Your best bet is to Google "HIPPA" process. You won't get much more then that here. Sorry.

If it included results for the test then yes. Otherwise im not sure if basically itemizing the bill is against HIPPA.

I've read HIPAA a few times and I'd argue that because you communicated with the CA about the debt, they can disclose that information. BTW, if you were using the HIPAA process, you would not communicate with the CA at all. However, I'm partial to the DV then PFD method thereby skipping HIPAA.

I don't know about licensing without looking them up. FL does have a database for CAs:

https://real.flofr.com/ConsumerServices/SearchLicensingRecords/Search.aspx

The HIPAA statute itself does not include any explicit regulation of debt collectors other than the broad prohibition applicable to all parties against disclosing personal medical information.

It also gives them explicit permissible purpose to retain information as long as they are collecting on an unpaid medical debt.

Interpretations of what are or are not HIPAA violations by debt collectors are just that... interpretations.

I dont see how communicating with the consumer regarding information they are authorized to possess gives rise to a disclosure to others.

You can, of course, argue that HIPAA, at some stage, removes the ability of the debt collector or CRA to even retain such information, but such assertions are not based on specific prohibitions within the statute.

I dont see a HIPAA violation.