Jump to content
Member? but forgot everything, can't log in... Frozen out??? ×

THIS IS A POLITICS-FREE ZONE.

Florida/Hippa Medical CA letter-critique?

jas77
 Share

The last post in this topic was posted 7646 days ago. 

 

We strongly encourage you to start a new post instead of replying to this one.

Recommended Posts

enigma

enigma

Posted
Posted

The attorney is incorrect in his/her understanding of the statute.

 

In order for the CA to contact you about a past due balance from a medical provider, that medical provider had to transmit your protected and private medical record <billing records> to the CA.

 

In order to communicate with the CA aobut your billing record, the medical provider must have your written permission to discuss with the CA anything that was contained in your medcial record and that incluses billng information.

 

When you DV'd the CA, your were doing it AFTER the fact, that is, you requested information that would have proven that the medical provider had written authorization to contact the CA.

 

Federal law states that in order to maintain your rights you have to go back to the CA who in turns goes to the OC or medical provider in this case.

 

If the medical provider did not have your written authorization to communicate with the CA about your medical record prior to the CA contacting you, then the medcial provider violated the FL statute and the CA has also violatied the FL statute and the FDCPA because it does not have the legal authority to attempt collection.

 

If the CA has placed a negative remark on your CR, they violated both FL law and the FCRA because unless you gave the medcial provider your written permission to contact the CA and then the CA would have to contact you to get your permission to place the remarks on your CA.

 

Futhermore, the CA violated HIPAA by sending you information than the min. necessary PHI.

 

But HIPAA is moot in FL. Current FL law trumps HIPAA.

 

File your complaint against the medical provider with the Medical Oversite Board.

 

You have a cause of action against the CA, and the medcial provider.


  • Replies 64
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

cotterpin

cotterpin

Posted
Posted

Moving to the Medical forum.....

 

 

authorization to release med records to any third party payor (insurance company),

 

The verbage in THIS form may have included a provision for general release for "payment purposes"....

enigma

enigma

Posted
Posted
Moving to the Medical forum.....

 

 

authorization to release med records to any third party payor (insurance company),

 

The verbage in THIS form may have included a provision for general release for "payment purposes"....

 

A collection agency is not a payor.

Why Chat

Why Chat

Posted
Posted

"Enigma" is correct, I am considering adding an additional sentence to my "HIPAA" letter program that would encompass any State Medical Privacy laws.

 

I would welcome input from anyone as to how this should be done without compromising the basic format.

Why Chat

Why Chat

Posted
Posted
"Enigma" is correct, I am considering adding an additional sentence to my "HIPAA" letter program that would encompass any State Medical Privacy laws.

 

I would welcome input from anyone as to how this should be done without compromising the basic format.

I have added the "State" information to the HIPAA letter, I would appreciate anyone who knows the appropriate statute #'s link for their State to PM it to me so I can add it to their State page.

jas77

jas77

Posted
  • Author
Posted (edited)
File your complaint against the medical provider with the Medical Oversite Board.

 

You have a cause of action against the CA, and the medcial provider.

 

 

Thanks once again!! Does anyone know how to get in touch with the florida medical oversite board..do they have a website?

 

edited to add:

I found the following website describing florida notice of privacy practices:

http://www.doh.state.fl.us/planning_eval/H...50-741_4-03.pdf

 

at the end it says to file complaints to:

dept. of healths inspector general. would this be the same thing as the medical oversight board?

 

Ive also found this form for the division of medical quality assurance:

http://www.doh.state.fl.us/mqa/enforcement...eral-medUCF.pdf

Edited by jas77
Why Chat

Why Chat

Posted
Posted
File your complaint against the medical provider with the Medical Oversite Board.

 

You have a cause of action against the CA, and the medcial provider.

 

 

Thanks once again!! Does anyone know how to get in touch with the florida medical oversite board..do they have a website?

