I've used WhyChat's method to get rid of most of my medical marks so far, with the exception of one.
I used the method, followed the steps to a tee. The original medical provider updated the CA, and changed the balance to $0.
When I sent the HIPAA followup letter, the provider responded with photocopies of an agreement that states "purpose of consent: by signing this form, you will consent to our use and disclosure of your protected health information to carry out treatment, payment activities, and healthcare operations"
The above is highlighted in the copy they mailed me (it wasn't a photocopy of my signature, so I don't know this verbage is in the actual signed waiver) and included a letter that they haven't violated HIPAA, and won't be pulling my records from the CA.
It is my understanding that I can send a letter in writing which reinvokes my HIPAA rights. (essentially, withdrawing my permission to transfer PHI to the CA.) I'm looking for confirmation. If I write a letter which dismisses the permission, and then send another followup, would they be bound by HIPAA at that point, to remove my records?
An example letter would be great, but mostly.. I'm just looking for confirmation that the above would work.
Thanks again whychat!
jpalmer
Full Version: Waived my HIPAA rights
QUOTE (jpalmer @ Mar 14 2009, 10:40 PM) 
I've used WhyChat's method to get rid of most of my medical marks so far, with the exception of one.
I used the method, followed the steps to a tee. The original medical provider updated the CA, and changed the balance to $0.
When I sent the HIPAA followup letter, the provider responded with photocopies of an agreement that states "purpose of consent: by signing this form, you will consent to our use and disclosure of your protected health information to carry out treatment, payment activities, and healthcare operations"
The above is highlighted in the copy they mailed me (it wasn't a photocopy of my signature, so I don't know this verbage is in the actual signed waiver) and included a letter that they haven't violated HIPAA, and won't be pulling my records from the CA.
It is my understanding that I can send a letter in writing which reinvokes my HIPAA rights. (essentially, withdrawing my permission to transfer PHI to the CA.) I'm looking for confirmation. If I write a letter which dismisses the permission, and then send another followup, would they be bound by HIPAA at that point, to remove my records?
An example letter would be great, but mostly.. I'm just looking for confirmation that the above would work.
Thanks again whychat!
jpalmer
I used the method, followed the steps to a tee. The original medical provider updated the CA, and changed the balance to $0.
When I sent the HIPAA followup letter, the provider responded with photocopies of an agreement that states "purpose of consent: by signing this form, you will consent to our use and disclosure of your protected health information to carry out treatment, payment activities, and healthcare operations"
The above is highlighted in the copy they mailed me (it wasn't a photocopy of my signature, so I don't know this verbage is in the actual signed waiver) and included a letter that they haven't violated HIPAA, and won't be pulling my records from the CA.
It is my understanding that I can send a letter in writing which reinvokes my HIPAA rights. (essentially, withdrawing my permission to transfer PHI to the CA.) I'm looking for confirmation. If I write a letter which dismisses the permission, and then send another followup, would they be bound by HIPAA at that point, to remove my records?
An example letter would be great, but mostly.. I'm just looking for confirmation that the above would work.
Thanks again whychat!
jpalmer
Yes you can waive your HIPAA authorization, but it would only be effective for reporting to FUTURE credit "rating" organizations, it is not intended to affect data that has already been transmitted.
http://whychat.5u.com/medfico.html
If you wish, you can respond to the letter they sent you with this;
Dear OC,
Thank you for your acknowledgment of the limitations of any HIPAA authorization.
Because the account was paid in full, there is no longer any legitimate "business purpose" in any continued communication by your business associate, ( name of CA) to any third party credit reporting agency. Your authorization of such communication by your business associate verifying or amending any such report is therefore a violation of the HIPAA privacy rules.
Your letter of xx/xx/xxxx will therefore be included as documentation of your breach of the privacy rules via your business associate's improper communication to the credit reporting agencies in my filed complaint.
Sincerely,
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.