I'm down to just 4 medical collections and they total less than $1000, so I plan
on using WhyChat's method to attack/pay these.

Should I attack all 4 in 1 letter or 1 letter for each?
Another post stated all 4 in 1 letter is workable, but I'd
like confirmation before I go that route.

After reviewing it, I've come up with the following letter.
I've tried to rephrase some pieces to avoid submitting a
verbatim form letter, but I also wanted to include the important bits.
Is this still too close? Does the legal section need to be included really?

Any suggestions on a better letter are welcome.

Since this shows on all 3 reports, I plan on sending out one of each
of these to each CRA. I'm sending them Certified Mail, but no Return Receipt..

Lastly, do I need to sign this letter? In most cases, it seems the general
advice is not to sign, but with a CRA and the HIPAA process, I'm not sure.


ME

THEM

CMMR: XXXXXXXXXXXXXXXX

Dear Equifax,

My name is John Q. Owes, my SS # is XXX-XX-XXXX

I have no knowledge or records of account # XXXXXXXXXXXXX from SchmucksRUsCollections, listed on my Equifax
report # XXXXXXXXXX ordered on 10-20-2009.

Please provide me with the name and address of the medical provider, the date and type of service, and to which patient the service was provided. If possible, I would need the name of the person providing this data, and the mechanism in which it was provided in order that I may pursue possible legal remedies which may include any involved agency, including Equifax, to the OCR on HIPAA violations.

Please take notice that as of February 17, 2009 your Credit Reporting Agency falls within the purview of subtitle D of the ARRA , SEC. 13407(1) BREACH OF SECURITY.— Specifically, in respect to unsecured PHR identifiable health information of an individual in a personal health record, acquisition of such information without the authorization of the individual.

If you agree this entry is in error or are unable to provide complete information, as requested, deletion of the entry would satisfy HIPAA requirements and mitigate any future legal complaints against Equifax.

Thank you for your time regarding this very important matter regarding my personal
medical information.

Very truly yours,
My name
No signature.

Have you actual individual reports directly from each CRA??

Have you opted out?

Please do not try to use any "reinventing the wheel" version of the HIPAA letter program. If you want to use some other method, go ahead, but each step of the HIPAA letter program has been VERY carefully designed to achieve optimum results.

Here is the initial dispute letter to the CRA's, please note that because it is suggested that you either HANDWRITE the dispute, or use non-scannable font on a background printed paper there is NO WAY it can be "confused" with any form letter.

http://whychat.5u.com/hipaadisp.html

Thanks for the advice.. I appreciate your time..

I have in my greedy little hands paper reports I ordered last week
that arrived yesterday. I Opted Out months ago.

So, in this case, I need to stick to the exact form letter.
No problem.. will retype it and look for a difficult to scan font
or just hand write them.

The reason I changed it is my only experience so far is disputing
non-medical entries and in those cases, using exact form letters
seems to hurt your chance, rather than improve them.

Finally, can/should I send in individual letters for each medical (4)
or send them all in on a single letter?

I have updated my letter to match yours and included all accounts with
each bureau. All letters are going Certified Mail, with no return receipt
and I will sign each letter.

For the font, I'm using Huxtable 12 in Italics. Its hard to read, let alone scan.
I'll print them in teal/light blue on Yellow Letter sized paper.
Below is the updated letter, before I print, seal and mail:


ME

Equifax Information Services, LLC
P O Box 740256
Atlanta, GA. 30348

Dear Equifax,

I am sending this dispute certified mail # XXXXX to make sure you receive it. My name is John Q. Owes, my SS # is XXX-XX-XXXX.

I have no knowledge or records of the following accounts listed on my Equifax report # XXXXX ordered on 10-20-2009

Account # (Account number, from report, then name of company)
Account # (Account number, from report, then name of company)

Please advise me as to the name and address of the medical provider, the date and type of service, and to whom the service was provided, as any account I might have had would be obsolete.
If you can obtain this information, I also would need the name of the person providing this data, and the manner in which it was provided in order that I may pursue additional legal remedies which may include a complaint against your agency to the OCR on HIPAA violations.
Please take notice that as of February 17, 2009 your Credit Reporting Agency falls within the purview of subtitle D of the ARRA , SEC. 13407(1) BREACH OF SECURITY.—The term ‘‘breach of security’’ means, with respect to unsecured PHR identifiable health information of an individual in a personal health record, acquisition of such information without the authorization of the individual.
You are therefore now subject to the jurisdiction of the OCR for HIPAA violations.

Very truly yours,

Printed name
Signed name




Ready to go?

I think Huxtable is is overkill. Just a regular script or itallic is OK. Make sure the yellow paper has BLUE LINES.

Doh.. printed on yellow paper without lines..

Will reprint before I mail them tomorrow..

Again.. thanks for your assistance WhyChat...

Sent them today.. Couldnt find paperstock in yellow with blue lines,
so I went w/ slightly darker pink text on pink paper, in Informal Roman, in Italics.

Easily readable by a person, but it should be damned impossible for OCR...

Signed all copies, used only information from each of their respective reports.

Certified mail, no return receipt.


Thanks again for all your help WhyChat..

Not suppose to sign your name right?

WRONG- You sign your name on ALL disputes or correspondence to the CRA's or OC's. The ONLY time you do NOT sign your name is to a CA( Collection Agency)

Signed and sent 10-29-09.

So far, I've seen some indicators on CCT (accounts listed as disputed).

Some are still listed as under dispute, others are not. Hopefully they
didnt verify, but we'll see in a few weeks.

I'm ready to PAY the OC so I'm not hosed, but I'd prefer they just vanished of course..

Bummer,

EQ just verified 2 of the 4 I disputed.

2 show on EQ, 2 show on EX and 4 total show on TU (These 2, plus 2 more).

Waiting until the rest arrive, then starting the next step (paying the OC).

I'd like to confirm something.

Does a response of "verified" from the CRA confirm a relationship between
the OC and the CA? or is there a step I'm missing.

I'd rather not disturb the CAs atm, if possible.

I still have 3 more months before the 4 yr SOL on these runs out
and I'll have the cash to pay off all of my medicals (if required) in Dec/09.

Also, nothing I received from the CRA provided me with the acct number and/or date of service.
I called the OC and spoke to someone in the business office and she was nice enough to
pull up my acct and provide me with the acct #, amount past due and Date of Service.

No a verification from the CRA does NOT establish a current relationship between the OC and the CA.

The next step is to send the CA this;
http://whychat.5u.com/ltrcavalhipaa.html
And then send the CRA this;
http://whychat.5u.com/ltrcavalhipaa.html#DISPUTE

Thanks again for the correction before mis-step..

I swear upon all you consider holy I will re-read the HIPAA dispute process
before I post another question...

Edit: this debt is within the SOL by 6 months.

Not sure how I missed where you said that above. Thanks