Yes it is ... do a search

Just as an FYI, the HIPAA process (easily googleable) seemed to be quite popular several years ago but recent reports seem to support that the process no longer works. No one has reported success with this for some years now.

I will tell you I have tried, and it did not work at all for me. YMMV.

In a nutshell, the HIPAA process is supposedly to get medical collections that have been paid to the OC deleted from your CR.

 

Some have had luck, others not. 

 

There is nothing in the HIPAA laws that say a medical collection cannot be on your CR.  However, there are laws as to what information can be included in those collection tradelines.  That would be the only violation and/or reason for removal.

 

I PM'd you.

 

 

 

 

So is there any way to find out what "information" the OC may or may not have shared with the CA? I mean most of us have a hard enough time simply trying to get a CA do validate a debt, I doubt any of them would voluntarily let you know whether or not they have any information that they are not legally supposed to have. I can see where this could be a total waste of time unless one had their own personal search warrant to go into a CA office and demand they turn over every bit of information they have about you.

I copied and pasted this information directly from the US department of health and human services website. Towards the bottom it mentions what can/can't be shared and when/why it can/can't be shared. It says that not only medical information and medical billing information cannot be shared but also when the sharing of that information is no longer necessary. Sooooo, according to my Neanderthal mind and please correct me if I'm wrong, a healthcare provider cannot share billing information nor can a collection agency or any agency for that matter share this information after the intended use has been met. Although I can't find a specific law prohibiting a healthcare facility from sharing your BILLING information surely (obviously there must be or no one would have medical collections listed on their CR) but surely once a CA collects on a debt there is no longer an INTENDED use for them to continue to share your medical billing information on your CR since there is no longer a debt to collect. Just my thoughts, maybe I'll give this route a try once I pay these debt off to get deletion s on the TL that some of the CA are refusing to delete.

Your Health Information Is Protected By Federal Law

Most of us believe that our medical and other health information is private and should be protected, and we want to know who has this information. The Privacy Rule, a Federal law, gives you rights over your health information and sets rules and limits on who can look at and receive your health information. The Privacy Rule applies to all forms of individuals' protected health information, whether electronic, written, or oral. The Security Rule, a Federal law that protects health information in electronic form, requires entities covered by HIPAA to ensure that electronic protected health information is secure.

Who Must Follow These Laws

Who Is Not Required to Follow These Laws

What Information Is Protected

Information your doctors, nurses, and other health care providers put in your medical record
Conversations your doctor has about your care or treatment with nurses and others
Information about you in your health insurer’s computer system
BILLING INFORMATION ABOUT YOU AT YOUR CLINIC
Most other health information about you held by those who must follow these laws
Hide Details


How Is This Information Protected

Covered entities must put in place safeguards to protect your health information.
COVERED ENTITIES MUST REASONABLY LIMIT USES AND DISCLOSURES TO THE MINIMUM NECESSARY TO ACCOMPLISH THEIR INTENDED PURPOSE.
Covered entities must have contracts in place with their contractors and others ensuring that they use and disclose your health information properly and safeguard it appropriately.
Covered entities must have procedures in place to limit who can view and access your health information as well as implement training programs for employees about how to protect your health information.

In a nutshell, the HIPAA statute only permits parties to retain medically related information to the minimum extent necessary to carry out a legitimate business need.

 

A specific permissible purpose to retain information necessary to collect on medical debt is provided in the HIPAA statute.

The theory behind the so-called HIPAA process is that once a debt has been paid to the medical provider, that permissible purpose is gone.

The leap is that when the "collection on the debt" permissible purpose no longer applies, all information formerly authorized to be retained for that purpose, including reporting to a credit reporting agency, must be deleted as unauthorized information.

 

No such statement or provision is set forth in the Act.  It is an interpretation of statute that has no binding case law in its support.

The OC can share any and all of your information to the CA.  However, the CA is extremely limited to who they can share it with.  As the consumer, they have the right to share all of it with you.

This process didn't work for me either.

 

 I sent 4 out to 4 different places and each came back with HIPAA statements themselves that they were not in violation.

 

Basically in a nutshell I think places have wisened up to this policy and have educated themselves better on the HIPAA law.

I agree.  IMHO, I believe the whole process was born out of a misunderstanding of how HIPAA actually works and was used as a scare tactic.

 

HIPAA laws are regularly briefed in medical industries nowadays.