6

I wonder whether a health insurance in the United States must provide a listing of procedure and diagnosis codes that are covered, if requested by a policyholder?

In my opinion, the listing of procedure codes that are covered should be part of the health insurance contract, and subsequently be made available to the policyholder, but the health insurance I am in discussion with (namely Blue Cross Blue Shield of Massachusetts) seems unwilling to provide such a list (see below for the exact message they sent me).

I am mostly interested in the following locations:

  • California, United States
  • Massachusetts, United States

Here is the message I received from my health insurance, Blue Cross Blue Shield of Massachusetts, when I asked them "Where can I find the list of all procedure codes, marked as covered or not covered by my insurance plan?":

We do not have a listing of procedure codes that are covered or not covered that we can provide you with. We can check on certain procedure codes when they are provided to us, to see if they are covered based on medical policy guidelines. If you have codes from your provider you can contact us to check on them for you, however, the best way to find out is for the doctor to call provider services to confirm coverage.

More details after further insisting:

The procedure code alone is not what determines if a service will be covered, it is just one piece of the puzzle. Claims are billed with a procedure code and a diagnosis code. The procedure code is what tells us what service is done, and the diagnosis code tells us why. Not only does the procedure code need to be related to a covered service, but the reason for the service (the diagnosis) needs to indicate that the service was medically necessary. We do not have a list of all covered procedures and the related diagnosis codes and we are not clinically trained to determine medical necessity. Typically, it is the doctor’s responsibility to verify if the services are covered and that they are medically necessary. We can research the procedure code that the doctor plans to bill with to see if it is a service that we would potentially cover, but we cannot advise you if it is medically necessary.

ADDITIONAL EXAMPLE

To illustrate that this same problem goes beyond California and Massachusetts, here is an additional example from North Carolina where the insurance company attempting to excuse itself from providing procedure codes. The excuse is that the codes are "PHI" (protected health information). Of course the entire contents of the EOB, not just the codes, are "PHI", so the reasoning is laughable. And the letter is coming from UnitedHealthcare's "Regulatory Consumer Advocate"!

Wayne Goodwin NC Commissioner of Insurance April Lindsey-Evans Regulatory Consumer Advocate

Improve this question
5
  • Seems unwilling. Tell me more about that.
    – jqning
    Commented Jan 12, 2016 at 14:54
  • @jqning sure, I have added in the question the message I received from my health insurance.
    – Franck Dernoncourt
    Commented Jan 12, 2016 at 15:03
  • I can understand their position -- the matrix of all diagnostic codes vs all procedure codes is simply too large to be practical, and in some cases old tratments may be found to be effective for conditions not previously known, so it would be ever changing as well. Would it not be easier to ask them if there are procedures they do not cover? Also does the affordable care act not specify a minimum level of care before an insurance can be legally sold? (i.e. the reason why some people could not keep their old insurance)
    – Soren
    Commented Jan 18, 2016 at 23:28
  • @Soren Good point, I could try to ask for the non-covered procedure and diagnose codes. I'm not sure about the affordable care act: I'd expect my insurance to cover a bit more. If I cannot get the information from the insurance, I have this conundrum: How to be sure a medical appointment will be fully covered by a health insurance in the United States?.
    – Franck Dernoncourt
    Commented Jan 18, 2016 at 23:34
  • @Dave The letter you received is indeed ridiculous. Coincidentally yesterday I was having, once again, the same argument with my health insurance on exactly the same topic (providing CPT and ICD-10 for a medical consultation I had).
    – Franck Dernoncourt
    Commented Jan 6, 2017 at 23:52

1 Answer 1

Reset to default
5

The health insurance contract should set forth what is and is not covered in detail (in addition, there would be a short summary version).

They probably don't have to provide procedure codes that are covered or not covered because no such one to one correspondence exists because the language of the insurance contract is controlling and does not exactly correspond to procedure codes.

For example, one of the basic eligibility questions is whether a procedure is medically necessary. A procedure may be medically necessary for one person, but not for another, and usually a denial based upon medical necessity is subject to appeal to other medical professionals engaged by the insurance company.

