, "How Private Is My Credit Report," www.privacyrights.org/fs/fs6-crdt.htm.

Link to comment
Share on other sites

Jet your correct but under 45 CFR 160.103, thier Must be a

"business associates Contract with the "medical provider, I dont want My "health" info sitting in some call center, where anyone can see ..(yikes)

the advantage would be if a CA tried to use that information (PHI) without that prior (above) contract you may have a good chance of getting it dismissed,on the grounds thier was no authorization for the CA to get said PHI in the first place,( AND most payment history usually says what its for,,(ie ABC injection ,,, $35.00 THAT whould be PHI) & ( Injection..$35.00 ..Is NOT PHI as its rather generic)

I had a nice chat yesterday with the HHS and Civil rights office here in Wa,

they agree that HIPPA can be a confusing subject for consumers, and that new rules are being worked on to be more "consumer friendly" with regards to debt collection , and that many , many people including DRs fail to realize that the "business associate" Contract Must be done Before "outside collections"and DRs tend to assume a assign is enough.and the contract MUST be done BEFORE a DR can give your PHI to a CA

again if a CA has that contract as it contains your information you have the right to that document( hey if some call center knows your "health history: shouldnt you?) you dont loose your privacy rights, if they cant show you the document how can they show you it was assgined Properly/ legally acording to HIPPA ?

I was also told since many are not aware of this right, they dont report it either, I cant encourge someone enough on this CALL your reginal HHS or Civil Rights Office and become educated about your rights

** Note to fellow WA state residents, I have a direct Number to the Lead HHS/Civil Rights investigator if you send a PM I will be happy to pass Her name and Info to you, a Great Help!!!

Link to comment
Share on other sites

Bovine Scatology.

A CA doesn't have to send you anything except the name and address of the creditor and/or a copy of a judgment and the amount they creditor claims you owe...they don't have to send you bills (medical or otherwise) or anything else...you can ask all day long but they don't have to provide it.

If they do sent you private medical information and they don't have the proper documents in hand then maybe you might have something on them but don't think this is some cut and dried method to fight medical collections.

Also keep in mind that any medical information can be sent directly from the medical provider to the consumer; they don't have to send anything through the CA at all.

I'm still waiting for your citation of your claim that 90% of Doctors are violation this provision.

Frankly, this is starting to sound like the "lite" version of the whchat method.

Link to comment
Share on other sites

Before posting, I re-read HIPPA and the sections on personal health information (PHI) and business associates.

Robert, you are absolutely right about the information you can get from a regular DV letter. However, under HIPPA, a business associate is required to disclose to you your PHI, which includes the business associate contract and an itemized bill/payment history. The only catch is that you have to specifically request it. They are under no obligation to volunteer it.

whychat deals with paid medical collections only.

I think OP's HIPPA DV method would give a DV letter an extra punch to deal with opportunistic medical collections.

Link to comment
Share on other sites

I had a nice chat yesterday with the HHS and Civil rights office here in Wa,

they agree that HIPPA can be a confusing subject for consumers, and that new rules are being worked on to be more "consumer friendly" with regards to debt collection , and that many , many people including DRs fail to realize that the "business associate" Contract Must be done Before "outside collections"and DRs tend to assume a assign is enough.and the contract MUST be done BEFORE a DR can give your PHI to a CA

Just as a note, HIPAA can even be a confusing subject to "experts". The understanding my hospital takes is that anyone with a "need to know" for medical reasons can have it. Detailed billing does disclose certain amounts of PHI; however, that can be released to a CA. PORTIONS of medical records can be released to a CA as well. Hell, NCO often offices out of the hospitals they collect for!!!

Never assume these companies do not already have this information. Often, forms asking for your signature are formalities allowing them to send things to you. I still wouldn't sign anything.

Link to comment
Share on other sites

Before posting, I re-read HIPPA and the sections on personal health information (PHI) and business associates.

Robert, you are absolutely right about the information you can get from a regular DV letter. However, under HIPPA, a business associate is required to disclose to you your PHI, which includes the business associate contract and an itemized bill/payment history. The only catch is that you have to specifically request it. They are under no obligation to volunteer it.

whychat deals with paid medical collections only.

I think OP's HIPPA DV method would give a DV letter an extra punch to deal with opportunistic medical collections.

You may be right...I don't know.

I've read through a lot (if not all) of HIPAA and I haven't seen anything that requires a CA to send that sort of data to the consumer through the Dispute/Validation Process as established by the FDCPA nor have I read anything that says the CA must personally supply it outside of the DV process or that they can't simply pass the request to their client and have the client respond directly to the consumer.

Link to comment
Share on other sites

  • 1 year later...

Hi Everyone,

I recently requested validation of a medical bill. I used a standard hippa letter and received back from the CA a copy of the actual bill. I mean charge codes, dates of service and a detailed description of every single procedure done.

Now from what I've read thus far the only information the CA should have is:

Your name and address

Date of birth

Social Security number

Payment history

Account number

Name and address of the health care provider or health plan that says you owe the money.

Since the CA sent me this bill with the OC's name, address and phone number at the top of the page, does this make them liable for violating hippa laws?

Any information would be greatly appreciated.

Thanks!

Link to comment
Share on other sites

Guest usctrojanalum

It depends. Did you sign a consent for treatment form at the medical institution (or something even remotely similar)? Last time I was in the hospital I had to sign a consent for treatment form, my injury wasn't that serious I just had a fractured rib so I decided actually read it.

Among the me personally guaranteeing payment and all that other nonsense there was an entire clause that was dedicated to me authorizing the hospital to give out my medical records to any agency in relation to the collection of a debt. Obviously I signed it because I was in pain, but it got me thinking to how many people just blindly sign this document without even reading it.

Link to comment
Share on other sites

It depends. Did you sign a consent for treatment form at the medical institution (or something even remotely similar)? Last time I was in the hospital I had to sign a consent for treatment form, my injury wasn't that serious I just had a fractured rib so I decided actually read it.

Among the me personally guaranteeing payment and all that other nonsense there was an entire clause that was dedicated to me authorizing the hospital to give out my medical records to any agency in relation to the collection of a debt. Obviously I signed it because I was in pain, but it got me thinking to how many people just blindly sign this document without even reading it.

I'll be honest it was 6 years ago, so I can't remember if I did sign the consent form. Which reminds me, would you or anyone else reading this happen to know the SOL for medical bills?

Link to comment
Share on other sites

Guest usctrojanalum

In NY it is six years from the date of service, if no payments were made on the outstanding medical bill. If payments were made it would be 6 years from that last payment.

Link to comment
Share on other sites

In NY it is six years from the date of service, if no payments were made on the outstanding medical bill. If payments were made it would be 6 years from that last payment.

Ok then I guess that means if date of service was 1/16/2005 then they would have bring a suit by tomorrow correct? LOL!

Link to comment
Share on other sites

Guest usctrojanalum

Uhm... yes, absolutely. There are no civil Courts that I know of in NY open on the weekends. So if the date of service was on 1/16/2005 it would have to be filed by tomorrow.

Link to comment
Share on other sites

Guest usctrojanalum

Very good point WhoCares. Especially on debts that are not consumer credit transactions (which a medical bill is not). They may look to sue and hope the defendant does not bring up the defense of SOL.

The Courts here now require that a plaintiff State in an affidavit that based on their books and records that applicable Statute of Limitations has not expired, but only on consumer credit transactions (they want to curb debt buyers and over zealous OC's from suing on zombie debts).

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.. For more information, please see our Privacy Policy and Terms of Use.