Should privacy laws prevent us from advocating this case?

By | December 24th, 2016

When Phil Newman’s son cracked his tooth at camp last summer, a local dentist treated him for a root canal and affixed a cap. Newman assumed the treatment would be covered under his dental insurance with Cigna.


Newman has asked us to help him receive reimbursement for the cost of his son’s treatment. But we’re not sure we can, and it has nothing to do with our powers of persuasion.

Medical and dental treatment is covered under the Health Insurance Portability and Accountability Act (HIPAA), which contains a number of provisions that are supposed to safeguard the privacy of “Protected Health Information” (PHI), such as Newman’s son’s dental treatment.

The dentist who treated Newman’s son required a $800 payment in advance, which Newman made promptly. He then filed a claim on his dental policy for reimbursement of the payment. He estimated that Cigna would cover 80 percent, or $640, of the claim.

Because of the emergency nature of the treatment, Cigna denied the claim, stating that it was a medical claim rather than dental. It asked that the claim be refiled and coded as a medical claim. But the dentist’s office personnel don’t know how to submit medical claims to Cigna, which refuses to share the proper coding with the dentist’s office so that Newman can file a medical claim.

Newman spent hours on the phone with Cigna trying to resolve the issue, but Cigna won’t budge from its decision to deny his claim. He then turned to our advocacy team for assistance. (Contact information for Cigna can be found on our website.)

Related story:   A broken kneecap, a denied insurance claim -- and a missed cruise

HIPAA applies to Cigna, a “health insurance issuer,” as a covered entity. According to Subpart E, section 164.502(a) of HIPAA, “A covered entity … may not use or disclose protected health information.” But it “is permitted to use or disclose protected health information … to the individual, for treatment, payment, or health care operations, as permitted by and in compliance with section 164.506.”

With regard to minors such as Newman’s son, section 164.502(3)(i) provides that

If under applicable law a parent, guardian, or other person acting in loco parentis has authority to act on behalf of an individual who is an unemancipated minor in making decisions related to health care, a covered entity must treat such person as a personal representative under this subchapter, with respect to protected health information relevant to such personal representation …

Cigna’s Notice of Privacy Practices indicates that it may disclose PHI for the following purposes:

Treatment: – To share with

  • Health care professionals and personnel at health care facilities so they can determine your plan of care.
  • To help you obtain services and treatment you may need. …


  • To obtain payment of premiums for your coverage.
  • To make coverage determinations – for example, to speak to a health care professional about payment for services provided to you. …
  • To obtain payment from a third party that may be responsible for payment, such as a family member.
  • To otherwise determine and fulfill our responsibility to provide your health benefits – for example, to administer claims.

Health care operations:

  • To support another health plan, insurer, or health care professional who has a relationship with you for activities such as case management, care coordination and quality improvement activities. For example, we may share your claims information with your doctor if you have a medical need that requires attention. We may also disclose your PHI without your written authorization for other purposes, as permitted or required by law. This includes: › Disclosures to others involved in your health care.
  • If you are present or otherwise available to direct us to do so, we may disclose your PHI to others – for example, a family member, a close friend, or your caregiver.
  • If you are in an emergency situation, are not present, or are incapacitated, we will use our professional judgment to decide whether disclosing your PHI to others is in your best interests. If we do disclose your PHI in a situation where you are unavailable, we would disclose only information that is directly relevant to the person’s involvement with your treatment or for payment related to your treatment. We may also disclose your PHI in order to notify (or assist in notifying) such persons of your location or your general medical condition.

Presumably, Newman could give written authorization to Cigna to discuss his son’s PHI with us. But we aren’t certain, given Cigna’s stonewalling on this claim, that we’ll be able to help resolve Newman’s case.

Should we pursue Phil Newman’s claim with Cigna?

View Results

Loading ... Loading ...

  • renae

    Have the patient/parent contact a medical coder (plenty of them around), give written HIPPA permission for a one time case. Coder reviews record to advise correct ICD-10/CPT code. Now, the dental office can submit proper claim OR policy holder can submit it. Cost? probably about $50

  • AJPeabody

    The new ICD-10 codes have 68,000 codes for diagnoses and I have no idea how many for a procedure (I suspect hundreds of variations due to which tooth etc.). It would take the dentist’s staff considerable time to get the software and then find the medical code, rather than the dental code, and the medical procedure code (probably surgery) instead of a dental code. A professional coder is the only way to go.

