The information provided on this website does not, and is not intended to, act as legal, financial or credit advice. See Lexington Law’s editorial disclosure for more information.
If you’re reading this article, you’re probably wondering what HIPAA is and how it can help you. In 1996, the federal government passed the Health Insurance Portability and Accountability Act (HIPAA). This law looked to protect sensitive customer information from being shared without a person’s knowledge or consent. National standards were established for electronic healthcare transactions.
Companies that work with protected health information (PHI) must have security processes to ensure they’re HIPAA compliant. This applies to anyone who provides treatment, processes payments or has other operations in healthcare, as well as their business associates who must access patient information. This helps to protect American citizens in addition to reducing the incidents of healthcare fraud.
Additionally, HIPAA allows American workers and their families to continue to receive health insurance coverage after losing or changing jobs.
HIPAA is quite extensive and covers many areas. Some of the more important rules are the HIPAA Privacy Rule and the HIPAA Security Rule.
The HIPAA Privacy Rule was initially proposed in 1999 and approved in late 2000. This rule requires that medical records and personal health information in health plans, with healthcare clearinghouses and with healthcare providers are protected with safeguards. This applies to electronic, written and oral health information.
The HIPAA Privacy Rule also sets limits on how this private information can be used and disclosed without patient approval. A patient must give approval before their health information is shared with a third party.
Lastly, the rule also gives patients the right to obtain a copy of their health records to examine them and make requests for necessary corrections. You can also receive a report on when your health information was shared, with whom and for what reason.
The HIPAA Security Rule was proposed in 1998 and approved in early 2003. This rule protects people’s personal health information that is maintained, received, created or used by a covered entity. The rule focuses on protecting the information that’s stored or shared in electronic form. Similar to the HIPAA Privacy Rule, the Security Rule requires applicable entities to maintain reasonable security measures to protect this data.
The Security Rule is like an add-on to the Privacy Rule, requiring all applicable entities to have security measures in place that will protect private information as it’s shared or stored electronically. Within the Security Rule are clear guidelines that companies must follow to safeguard health information and remain compliant (for electronic information only)—for example, requiring authentication to log onto a private network that contains PHI.
All “covered entities” have to comply with the HIPAA. These entities include:
There are 12 instances in which PHI can be given out without permission. These exceptions are:
It’s important to note that the HIPAA does not prevent credit reporting. Actions related to the payment of medical bills are one reason covered entities are allowed to disclose health-related information without the individual’s authorization. This also includes disclosure to credit reporting agencies. So, if you miss payments or make late payments on your medical bills, it can be reported to the credit reporting agencies.
However, the PHI disclosures are limited to sharing the following information:
Covered entities will give credit reporting agencies enough information to identify your report and add the negative payment information to your file without knowing your medical history, treatments or background.
The HIPAA needs to act in a way that doesn’t conflict with the Fair Credit Reporting Act (FRCA). This means consumers have the right for their credit reports to be private and include only accurate information. The FCRA also provides consumers with the right to dispute any false information on their credit report to have it removed.
If you’ve found out that a collector has information that violates HIPAA, you can take action. Let’s say, in an attempt to validate your debt, the collector received information about your treatment or any additional information beyond what is allowed to be shared with credit reporting agencies.
In this case, you can send a letter stating that your rights under HIPAA have been violated as you never signed a HIPAA authorization form. There is a possibility they will have to pay fines for the violation (the money would be awarded to you), and the medical debt will be removed from your credit report.
It’s important to understand HIPAA and your rights under this act. Like all other forms of debt, medical debt can have a significant impact on your credit. If you have late or missed medical debt payments, they show up as negative items on your report and can lower your credit score.
To avoid this situation, you should always review your medical debt on your credit reports. If the information is false, has errors or violates your HIPAA rights, you may have a case to dispute the information and have it removed from your file.
Of course, this applies to everything that appears on your credit report. Be aware of what’s on your credit reports, and check every detail. Credit reporting agencies often make errors, and you’ll be the one affected by the consequences if you miss them.
If you seek a credit repair company’s help, make sure you choose one that takes privacy and your data very seriously. There should be systems in place to protect your personal information. Lexington Law takes customer data protection very seriously—find out how we can protect you and help you with credit repair today.
Note: Articles have only been reviewed by the indicated attorney, not written by them. The information provided on this website does not, and is not intended to, act as legal, financial or credit advice; instead, it is for general informational purposes only. Use of, and access to, this website or any of the links or resources contained within the site do not create an attorney-client or fiduciary relationship between the reader, user, or browser and website owner, authors, reviewers, contributors, contributing firms, or their respective agents or employers.
The credit card approval process can take anywhere from a few minutes to 30 days,…
Once you confirm the amount you owe, you may be able to negotiate your credit…
The Consumer Credit Protection Act is a piece of legislation that protects consumers in the…
Saving for a rainy day is an important part of financial stability. Learn how to…
Learn all the different ways you can pay off your student loans so you can…
Does refinancing your mortgage hurt your credit? It can be an issue. Discover why this…