 

edited to add:

I found the following website describing florida notice of privacy practices:

http://www.doh.state.fl.us/planning_eval/H...50-741_4-03.pdf

 

at the end it says to file complaints to:

dept. of healths inspector general. would this be the same thing as the medical oversight board?

I believe the Florida Attorney General would be the office that handles complaints.

The Florida Medical Privacy Statutes are now linked on the Florida page of my website.

jas77

jas77

Posted
  • Author
Posted (edited)

thanks whychat!! Ok, one more thing!! I was digging around the hospital/physicians group (physician group is associated with the hospital) and came across their privacy practice part of their website. In it is says:

 

 

 

I. How we (including our affiliated entities and doctors who are treating you) may use or share your health information. We are committed to protecting the privacy of your health information. The law permits us to use or share your health information for the following purposes:

 

 

 

1. Treatment. We may use or share your PHI with physicians, nurses, and other health care personnel who provide you with health care services or are involved in your care. For example, your PHI may be provided to a physician to whom you have been referred to ensure that the physician has the necessary information to diagnose and treat you.

 

 

 

2. Payment. We may use or share your PHI to obtain payment for your health care services. For example, obtaining approval for payment of services from your health plan may require that your PHI be shared with your health plan. We may also provide your PHI to our business associates, such as billing companies.

 

 

 

3. Health Care Operations. We may use or share your PHI in order to operate our

 

 

facilities. For example, we may use your PHI in order to evaluate the quality of health care services that you received or to evaluate the performance of the health care professionals who provided health care services to you. In addition, we report traumas, birth defects and cancer cases (Florida Cancer Registry) to the departments of health for quality improvement and licensing purposes and quarterly data to the Agency for Health Care Administration (AHCA) as required for licensing. We may also provide your PHI to accountants, attorneys, consultants, and others in order to make sure we're complying with the laws that affect us.

 

 

 

4. Directory. We will use and share your name, the location at which you are receiving care, your condition (in general terms), and your religious affiliation in our facility directory. All of this information, except religious affiliation, will be given to people that ask for you by name. Members of the clergy will be told your religious affiliation.

 

 

 

5. Notification and Communication with Family. We may release your PHI to a relative, close friend, or any other person you identify, information that directly relates to that person's involvement in your health care unless you object. If you are unable to agree or object to the release, we may release information as necessary if we determine that it is in your best interest based on our professional judgment. We may use or release PHI to notify or assist in notifying a family member, personal representative, or any other person that is responsible for your care to tell them your location or general condition. Finally, we may use or share your PHI to an authorized public or private entity to assist in disaster relief efforts and to coordinate uses and releases to family or other individuals involved in your health care.

 

 

 

6. Required by law, court, or law enforcement. We may release PHI when a law requires that we report information to government agencies and law enforcement personnel about victims of abuse, neglect, or domestic violence; when dealing with crime; or when ordered by a court.

 

 

 

7. Public Health. As required by law, we may release PHI to public health authorities for purposes related to preventing or controlling disease, injury or disability; reporting to the Food and Drug Administration problems with products and reactions to medications; and reporting disease or infection exposure. We are required to report all births and deaths to the Office of Vital Statistics for certificate purposes.

 

 

 

8. Health Oversight Activities. We may release PHI to health agencies during the course of audits, investigations, inspections, licensure and other procedures.

 

 

 

9. Deceased Person Information. We may release your health information to coroners, medical examiners, and funeral directors.

 

 

 

10. Organ Donation. We may release your health information to organizations involved in procuring, banking or transplanting organs and tissues, such as Lions Bank and Life Link.

 

 

 

11. Research. We may release your health information to researchers conducting research that has been approved by an Institutional Review Board.

 

 

 

12. Public Safety. We may release your health information to appropriate persons in order to prevent or lessen a serious and near threat to the health or safety of a particular person or the general public.

 

 

 

13. Specific Government Functions. We may share your health information for military or national security purposes.

 

 

 

14. Worker's Compensation. We may share your health information as necessary to comply with worker's compensation laws. We report any injuries referred to us from an employer to the Department of Worker's Compensation and any work-related deaths to OSHA. All employers are given health information regarding work-related injuries they have referred to us.

