We are all familiar with the Health Insurance Portability and Accountability Act (HIPAA) and its Privacy Rule establishing standards to prevent the unauthorized disclosure of a patient’s protected health information (PHI). Indeed, they have been our constant companion with every patient encounter in the 20-plus years since their enactment in the late 1990s. And those encounters include trying to collect a debt owed by a patient because PHI, by statutory definition, includes payment-related patient information.

But just what PHI can healthcare providers disclose when attempting to collect a debt without running afoul of state law establishing an independent tort for unauthorized disclosure of PHI—otherwise known as a Biddle claim—or federal law under HIPAA? That question is presently before the Supreme Court of Ohio in Menorah Park Center for Senior Living v. Rolston.

Read the article here.