11 replies to this topic

[Why Chat]

I am back, however I will not have time to post for a few days as I need to spend some catch up time.

While I was relaxing I took the time to research the effect of the ARRA signed into effect Feb.17 by President
Obama on medical collections.

While it is too soon to see any actual cases filed, I believe a new and very important tool for credit repair
on medical accounts has been provided within this legislation.

I have made changes to the HIPAA letter program on ALL letters and downloaded them this afternoon.
http://whychat.5u.com/hipltr.html

The basic change is summed up and links provided here;

http://whychat.5u.co...aleg.html#legal

Business associates will now be directly subject to HIPAA and will be subject to HIPAA's civil and criminal penalties.
Business associates are entities who create, use or disclose protected health information on behalf of covered entities
(such as TPAs of group health plans, collection agencies, accounting firms, auditors, law firms, billing
services, transcriptionists, etc.).

Prior to ARRA, business associates were only indirectly regulated by HIPAA through the business associate contract and
only had contractual liability to the covered entity for privacy and/or security breaches. Under ARRA, business associates
will need to implement most of HIPAA's security requirements and many of HIPAA's privacy requirements. Business associates
will need to appoint a security officer, conduct a HIPAA risk analysis, develop written policies and procedures and train
employees as to HIPAA's requirements.

Further, business associates will now have a statutory duty to comply with all the terms of their business associate contracts. Therefore, business associates will need to implement HIPAA privacy and security compliance programs to ensure that protected health information is used and disclosed in accordance with the business associate contracts. This is a drastic change for business associates which will require a significant amount of effort to become compliant. The effective date for these changes to the business associate rules is February 17, 2010.( HOWEVER, THE COMPLIANCE PENALTIES ARE EFFECTIVE FEB. 17, 2009)

HIPAA now has real teeth. Before ARRA, HHS took a soft, voluntary compliance approach to HIPAA and therefore, the dreaded HIPAA police never materialized. This approach will change under ARRA. The maximum annual civil penalty per violation is now $1.5 million
(it had been $25,000 pre-ARRA). State attorneys general now are able to bring suit against a covered entity or business associate who has violated HIPAA to enjoin the wrongful practice and recover damages. HHS now has a statutory duty to investigate complaints, conduct audits and impose penalties. Penalties will be used to fund future HIPAA enforcement initiatives and repay victims of HIPAA violations. These enforcement provisions of HIPAA went into effect on February 17, 2009.

I will be back later or tomorrow to answer PM's and posts.

[DragonFlyer]

I bow to you, sir...this is INCREDIBLE! Thanks for all your hard work and dedication to help others understand the complexities of enforcing our rights as consumers.

[bonusmom]

Welcome back, Why Chat! Hope you had a relaxing vacation! Thanks for thinking of us while you were gone and posting the new info

[bonbonXO]

Yep, Welcome back-You were missed, I am glad you are back...my brain hurts!

[Why Chat]

Yep, Welcome back-You were missed, I am glad you are back...my brain hurts!

Thanks for the help

Everyone should be aware that the new legislation referred to in this post takes full effect next year, the full implementation includes increased compulsory electronic information sharing. This will include "credit worthiness". This will also be incorporated in any new ( and urgently needed) health plan.

It is more important than ever that EVERYONE get their MIB report and clear out any errors or id thefts, otherwise you WILL have bigger problems than "credit scores".

http://whychat.5u.com/medfico.html

[cotterpin]

Pinned,

As always, thank you to Whychat for all the time and effort to research this

[mnegron1969]

I have 3 medical collections on my Experian report, 2 are paid, 1 is not. I sent CRA a Pre-HIPAA letter last month and received a letter back that these items had already been disputed & reviewed and will not be investigated again only if I have additional proof. I know they didn't check with the original provider. So what do I do now? TU deleted them and EQ but EX will not.

[Kiya]

I am a newbie and usually lurk, but I wanted to personally thank Why Chat for the time and dedication put in on assisting those with medical collections. After using your methods with the dispute letters to CRA. I have deleted a paid collection account from EX and TU. (It was not reporting on EQ). Thanks so much!

[idon'twanna]

Hey Neeners,

I'm afraid your post might get lost up here amongst the "pinned" topics! I don't know if a mod can move for you (I have no idea how the behind-the-scenes operations work), but probably easier if you just cut and paste your post into a brand new post so you have your own thread down below ....

[breeze]

I split Neeners question off into a new thread. It's here:


http://creditboards....howtopic=408794

Would it be better to close this thread to new posts - so it would be "read-only?"

[WildOne]

I followed whychat's HIPAA process almost to the "tee" and the health provider simply refused to comply. I actually wrote more letters then whychat recommended because I had the CEO responding and incrimminating himself. I wrote letters CRR with the actual laws he was violating and warned him numerous times I WILL follow through with my threats to file a complaint with the OCR's dept of health & human services. His last reply was basicly, go ahead. I did. I sent all corresponce including the green RR copies and then waited. The first letter I recieved from the OCR was not promising but a generic looking letter that they were very busy but would look into it. About 3 weeks latter I recieved a phone call from an investigator that wanted to hear my story. After talking with her she informed me because it was a collection or billing that different rules apply but she would still look into it.


Well, about 3 or so weeks past and then I recieved a letter from the regional manager of the OCR and he stated, "After careful consideration, we have determined that we will pursue action in your complaint against this entity."

The letter further states, "This allegation could represent a violation of 45 C.F.R. $$ 160.103, 164.502(e), 164.504(e)."

note: the $$ represents paragraph signs not dollar signs.

[Why Chat]

I followed whychat's HIPAA process almost to the "tee" and the health provider simply refused to comply. I actually wrote more letters then whychat recommended because I had the CEO responding and incrimminating himself. I wrote letters CRR with the actual laws he was violating and warned him numerous times I WILL follow through with my threats to file a complaint with the OCR's dept of health & human services. His last reply was basicly, go ahead. I did. I sent all corresponce including the green RR copies and then waited. The first letter I recieved from the OCR was not promising but a generic looking letter that they were very busy but would look into it. About 3 weeks latter I recieved a phone call from an investigator that wanted to hear my story. After talking with her she informed me because it was a collection or billing that different rules apply but she would still look into it.


Well, about 3 or so weeks past and then I recieved a letter from the regional manager of the OCR and he stated, "After careful consideration, we have determined that we will pursue action in your complaint against this entity."

The letter further states, "This allegation could represent a violation of 45 C.F.R. $$ 160.103, 164.502(e), 164.504(e)."

note: the $$ represents paragraph signs not dollar signs.

Thank you for this post. I have often been asked what good it does to file complaints with the OCR on HIPAA violations. Now that ARRA is in effect the collection agencies and the health care providers have increased liabilities and will be called upon to answer for their trashing of peoples credit for medical accounts.