 

 

 

15. Appointment Reminders & Health Related Benefits. We may use your PHI to

 

 

contact you to provide appointment reminders or to give information about other treatments or health-related benefits and services that may be of interest to you.

 

 

 

16. Fund-Raising. We may contact you to participate in fund-raising activities.

 

 

 

17. Diagnostic and therapeutic information regarding psychiatric, drug/alcohol abuse, or

 

 

sexually transmitted diseases (including HIV status) will not be disclosed without your specific permission, unless required by law.

 

 

 

II. Your Health Information Rights

 

 

 

1. You have the right to request a limit on certain uses and releases of your health information. We will consider your request, but are not required to accept it. These requests must be in writing and submitted to our Chief Privacy Officer.

 

 

 

2. You have the right to choose how you receive your health information. You have the right to ask that we send information to you at an alternative address or by other means (for example, telephone instead of mail, post office box instead of home address). We must agree to your request so long as we can easily provide it in the format you requested. These requests must be in writing.

 

 

 

3. You have the right to see and get copies of your health information, in most cases. These requests must be in writing.

 

 

 

4. You have a right to request that we correct or update information that is incorrect or incomplete. We are not required to change your health information. If we deny your request, we will provide you with information about our denial and how you can disagree with the denial. These requests must be in writing.

 

 

 

5. You have a right to receive a list of disclosures we have made except that we do not have to account for the disclosures described under treatment, payment, health care operations; information provided to you; information released based on your written authorization; directory listings; certain government functions; disclosures of a limited data set (which may only include date information and limited address information); and to correctional institutions or law enforcement in custodial situations. These requests must be in writing and must state a time period, which may not be longer than six years and may not include dates before April 14, 2003.

 

 

 

6. You have a right to get a paper copy of this Notice of Privacy Practices. You may request a copy of this notice at any time.

 

 

 

III. Changes to this Notice of Privacy Practices

 

 

 

We reserve the right to change this Notice of Privacy Practices at any time in the future. We reserve the right to make the changed notice effective for health information we already have about you as well as any we receive in the future. We will post a current copy of the Notice. Upon request, you may obtain a copy of the current notice by contacting our Chief Privacy Officer at (.

 

 

 

IV. When We May Not Use or Disclose Your Health Information

 

 

 

Except as described in this Notice of Privacy Practices, we will not use or disclose your health information without your written authorization. If you do authorize us to use or disclose your health information for another purpose, you may revoke your authorization in writing at any time.

 

 

 

V. Complaints

 

 

 

If you believe your privacy rights have been violated, you may file a complaint with our Chief Privacy Officer or with the Secretary of the Department of Health & Human Services

 

 

 

My questions from this:

in section I, paragraph 2 it states:

"We may also provide your PHI to our business associates, such as billing companies."

This wouldnt be considered a Collection agency, correct?

 

in section IV, it states:

"When We May Not Use or Disclose Your Health Information:

Except as described in this Notice of Privacy Practices, we will not use or disclose your health information without your written authorization. If you do authorize us to use or disclose your health information for another purpose, you may revoke your authorization in writing at any time."

 

This would be the same written authorization I would have needed to fill out for them to send info to CA, correct?

Edited by jas77
cotterpin

cotterpin

Posted
Posted
A collection agency is not a payor.
.

 

I never said it was, and I clearly stated that the form ITSELF (not the line that was given) that jas was referring to MAY have ALSO included verbage about transfer to business associates for payment, something like this:

 

I acknowledge that XXXX Hospital, the physicians, the nurses and other XXX Hospital staff may use and share my confidential health information with others in order to treat me, in order to arrange for payment of my bill and for issues that concern XXX Hospital operations and responsibilities.