Unless the insurance contract provides that an EOB must contain procedure codes, it probably doesn't have an affirmative obligation to do so, because there is no general principle of law that would require them to disclose their internal classification of services provided outside of a litigation context. And, in a litigation context, you probably could obtain procedure codes in discovery from the insurance company, as the code assigned to a procedure on an EOB would almost surely not be privileged or a legally protected secret.

It may very well be that the company has an in house set of procedures for certain common diagnosis codes that are routinely allowed or are flagged for review by an insurance company bureaucrat. But, that would ordinarily be considered something of a trade secret of the company and is not a statement of what is or is not allowed under the actual health insurance contract. However, the privilege against disclosing the information in that context would flow from trade secret law and not from the fact that they are PHI.

I don't agree that PHI is the correct reason for failing to disclose that information (unless some case law of which I am not aware has interpreted it differently). The federal law definition of PHI is at 45 CFR 160.103:

Protected health information means individually identifiable health information:

(1) Except as provided in paragraph (2) of this definition, that is:

(i) Transmitted by electronic media;

(ii) Maintained in electronic media; or

(iii) Transmitted or maintained in any other form or medium.

(2) Protected health information excludes individually identifiable health information:

(i) In education records covered by the Family Educational Rights and Privacy Act, as amended, 20 U.S.C. 1232g;

(ii) In records described at 20 U.S.C. 1232g(a)(4)(B)(iv);

(iii) In employment records held by a covered entity in its role as employer; and

(iv) Regarding a person who has been deceased for more than 50 years.

The cross reference to 20 U.S.c. 1232g(a)(4)(B)(iv) reads as follows:

(iv) records on a student who is eighteen years of age or older, or is attending an institution of postsecondary education, which are made or maintained by a physician, psychiatrist, psychologist, or other recognized professional or paraprofessional acting in his professional or paraprofessional capacity, or assisting in that capacity, and which are made, maintained, or used only in connection with the provision of treatment to the student, and are not available to anyone other than persons providing such treatment, except that such records can be personally reviewed by a physician or other appropriate professional of the student’s choice.

In short, it is B.S. that you are being given an illegitimate reason for not complying with your request, but it is probably still within the company's rights for other legitimate reasons to deny your request.

Improve this answer
4
  • Presumably you agree a patient's diagnostic code is PHI that can't be revealed to an unprivileged 3rd party. Is your evaluation as BS based on the NC insurance dept. agent being privileged under the law? From the code and the patient name, you can tell that the patient was suspected of having some condition, so I don't get what's not PHI here (in the NC letter).
    – user6726
    Commented Jan 7, 2017 at 0:17
  • 3
    Implicit in the question is that the EOB has been given to the patient and it is the patient who is requesting the codes accompanying the EOB. Denying a patient access to their own PHI on the grounds that it is PHI is not what HIPPA requires. HIPPA requires that PHI not be shared with third parties except certain designated people (like the treating physician and insurance company), not that PHI not be shared with the patient it pertains to. And, procedure codes for procedures on an EOB provide no PHI about patients other than the one to whom the EOB pertains.
    – ohwilleke
    Commented Jan 7, 2017 at 0:28
  • As I recall, only the record-keeper (doctor) can disclose. It's not at all obvious that an insurance company or other third party can be compelled to disclose anything even to the patient, although maybe there is a provision to that effect. I agree that that wouldn't have been the intent of the law, but we live in a world full of unintended regulatory consequences. Can you point to regulations (perhaps under subpart E part 164) whereby the insurance company must disclose to an alleged patient?
    – user6726
    Commented Jan 7, 2017 at 1:02
  • 1
    @user6726 I am fairly certain that EOB by insurance company to patient (which is, of course, PHI) is mandated although I can't quote chapter and verse on where that mandates is located in the statutory and regulatory scheme. And, I'm fairly certain that there is no prohibition on disclosing PHI to the patient by anyone, even when those disclosures aren't mandated.
    – ohwilleke
    Commented Jan 7, 2017 at 9:20

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .