Medical Bill Forensics LLC: Terms of Service & Policy Disclosure
1. Nature of Services (Forensic Audit Scope)
- Independent Analysis: Medical Bill Forensics LLC provides independent, third-party forensic analysis of itemized medical billing statements based on Federally Mandated Standard Code Sets which originate from the Administrative Simplification provisions of the Health Insurance Portability and Accountability Act (HIPAA). Specifically, the U.S. Department of Health and Human Services (HHS) has the legal authority under 45 CFR Part 162 to adopt and mandate these code sets for all healthcare transactions. While HHS mandates their use, they “adopt” the codes from the different Maintaining Organizations listed below.
- CPT® (Current Procedural Terminology)
- Administrator: American Medical Association (AMA).
- Function: This numeric nomenclature is the national standard for reporting medical, surgical, and diagnostic services. It is mandated for all professional and outpatient clinical procedures.
- HCPCS Level II (Healthcare Common Procedure Coding System)
- Administrator: Centers for Medicare & Medicaid Services (CMS).
- Function: This alphanumeric code set is the national standard for identifying products, supplies, and ancillary services not included in the CPT nomenclature, such as durable medical equipment (DME), orthotics, and ambulance services.
- ICD-10-CM (International Classification of Diseases, 10th Revision, Clinical Modification)
- Administrator: National Center for Health Statistics (NCHS), a division of the Centers for Disease Control and Prevention (CDC).
- Function: This is the HIPAA-mandated classification system for reporting clinical diagnoses, symptoms, and medical conditions across all United States healthcare settings.
- ICD-10-PCS (International Classification of Diseases, 10th Revision, Procedure Coding System)
- Administrator: Centers for Medicare & Medicaid Services (CMS).
- Function: This is the mandated classification system used exclusively for reporting procedural services performed in Hospital Inpatient settings.
- Revenue Codes
- Administrator: National Uniform Billing Committee (NUBC).
- Function: These four-digit codes are the national standard for identifying specific accommodations, ancillary services, or “cost centers” within a facility (e.g., ICU, Emergency Room, or Pharmacy). They dictate how a hospital must categorize charges on a UB-04 claim form.
- NDC (National Drug Code)
- Administrator: Food and Drug Administration (FDA).
- Function: The HIPAA-mandated standard for the identification and reporting of specific drug products.
- Verification of Administrative Authority
- These administrators do not merely “suggest” how codes are used; they provide the Official Guidelines that hospitals must follow to ensure a transaction is valid:
- Official Maintenance: These organizations are designated by HHS to update the code sets (typically annually or quarterly).
- The “Cooperating Parties”: For ICD-10 coding specifically, four organizations (AHA, AHIMA, CMS, and NCHS) form a “Cooperating Parties” group that signs off on the official coding guidelines. If a hospital bill deviates from these guidelines, it is in violation of the federal standard.
- Transaction Compliance: Under HIPAA, it is technically illegal for a hospital to use a “local” or “proprietary” code in place of these standard code sets when conducting a financial transaction.
- Each of these administrators is legally designated to maintain the official definitions, guidelines, and sequencing rules for their respective code sets. Any financial demand that utilizes these codes while deviating from the administrator’s official instructions is considered a Non-Conforming Demand under federal administrative simplification standards.
- CPT® (Current Procedural Terminology)
- Forensic Determination: Validity of the Financial Demand
- Medical Bill Forensics LLC operates under the principle that a healthcare financial demand (an itemized bill of charges) is only legally “allowable” if it adheres to the HIPAA Administrative Simplification Standards (45 CFR Part 162). Any bill containing a code that does not conform to these federally mandated standard code sets is considered an Invalid Transaction. The following standards apply to all audited demands:
- Mandatory Compliance: Under 45 CFR § 162.923, a healthcare provider is legally required to use the applicable HIPAA Standard Code Sets (CPT, HCPCS, ICD-10, and Revenue Codes) when conducting a financial transaction.
- Condition of Payment: Adherence to these standard nomenclatures and their official guidelines is a prerequisite for reimbursement. A code that is non-standard, unbundled, or incorrectly sequenced fails to meet the federal Condition of Payment.
- Status of Non-Conforming Codes: Any code or charge that deviates from these standards is classified as Non-Conforming. Federal claims processing rules (CMS Pub. 100-04) dictate that such demands are unprocessable and must be Returned to Provider (RTP) for correction or removal.
- Forensic Conclusion: A non-conforming code renders the specific line item invalid. Until the error is corrected to meet the National Uniform Billing Standards, the demand remains an unsubstantiated claim for which no payment obligation exists. As a matter of law, if the non-conforming code cannot be substantiated, it must be removed from a demand.
- Medical Bill Forensics LLC operates under the principle that a healthcare financial demand (an itemized bill of charges) is only legally “allowable” if it adheres to the HIPAA Administrative Simplification Standards (45 CFR Part 162). Any bill containing a code that does not conform to these federally mandated standard code sets is considered an Invalid Transaction. The following standards apply to all audited demands:
- Itemized Bill Review Only: Our audits are strictly limited to the information contained within a certified, itemized medical bill making use of the above coding systems.
- The Forensic Boundary – We Audit the Bill, Not the Medical Record: We do not request or review entire patient medical records, clinical provider notes, or internal hospital/clinical financial data or processes. A primary pillar of the Medical Bill Forensics LLC methodology is our “itemized bill only” boundary. While it may seem counterintuitive, we intentionally do not access full medical records, clinical provider notes, or internal hospital data. This protocol is maintained to protect the integrity of the audit and the legal standing of the patient.
- HIPAA Privacy & The “Minimum Necessary” Standard: Under Federal HIPAA regulations, access to a full clinical medical record is restricted to “covered entities” involved in direct patient care, legal representatives of a patient (patient advocates or attorneys), or those entities involved in payment processing. As an independent forensic firm, our scope is limited to the financial demand (e.g. the itemized medical bill) provided by the patient. Accessing a patients full clinical history without a “Treatment, Payment, or Operations” (TPO) justification would exceed the “Minimum Necessary” data standard. We are able to audit an itemized bill for potential error without accessing an entire medical record based on the presence or absence of hospital/clinic adherence to Federally Mandated Coding Standards; where this becomes impossible, we will include notation in our forensic report that provides clarity to the patient.
- Protection of Proprietary Data: While federal transparency laws (CAA 2021) and CMS Hospital Price Transparency requirements have made “Charge Master” rates and negotiated prices public knowledge, the internal hospital systems, clinical workflow software, and proprietary billing algorithms remain a “black box” that third parties cannot easily penetrate either legally or administratively. Medical Bill Forensics LLC utilizes publicly available transparency data to verify rates but does not require, nor seek, access to a facility’s internal, live administrative environment for audit completion.
- Forensic Independence: We adhere to the Four Corners Rule – a demand for payment must be accurate and self-substantiating based solely on the information presented within the document itself. If we were to dig through internal hospital records to “find” clinical justifications for billing department errors, we would be performing the hospital’s administrative work for them without a complete understanding of organizational policy or procedure. By remaining independent, we ensure our findings are an objective evaluation of the hospital’s own commercial tender.
- Preserving the Burden of Proof: Our most critical reason for not requesting or evaluating a medical records is to keep the Burden of Proof exactly where it belongs: on the hospital.
- Under HIPAA, if an itemized bill is structurally incorrect on its face, based on how it is coded, then it does not conform to federally mandated billing requirements based on standardized code sets. When a code on an itemized bill is non-conforming there are only two possibilities with distinct resolutions:
- 1. The code is incorrect on the current bill, but can be corrected by the billing entity if substantiated with appropriate clinical documentation and issuance of a corrected itemized bill that maintains the associated charge.
- 2. The code is incorrect on the current bill and cannot be substantiated with appropriate clinical documentation and must be removed along with its associated charge and a new corrected bill issued.
- Through auditing only the bill, we identify non-conforming codes which the hospital/clinic must substantiate with clinical documentation to support the associated charge for services. We make no claims regarding whether charges are able to be clinically substantiated upon billing entity medical record review; the burden of proof for clinical substantiation rests solely with the billing entity.
- Under HIPAA, if an itemized bill is structurally incorrect on its face, based on how it is coded, then it does not conform to federally mandated billing requirements based on standardized code sets. When a code on an itemized bill is non-conforming there are only two possibilities with distinct resolutions:
2. HIPAA Compliance & Data Intake
- Patient-Direct Intake: To maintain forensic independence and HIPAA compliance, we only accept itemized medical bills directly from the patient via our secure, HIPAA-compliant portal.
- Third-Party Firewall: We do not accept records or correspondence from hospitals, insurance carriers, or other patient-contracted representatives (e.g., legal counsel or advocates).
- PHI Protection: All audits are conducted in accordance with the Health Insurance Portability and Accountability Act (HIPAA) to protect private health information.
3. Non-Advocacy & Independent Status
- No Representation: Medical Bill Forensics LLC is not a law firm, debt management company, or medical provider.
- No Mediation: We do not act as a legal representative, agent, or advocate for the patient.
- No Communication with Payers: We do not engage in direct communication, negotiation, or mediation with hospitals, clinics, or insurance carriers on behalf of the patient.
- Conflict of Interest Policy: We are not affiliated with, nor do we receive compensation from, any medical facility or insurance carrier.
4. Professional Engagement Limits
- Transactional Service: The delivery of a forensic audit report concludes the professional engagement for the specific statement reviewed.
5. Indemnification & Use of Audit Findings
Patient Discretion: Any use of the completed forensic medical bill audit as evidence in a dispute, appeal, or legal proceeding is conducted solely at the direction and discretion of the patient and is between the patient (or their legal representation acting on behalf of the patient) and a hospital/clinic and/or a third-party payer.
Indemnification and Hold Harmless: By utilizing the services of Medical Bill Forensics LLC and receiving the forensic audit report, the patient (or their legal representative) agrees to indemnify, defend, and hold harmless Medical Bill Forensics LLC, its officers, and its employees from any and all claims, damages, liabilities, or expenses (including attorney fees) arising from the use, distribution, or dissemination of the audit findings.
Trigger of Liability: The act of utilizing this report—whether for the purpose of achieving a billing reduction, for use in legal proceedings, or for dissemination to third parties (including insurance carriers and healthcare providers)—constitutes an agreement by the patient to assume all risks associated with such actions. Medical Bill Forensics LLC provides an objective analysis of the billing document’s adherence to federal standards; however, the strategic application of these findings is at the sole discretion and risk of the patient.
Informational Purpose: Our audits are intended for informational and evidentiary purposes only, representing forensic findings based on the HIPAA Standard Code Sets.