 

 

***disclaimer: The above is a VERY short and VERY general example and is not meant to be "picked apart" by those looking to argue or point out the flaws, just showing (again, IN GENERAL TERMS) that it is possible for a provider to throw in a VERY general line authorizing the release of records for "payment purposes" which would encompass the release of information to a 3rd party biller, insurer, CA, CRA, attorney, etc. Your form will most likely NOT be this short or general in nature, and something like this CAN and most likely IS one portion of a longer form. Different providers (yes, even in FLORIDA) will normally have their own forms with their OWN verbage. ***

 

Or, even what the OP found on their website which may also be the form the OP signed.........

 

My questions from this:

in section I, paragraph 2 it states:

"We may also provide your PHI to our business associates, such as billing companies."

This wouldnt be considered a Collection agency, correct?

 

in section IV, it states:

"When We May Not Use or Disclose Your Health Information:

Except as described in this Notice of Privacy Practices, we will not use or disclose your health information without your written authorization. If you do authorize us to use or disclose your health information for another purpose, you may revoke your authorization in writing at any time."

 

This would be the same written authorization I would have needed to fill out for them to send info to CA, correct?

 

 

A CA or a 3rd party biller would be a "business associate". Your insurer would be a "trading partner". There are separate agreements that exist between the Provider and these two types of entities. Your release of information may encompass BOTH types without specification as to whom the information is going, just that it's being used to obtain payment.

enigma

enigma

Posted
Posted
A collection agency is not a payor.
.

 

I never said it was, and I clearly stated that the form ITSELF (not the line that was given) that jas was referring to MAY have ALSO included verbage about transfer to business associates for payment, something like this:

 

I acknowledge that XXXX Hospital, the physicians, the nurses and other XXX Hospital staff may use and share my confidential health information with others in order to treat me, in order to arrange for payment of my bill and for issues that concern XXX Hospital operations and responsibilities.

 

 

***disclaimer: The above is a VERY short and VERY general example and is not meant to be "picked apart" by those looking to argue or point out the flaws, just showing (again, IN GENERAL TERMS) that it is possible for a provider to throw in a VERY general line authorizing the release of records for "payment purposes" which would encompass the release of information to a 3rd party biller, insurer, CA, CRA, attorney, etc. Your form will most likely NOT be this short or general in nature, and something like this CAN and most likely IS one portion of a longer form. Different providers (yes, even in FLORIDA) will normally have their own forms with their OWN verbage. ***

 

Or, even what the OP found on their website which may also be the form the OP signed.........

 

My questions from this:

in section I, paragraph 2 it states:

"We may also provide your PHI to our business associates, such as billing companies."

This wouldnt be considered a Collection agency, correct?

 

in section IV, it states:

"When We May Not Use or Disclose Your Health Information:

Except as described in this Notice of Privacy Practices, we will not use or disclose your health information without your written authorization. If you do authorize us to use or disclose your health information for another purpose, you may revoke your authorization in writing at any time."

 

This would be the same written authorization I would have needed to fill out for them to send info to CA, correct?

 

 

A CA or a 3rd party biller would be a "business associate". Your insurer would be a "trading partner". There are separate agreements that exist between the Provider and these two types of entities. Your release of information may encompass BOTH types without specification as to whom the information is going, just that it's being used to obtain payment.

 

It DOES NOT.

 

The guidelines you quote are HIPAA specific.

 

FL law trumps HIPAA.

 

It is specifically written in the FL law that

 

(5)(a)  Except as otherwise provided in this section and in s. 440.13(4)©, such records may not be furnished to, and the medical condition of a patient may not be discussed with, any person other than the patient or the patient's legal representative or other health care practitioners and providers involved in the care or treatment of the patient, except upon written authorization of the patient. However, such records may be furnished without written authorization under the following circumstances:

 

Furthermore, if a CA reports to a CD, then the CA must by law enter into a sub-business associate agreement with the CR. If not it is a violation.

 

You can take that on step further, when a CB release a credit report to a client, they CB under HIPAA would have to enter into a sub-sub-business associate agreement with that client.

