The Consumer Financial Protection Bureau (CFPB) is proposing a change to the Fair Credit Reporting Act (FRCA) to remove all medical debt from the credit report and proposing that “credit header data constitutes a consumer report.” If this occurs the question becomes do medical providers have a “permissible purpose” to use credit header data to verify patient information? (Learn more about this in the Creditor Header Data Section.)
If the answer is no, you do not have a “permissible purpose”, you could potentially be barred from using several credit bureau services that are regularly used by healthcare providers from vendors like TransUnion and Experian/Passport to verify the identity of patients, discover missing insurance and verify insurance eligibility, most of which likely uses credit header data. Without these services, how can you verify that the person presenting in front of you for admission is who they claim to be? The opportunity for fraud, identity, and insurance theft becomes even greater if you are no longer able to access this information.
This change will also make it harder for healthcare organizations to find people that are in debt to your facility for the services you provided. If they move, is it still a “permissible purpose” to use the credit header data for “skip tracing” (finding updated address information)? Again, another service regularly offered by credit reporting agencies.
Lastly, charity care and financial assistance processes are also put at risk by this change. Without access to this data, it will be harder to score patients for financial assistance, negatively impacting your most vulnerable patients.
Removing medical debt and making significant changes to the Fair Credit Reporting Act can have far reaching impacts to healthcare revenue cycle operations across the country! Organizations likes of Experian/Passport, TransUnion, Lexis Nexis, FinThrive, and many more may no longer be able to provide you with valuable data used in your revenue cycle operations today!
How We Got Here
In September, at a White House press event with Vice President Kamala Harris, CFPB Director Rohit Chopra announced the release of the agency’s sweeping outline of proposals to amend Regulation V, which implements the Fair Credit Reporting Act (FCRA). Public comments on the proposals were filed last week. While most of the news on the CFPB’s proposals is focused on its plan to eliminate credit reporting of medical debt, a change that could have a detrimental effect to your hospital or health system’s bottom line, has not received the same coverage but could have far-reaching implications on not only healthcare, but on the way law enforcement works to protect our nation. Buried in the proposals is the CFPB’s plan to “clarify the extent to which credit header data constitutes a consumer report.”
What is Credit Header Data?
Just what is credit header data? It is the nonfinancial identifying information located at the top of a credit report, such as name, current and prior addresses, telephone number and Social Security number (demographics). It is distinguished from other sections of a credit report, including “trade lines” containing various account payment histories. Hospitals and health systems, as well as financial institutions, law enforcement, and other industries, regularly use credit header data to confirm an individual’s identity. This information is vital because hospitals and health systems use this information to verify patient information to prevent fraud and/or identity theft. Credit header data is also used by federal, state and local law enforcement agencies to protect communities. For example, the National Center for Missing and Exploited Children used information derived in part from credit header data to help resolve over 1,300 missing child cases in 2022.
A recent article published in the American Banker, which focused on the impacts to law enforcement, stated:
The privacy of credit header data is federally protected, with its compilation subject to the comprehensive reuse and redisclosure requirements of the Gramm-Leach-Bliley Act of 1999. However, credit header data has long been recognized as not subject to the FCRA. For instance, in 2011, a Federal Trade Commission report summarizing agency guidance going back to the 1970s stated that “a report limited to identifying information … does not in itself constitute a consumer report if it does not bear on any of the seven factors” bearing on the definition of a “consumer report” under the FCRA. Numerous federal court decisions have also reached the same conclusion. Congress has also previously considered but not enacted bills to change the treatment of credit header information by amending the FCRA, which both implicitly recognizes that credit header data is not subject to the FCRA and that such a change requires the enactment of legislation.
The reason the CFPB’s plan is so alarming is because its effort to subject credit header data to the FCRA would effectively cut off law enforcement access to such data. This is because under the FCRA, a consumer report can only be shared for a limited number of “permissible purposes,” usually to inform credit, housing and insurance decisions. Investigating crimes or finding missing persons are not expressly listed as permissible purposes under the FCRA, so law enforcement agencies will no longer be able to obtain access to credit header data once the CFPB redefines it as a “consumer report.” In fact, providing the data to law enforcement would become a crime punishable by up to two years in prison.
CFBP Hearings – Make Your Voice Heard!
CFPB Director Chopra will be speaking to the House Financial Services Committee on Wednesday and the Senate Committee on Banking, Housing and Urban Affairs. There are several congressmen that will be specifically addressing concerns from medical providers. You can make your voice heard by reaching out to your congressmen and senators to let them know the negative impact the CFPB’s proposed changes will have on our nation’s healthcare.
Click here to learn more about Americollect’s work with clients helping protect their recovery and revenue cycle operations.
Ridiculously Nice Legal Disclaimer
The content provided in this communication (“Content”) is presented for educational and general reference purposes only. Americollect, Inc and/or AmeriEBO LLC either directly or indirectly through speakers, independent contractors, or employees (collectively referred to as “Americollect”) is providing this Content as a courtesy to be used for informational purposes only. The Contents are not intended to serve as legal or other advice. Americollect does not represent or warrant that the Content is accurate, complete, or current for any specific or particular purpose or application. This information is not intended to be a full and exhaustive explanation of the law in any area, nor should it be used to replace the advice of your own legal counsel. By using the Content in any way, whether or not authorized, the user assumes all risk and hereby releases Americollect from any liability associated with the Content.