Colorado and California are advancing medical debt bills while Colorado also became the latest state to pass a data privacy law. Read more below for updates on ACA International’s state advocacy and law tracking.
At last count, ACA International and its state and regional units were tracking approximately 850 bills related to the accounts receivable management (ARM) industry and 22 states remained in legislative session.
Three states adjourned their sessions last week: New York, Louisiana and Connecticut.
“We’re all working together to fight, educate, advocate and amend legislation on behalf of the industry,” said ACA’s Vice President of State Unit and Government Affairs Andrew Madden during the June 9 ACA Huddle for members, which featured updates from ACA’s compliance, education and state and federal advocacy teams.
In case you missed it, here are a few state updates to know this week.
Nevada Medical Debt Legislation
On June 2, Nevada Gov. Steve Sisolak signed S.B. 248, which requires a collection agency to notify a consumer before taking any action to collect a medical debt and prohibits certain practices relating to the collection of medical debt. The law takes effect July 1.
ACA and the Nevada Collectors Association advocated for a veto of S.B. 248 before it reached the governor’s desk. While that did not happen, there were amendments to the bill influenced by testimony from ACA members and ACA has connected with the Nevada Department of Financial Institutions for guidance on requirements in the law.
“Nevada is the toughest political environment for our industry right now,” Madden said. “During the pandemic, the state enacted a moratorium on collections and garnishment. It also issued temporary guidance on remote work and continued to extend it throughout the year.”
ACA and the NCA advocated for work-from-home allowances for licensed agencies after the state included them in the “non-essential” business category in March 2020 and will continue to advocate as the end of the current guidance approaches. The current guidance is now in place through July 31, 2021, ACA previously reported.
Maryland Medical Debt Law
Unlike in Nevada, Maryland’s medical debt bill from this legislative session became law simply because Gov. Larry Hogan didn’t veto it. In other words, in Maryland, a bill that is not vetoed can be finalized without the governor’s signature.
The bill takes effect Jan. 1, 2022, and includes requirements for hospital debt collection policies and payment arrangements. It also prohibits a hospital from taking specified actions when collecting debt.
A hospital must annually submit its policy on the collection of debts owed by patients as well as a specified report to the Health Services Cost Review Commission (HSCRC), which HSCRC must compile into an annual medical debt collection report.
Madden said advocates for health care providers in Maryland spoke out about the impacts of the bill on their revenue stream.
“It is not unexpected that this law did go into effect,” Madden said. “Ultimately it prevents a medical provider from filing an action or garnishment against a consumer if they are eligible for free or reduced medical costs.”
California – The Busiest State
Outside of New York, Madden said California is the most active in legislation and regulations for the ARM industry.
A bill to amend the Credit Services Act of 1984, sponsored by State Assembly Member Tim Grayson, D-Concord, passed in the Assembly Banking and Finance and Privacy and Consumer Protection committees, however, it was recently referred back to the appropriations committee.
The bill, A.B. 1089, would, among other requirements, require the Department of Financial Protection and Innovation to license, regulate and oversee credit services organizations effective Jan. 1, 2023.
Existing law defines and regulates the activities of credit services organizations, which are defined as a “person who, for payment, performs specified credit-related services, such as improving a buyer’s credit record and obtaining loans. Existing law requires credit services organizations to obtain a surety bond, as specified, before conducting business and requires that they register with the Department of Justice, subject to a fee of $100.”
The bill would prohibit credit services in California without a license and “require each licensee to, among other things, file reports with the commissioner of the Department of Financial Protection and Innovation under oath, maintain a surety bond and pay to the department its pro rata share of all costs and expenses reasonably incurred in the administration of these provisions, as estimated by the department.”
Credit services organizations would also be prohibited from sending a dispute to a consumer credit reporting agency, creditor, debt collector or debt buyer more than 180 days after the disputed account has been removed, or from failing to provide along with its first written communication to a credit reporting agency or data furnisher sufficient information to investigate a dispute of an account.
The bill would require a consumer credit reporting agency, creditor, debt collector or debt buyer that knows that a consumer is represented by a credit services organization to communicate with the credit services organization.
Meanwhile, a medical debt bill is also advancing in California. The bill, A.B. 1020, passed in the California Assembly and requires hospitals to have a written policy on how they send accounts to third-party debt collectors and enacts limits on collection actions. It will now be considered by the Senate.
Colorado Data Privacy
Colorado’s legislature passed the Colorado Privacy Act (CPA) last week, making it the third major piece of state data privacy legislation in the U.S. this session, following Washington and Virginia. However, the Colorado House of Representatives added several amendments, meaning the state Senate had the opportunity to review the bill again before the June 12 legislative deadline.
If signed by the governor, it will go into effect on Jan. 1, 2023. Requirements in the bill include personal data privacy rights for consumers, such as:
- Specifying how controllers must fulfill duties regarding consumers’ assertion of their rights, transparency, purpose specification, data minimization, avoiding secondary use, care, avoiding unlawful discrimination and sensitive data;
- Requiring controllers to conduct a data protection assessment for each of their processing activities involving personal data that present a heightened risk of harm to consumers, such as processing for purposes of targeted advertising, profiling, selling personal data or processing sensitive data; and;
- Specifying that a violation of its requirements is a deceptive trade practice, but the bill may be enforced only by the attorney general or district attorneys.
ACA will continue to follow these state activities and keep members updated in ACA Daily.
For more state updates, members are invited to join the weekly ACA Huddle at 11 a.m. CDT on Wednesdays.
For more information on how the ACA licensing staff can assist with your licensing application completion needs, please contact us at [email protected] or call (952) 926-6547.