 

 

 

 

 

Written authorization means the name of the person/business the info is to be released to, how they can ue that inforation and for how long.

 

Furthermore if there is a written authorization to relase to a CA, the CA cannot release it to a CRA:

 

(10)  Records owners are responsible for maintaining a record of all disclosures of information contained in the medical record to a third party, including the purpose of the disclosure request. The record of disclosure may be maintained in the medical record. The third party to whom information is disclosed is prohibited from further disclosing any information in the medical record without the expressed written consent of the patient or the patient's legal representative

 

 

Simply put - IN FL - a GENERAL RELEASE is NOT good enough, for HIPAA yes, but for FL law NO!

 

 

To file a complaint see:

 

Consumer Complaint, Publication and Information Call Center

 

The agency provides a toll-free telephone system for consumers to call in order to file complaints, receive publications, information and referral numbers. This system can be accessed by calling the number below between the hours of 8:00 A.M. and 6:00 P.M. Eastern Time Monday through Friday. Complaints about health care facilities are taken during regular business hours, 8:00 A.M. to 5:00 P.M., Eastern Standard Time (EST).

 

 

(888) 419-3456

For registering your complaints, requesting publications or requesting information, use the following options:

 

Press Option 1

Available Monday - Friday, 8:00 A.M. to 5:00 P.M., EST. To file a complaint about a health care facility, such as a hospital, nursing home, assisted living facility, home health agency or other type of health care facility. To request a complaint form be sent to you regarding a billing issue against a health care facility. The call center can also refer you for information on facilities.

Available Monday - Friday, 8:00 A.M. to 6:00 P.M., EST. To file a complaint against a health maintenance organization (HMO) if you are having problems with the HMO's internal grievance process. If you have completed the internal grievance process and wish to appeal. If you need referral numbers to member services or the grievance coordinators.

Press Option 2

To request a complaint form be mailed to file a complaint against a health care practitioner such as a doctor, nurse, dentist or therapist. The complaint form can also be downloaded - complaint form

To check the disciplinary history of a health care practitioner, such as a doctor, nurse, dentist, or therapist.

Press Option 3

To obtain general information about Medicaid or other areas of the Agency or to receive an Agency telephone number.

Press Option 4

To request an agency publication. To view or download AHCA publications.

Press Option 5

To report Medicaid fraud or abuse to the agency.

cotterpin

cotterpin

Posted
Posted
A collection agency is not a payor.
.

 

I never said it was, and I clearly stated that the form ITSELF (not the line that was given) that jas was referring to MAY have ALSO included verbage about transfer to business associates for payment, something like this:

 

I acknowledge that XXXX Hospital, the physicians, the nurses and other XXX Hospital staff may use and share my confidential health information with others in order to treat me, in order to arrange for payment of my bill and for issues that concern XXX Hospital operations and responsibilities.

 

 

***disclaimer: The above is a VERY short and VERY general example and is not meant to be "picked apart" by those looking to argue or point out the flaws, just showing (again, IN GENERAL TERMS) that it is possible for a provider to throw in a VERY general line authorizing the release of records for "payment purposes" which would encompass the release of information to a 3rd party biller, insurer, CA, CRA, attorney, etc. Your form will most likely NOT be this short or general in nature, and something like this CAN and most likely IS one portion of a longer form. Different providers (yes, even in FLORIDA) will normally have their own forms with their OWN verbage. ***

Or, even what the OP found on their website which may also be the form the OP signed.........

 

My questions from this:

in section I, paragraph 2 it states:

"We may also provide your PHI to our business associates, such as billing companies."

This wouldnt be considered a Collection agency, correct?

 

in section IV, it states:

"When We May Not Use or Disclose Your Health Information:

Except as described in this Notice of Privacy Practices, we will not use or disclose your health information without your written authorization. If you do authorize us to use or disclose your health information for another purpose, you may revoke your authorization in writing at any time."