    There are over 277 codes for fracturing a tooth, according to, a very useful online free coding site. Which one is correct? Then find the code for the procedure used on the patient, then submit it to Cigna, and, I’ll bet they say it’s really dental and try again.

    Take the case after getting a signed HIPPA waiver.

  • Alan Gore

    A case like this is probably outside our scope and would require an attorney. Cigna has no basis in claiming that HIPPA protects medical codes. It protects patient privacy.

  • AJPeabody

    Codes imply diagnosis. Protected info.

  • I’m not sure I believe the medical classification. A cracked tooth and root canal are both covered under dental. OP should review the summary plan and push back.
    Contact the insurance commissioner of the appropriate state.

  • Harvey-6-3.5

    I had a very similar circumstance, with the same type of result. My son fell while running a 5k, and hurt a tooth. I was in a hurry, so I took him to our dentist, who recommended a root canal. However, my medical insurance (MDIPA – United Healthcare) coded this as medical, not dental, so in order to get the root canal covered I would have had to obtained a referral from our primary care doctor, not our primary care dentist, even though this was a damaged tooth. Given his pain and the time constraints (late on a Friday afternoon), I just had the dentist do his work. The insurance company refused to cover the $1800 or so root canal.

  • Chris_In_NC

    Newman needs to contact and refer this case to his state’s insurance commissioner. At least this will give a definitive answer as to whether Cigna needs to accept this a medical or dental.

  • Chris_In_NC

    Not to be nit picky, but it is HIPAA not HIPPA. Its a common mistake, but HIPAA stands for Health Information Portability and Accountability Act. Most people incorrectly think the P stands for privacy. It does not. The act dictates how PHI (personal health information) can be used.

  • renae

    You are correct.

  • renae

    The code is not protected if no patient name or identifying info (such as number) is included. The PATIENT info is protected not the code.

  • RightNow9435

    Of course—–not knowing coverage limits of the OP or yourself—–one could have a dental policy like mine. It was “fully covered” but they only pay 20% on a root canal.

  • PsyGuy

    I voted yes, but I would suggest approaching this from another angle, not with CIGNA, but with the Dentist office. The dentist claims their office doesn’t know how to code for a medical claim, but it’s not rocket science. Perhaps someone on your team or that you have access too is an expert in medical claims and can provide the dentist office with the appropriate coding and perhaps even pre-gernated and completed forms requiring nothing more than the dentist/providers signature. then submit the medical claim to CIGNA.

  • PsyGuy

    I have to disagree, I’d argue the code is identifying.

  • PsyGuy

    You could have it done online for about $25.

  • Bill___A

    It almost gives me a headache reading it. A dental office should know how to properly code any procedure they do, emergency or otherwise. If they don’t, they need to find out from the provider or other source how to do it, not say “I don’t know”.

  • Annie M

    Why doesn’t he file a complaint with his states insurance division?

  • michael anthony

    Almost all disputes with coding originate with the doctor/dentist or hospital, improperly coding. And what do they do? They then put the onus on the patient to rectify. That is wrong and should be challenged. Patients don’t know coding and I would never trust some pay by the hour agency to code. And why should the patient pay for their mistake?

    I’d also be very careful about HIPAA. About the only time you’re totally in the clear when sharing information is in a case of life or death. If you have no vested interest in that patients health care, then you must be wary. For example, if you’re on floor 9 in hospital, staff on floor 10 cannot be looking at your records, unless they are directly involved in your care.

  • renae

    Where are you coming up with this? I have been in nursing for over 40 years……the last 15 doing medical auditing and (a bit of) coding. Currently, I am living in Canada but still do the work for about 10 hospitals in the US. I do it all via computer and yes, I look at oodles of medical records and yet have no vested interest in the patients health care.
    There is too much mis-information out there concerning HIPAA.
    As for ‘pay by the hour’ coders…….many of them are coders from major hospitals who do it for others on their days off or when they are on Maternity leave.
    Dentistry/Oral Surgery is one of those areas where Insurance companies love to bicker back and forth on Dental vs Medical. Most times, it winds up being dental because the insurance usually pays less that way….but hey! submit it both ways and watch what happens!

  • gpx21dlr

    Why I will always consider having, requiring insurance as evil. A necessary evil.