 

This would be the same written authorization I would have needed to fill out for them to send info to CA, correct?

 

 

A CA or a 3rd party biller would be a "business associate". Your insurer would be a "trading partner". There are separate agreements that exist between the Provider and these two types of entities. Your release of information may encompass BOTH types without specification as to whom the information is going, just that it's being used to obtain payment.

 

It DOES NOT.

 

The guidelines you quote are HIPAA specific.

 

FL law trumps HIPAA.

 

It is specifically written in the FL law that

 

(5)(a)  Except as otherwise provided in this section and in s. 440.13(4)©, such records may not be furnished to, and the medical condition of a patient may not be discussed with, any person other than the patient or the patient's legal representative or other health care practitioners and providers involved in the care or treatment of the patient, except upon written authorization of the patient. However, such records may be furnished without written authorization under the following circumstances:

 

Furthermore, if a CA reports to a CD, then the CA must by law enter into a sub-business associate agreement with the CR. If not it is a violation.

 

You can take that on step further, when a CB release a credit report to a client, they CB under HIPAA would have to enter into a sub-sub-business associate agreement with that client.

 

 

<snipped>

 

OK, I clearly stated that the example was extremely general in nature, and you STILL want to pick it apart. Rather than continuing to pick apart things that aren't meant to be picked apart, how about you give an example of what would be considered "appropriate" authorization????

 

I don't advocate people going blindly into things without knowing the repurcussions. We don't know if someone *may* have signed something that authorizes release of information, and since you constantly reply that "nothing" is appropriate, how about telling us what IS considered appropriate? This way, if someone finds out they have signed a form they know this before sending out their letters.

 

I can't imagine that EVERY provider in Florida is so blatantly ignorant of the law......... I'm sure there must be at least ONE in compliance.

Cushie

Cushie

Posted
Posted

I changed your letter a bit. I also think it would be best if you sent out one letter for your husband and another for you. That way you don't have to keep changing tense (I, we, us). Anyway, good luck!

 

Dear Scumbag CA:

 

On January 31, 2005 I sent you a validation request in regards to the above captioned account. My validation request was signed by your employee, Mr. RAT. The certified letter tracking number is xxxx xxxx xxxx xxxx. The letter sent was a request for you, your company and/or your agents to cease and desist from contacting me. Due to continuing phone calls after you received my letter I feel I must advise you that I consider this – etc etc. I received phone calls on the following dates: (LIST THEM ONE PER ROW. IE,

XXX

XXX

XXX

XXX

I am willing to provide proof of all phone calls. (Don’t tell them how you have proof. Don’t give them a way to not show their phone number. Keep them dumb)

 

 

Please be advised that I consider this harassment and that your actions constitute a violation of the FDCPA (spell it out, leave no room for misinterpretation) and if I decide to pursue this it will be punishable by a $1000.00 fine, PER OFFENSE.

 

Furthermore, on (February 18th, February 25th and March 1st of 2005, I received from you documentation and chart notes (if applicable) that consisted of some very private medical records for both (?) mr. and mrs JAS. *spell out why type of info it contained. You’re not writing this for them, but for some judge down the road*

 

In accordance with Florida law, you need my written consent to obtain and view this information. Please provide me a copy of that form, with my signature. Please be advised that under Florida Statutes 456.057: Ownership and control of patient records; report or copies of records to be furnished:

 

Section 10 states: (indent this)

 

10) Records owners are responsible for maintaining a record of all disclosures of information contained in the medical record to a third party, including the purpose of the disclosure request. (Note here, emphasis by Mrs. Jas) The record of disclosure may be maintained in the medical record. The third party to whom information is disclosed is prohibited from further disclosing any information in the medical record without the expressed written consent of the patient or the patient's legal representative.

 

Although the Privacy Rule may permit the disclosure of PHI without the patient's authorization for purposes of payment, Florida law does not. Medical records may not be furnished to, and the medical condition of a patient may not be discussed with, any person other than the patient or the patient's legal representative or other health care practitioners and providers involved in the care or treatment of the patient, except upon written authorization of the patient. No exception is provided for disclosure of PHI to insurance companies for purposes of payment. (Fla. Stat. 456.057(5)(a)). (stop indent and go back to left margin)

 

Again, I kindly request that you provide to me, within 30 days of the receipt of this letter the specific written consent for you to have this private medical information. The act of me sending you a validation request for this alleged debt is by no means written consent for you to have my private medical information.

 

 

Should I find that you do not have the proper authorization to obtain my medical records under the HIPPA laws (if applicable), I will demand that you instruct any and all credit reporting agencies to which this information has been reported. Also, in accordance with Florida laws please destroy any and all of my personal records you may have in your files, including electronic back up files.

 

 

Furthermore, since you have already violated my rights by XXXX – spell it out again. Make your case once more before asking for money.

 

I will be filing complaints with the State Attorney Generals Office, the BBB, and the ACA (spell ‘em out) if remedial measures are not taken immediately and all information is promptly removed all information from both xxxxxxx credit reports. Not only have my rights been violated, but I must also note that we have been denied credit due solely to this egregious act.

 

 

 

Please be governed accordingly. (just a bit too snarky, even though *I* like it)

 

I am looking forward to your prompt reply,

 

 

Sincerely,

 

Mr and mrs JAS\\

enigma

enigma

Posted
Posted
.

 

I can't imagine that EVERY provider in Florida is so blatantly ignorant of the law.........  I'm sure there must be at least ONE in compliance.

 

In my case, after I left the hospital, for about 6 months afterwards I saw 10-12 different doctors. While filling out the office paper work, they were all in compliance with HIPAA.

 

They would be in compliance with FL law, provided they never release any info to a third party.

 

I don't really think a lot of doctors office's thnink they will have to fowrard the account to a CA.

 

Just as an aside, I am diabetic and I see a dietician on a regualr basis. I just got a post card for my latest visit, but it reminded me that it was time for my reuglar diabetic checkup. I made a joke with the staff that it violated HIPAA, I thought they were going to have a heart attack.

 

In FL, the privacy rule as being applied to CA's has not been ligitated until now. We settled so no case law was written, but it is just ripe for it to be. Once that happens it will cause great pains to CA and put a big dent in the bottom line.

tmimages

tmimages

Posted
Posted
actually you dont need to sue.  if you have a hipaa violation all you have to do is complain to the AG and the agency controlling the provider they are the ones who impose the fines and they dont discount them from what Ive seen in Florida.  IN Florida for a provider the fine is 50k for each offense whereas the CA could be imposed a fine of 5k just for having the information

 

 

Do you have cases to point to?

 

the AG's usually publish when they fine for things of this nature

 

ALSO, I'm going to point this out one more time:

 

FEDERAL = HIPAA

 

FL STATE LAW is NOT HIPAA, using the terms for the two interchangeably is going to confuse people. Please use the correct terms when referring to the respective laws, thanks.

 

HIPAA violations should also be reported to the Secretary of Health and Human Resources or the Department of Health and Human Services Office for Civil Rights.

 

Here is an address my wife had to use for a HIPAA violation report:

 

Office for Civil Rights, Region 4

Atlanta Federal Center, Suite 3B70

61 Forsyth St. S.W.

Atlanta, GA 30303-8909

800-368-1019

The last post in this topic was posted 7646 days ago. 

 

We strongly encourage you to start a new post instead of replying to this one.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing



  • Member Statistics

    • Total Members
      190435
    • Most Online
      9039
    mhudson323
    Newest Member
    mhudson323
    Joined

About Us

Since 2003, creditboards.com has helped thousands of people repair their credit, force abusive collection agents to follow the law, ensure proper reporting by credit reporting agencies, and provided financial education to help avoid the pitfalls that can lead to negative tradelines.

Pages

×
×
  • Create New...

Important Information

Guidelines

  I accept