  • jim6555

    I voted yes. However, if intervention by the Elliott Team does not produce a satisfactory result, I suggest Mr. Newman bring a small claims action against Cigna and subpoenaing the dentist as a witness. When a judge hears that the claim can’t be submitted to Cigna because they have failed to provide a licensed practitioner with the proper codes, he/she will likely deem Cigna responsible and order them to pay what is due under the policy. Reading about this case makes me feel fortunate that Cigna is not my medical or dental insurance provider.

  • cscasi

    Well, please tell him how.

  • cscasi

    Identifying what exactly?It is certainly NOT identifying the patent!

  • cscasi

    Is it covered under the Aetna dental procedures covered in the family’s medical policy? My dental coverage only covers fillings and teeth cleaning, office visits under my medical policy. Everything else is not covered. That is why I have a separate dental policy.
    That is most likely why they wanted it coded under medical so it would get paid as an emergency. I also wonder if he took the paperwork the dentist gave him for the dental claim, attached it to an Aetna medical claim and submitted it, if Aetna would process it and pay it. My insurance company accepted that from me when I had a dental issue that was payable under medical but not dental.

  • William Leeper

    Nope, diagnostic and treatment codes are PHI only when they identify the patient. In other words I could tell you the ICD-10 code for an open fracture of a tooth is S02.5XXB where XX represents which tooth is involved. Under HIPAA we can tell you that all day long. What I could not answer would be “what was the diagnostics code used for Mr. Newman’ Son.” Releasing that is a violation.

    HIPAA protects personally identifiable information including: name, social security number, photographs, birthdate, x-rays, any any other information that can identify a specific patient. A diagnostic code cannot identify a specific patient because an unlimited number of patients could present with a specific diagnosis.

    In fact the law goes so far as to make it illegal to view someone else’ PHI and your own unless it is released through proper channels. To clarify, even if I have access to my health files because I work at a hospital or clinic, I cannot legally view my PHI, it must be released through medical records.

  • William Leeper

    You are considered a party to their healthcare as HIPAA allows medical providers to share information for billing and claims filing purposes. Ultimately that is what you are doing even though you may not be directly submitting the claims.

  • renae

    Exactly,. and that is exactly what THIS would be doing.

  • LonnieC

    Outrageous. Cigna first decides that a dental claim is actually a medical claim (oh, come on). Then Cigna withholds the medical coding information needed to file a medical claim. Under the regulations and Cigna’s own rules, there is no reason the information can’t be provided. And how is this prohibited by HIPAA anyway? The simple coding required is nothing more than a number/letter combination which in no way requires the disclosure of any confidential information. (“The code for a medical claim is 123abc.”) And then Cigna claims that without the correct code, it won’t pay a legitimate claim???

    I’d be at the State Insurance Agency in a nanosecond.

  • LonnieC

    Yeah. HIPPA stands for a large animal found in the rivers of Africa.

  • pauletteb

    Not all dental insurance covers root canals or caps, which are often considered “cosmetic” by the insurance industry.

  • PsyGuy

    Thank you and I agree, as this is what I intended. I’d like to see a prosecutor successfully succeed at trial with a jury over a patient who viewed their own medical records.

  • JewelEyed

    That would be the difference between clinical staff and clerical staff who work on everyone/anyone’s charts doing billing, coding, performance improvement, risk management. If it’s not something you are assigned to do in your work duties, you shouldn’t be doing it, but what those work duties entail depends on your position.

  • JewelEyed

    What if they call the provider number for Cigna and blind item the question? “If I have a patient who fractured [x] tooth and required [y] services, what is the proper code for that?” If you give no identifying information on the patient, how could it be a violation?

We want your feedback. Your opinion is important to us. Here's how you can share your thoughts:
  • Send us a letter to the editor. We'll publish your most thoughtful missives in our daily newsletter or in an upcoming post.
  • Leave a message on one of our social networks. We have an active Facebook page, a LinkedIn presence and a Twitter account. Every story on this site is posted on those channels. The conversation ranges from completely unmoderated (Twitter) to moderated (Facebook and LinkedIn).
  • Post a question to our help forums or ask our advocates for a hand through our assistance intake form. Please note that our help forum is not a place for debate. It's there primarily to assist readers with a consumer problem.
  • If you have a news tip or want to report an error or omission, you can email the site publisher directly. You may also contact the post's author directly. Contact information is in the author tagline.