Good Faith Estimate Requirements for HIPAA‑Covered Providers: Compliance Guide

A Good Faith Estimate (GFE) helps patients understand and plan for the cost of care before receiving items or services. For HIPAA‑covered providers, getting GFEs right protects patients, reduces disputes, and demonstrates strong compliance documentation under the HIPAA Privacy Rule.

This guide explains what a GFE is, when it applies, exactly what to include, how and when to deliver it, how convening and co‑providers coordinate, what to expect in the patient‑provider dispute resolution process, and how to retain records in line with HIPAA and operational best practices.

Good Faith Estimate Definition

A Good Faith Estimate is a nonbinding, written estimate of expected charges for a scheduled or requested item or service, plus any items or services reasonably expected to be part of the same period of care. It is provided to an uninsured or self‑pay individual before care is furnished.

The GFE must present an itemized charge disclosure in clear, accessible language patients can understand. While it is not a contract or a guarantee of final charges, it sets expectations, supports price transparency, and reduces friction that can lead to billing complaints or a dispute resolution process.

Scope and “period of care”

The “period of care” includes the primary service (for example, a colonoscopy) and other items or services customarily expected to occur with it (such as pathology or anesthesia). You should reflect both your own charges and, when applicable, expected charges from co‑providers involved in the same course of treatment through effective co‑provider coordination.

HIPAA considerations

Because a GFE contains protected health information, providing it to the patient is permissible under the HIPAA Privacy Rule. Use reasonable safeguards, follow patient preferences for receipt, and document your process as part of your compliance documentation.

Applicability to Uninsured and Self-Pay Patients

GFEs apply to uninsured individuals and to self‑pay individuals who have coverage but choose not to use it for the item or service. If a patient schedules care or asks for a cost estimate without scheduling, you must provide a GFE within the required timelines below.

Who is included and common scenarios

• Uninsured: No group health plan, individual coverage, or government program coverage for the relevant item or service.
• Self‑pay: Has coverage but opts to pay out of pocket or not to submit a claim for the item or service.
• Recurring services: For ongoing, recurring care (for example, weekly therapy), a single GFE may cover a set period (commonly up to 12 months) with the expected frequency and total estimated cost.

What is not included

• Insured patients using benefits for the specific service (these patients may receive separate benefit-related estimates under other rules, distinct from the GFE for uninsured/self‑pay individuals).
• Emergent scenarios that are not scheduled and where a timely pre‑service estimate is not feasible; once the patient later schedules non‑urgent follow‑up, the GFE rules apply.

Required Information in Good Faith Estimates

Provide a complete, accurate, and readable estimate. Organize information so patients can see what they are paying for and why.

Patient and provider identifiers

• Patient’s full name and date of birth.
• Convening provider/facility legal name, National Provider Identifier (NPI), Tax Identification Number (TIN), and service location(s).
• Names and NPIs of any co‑providers or co‑facilities included in the estimate, when applicable.

Clinical and financial detail

• Plain‑language description of the primary item or service and any related items or services in the period of care.
• Diagnosis codes (for example, ICD‑10) and service codes (for example, CPT/HCPCS) when they are known.
• Itemized charge disclosure: expected charges for each listed item or service, plus a total estimated charge for the period of care.
• Anticipated date(s) of service or a timeframe for recurring services.

Required disclosures and notices

• A statement that the GFE is based on information known at the time and that actual items/services and charges may vary.
• A notice that co‑providers may bill separately if not included, and that the patient can request an updated GFE if details change.
• Information about the patient’s right to use the dispute resolution process if the billed charges substantially exceed the GFE.
• Contact information for questions, updates, or to reschedule.

Delivery Methods and Timelines

Deliver GFEs promptly and in a format the patient can save and share. Timeliness is measured in business days (Monday–Friday, excluding federal holidays, in the provider’s locale).

Timelines you must meet

• If the item or service is scheduled at least 10 business days in advance: provide the GFE no later than 3 business days after scheduling.
• If scheduled at least 3 business days in advance (but fewer than 10): provide the GFE no later than 1 business day after scheduling.
• If the patient requests a GFE without scheduling: provide it no later than 3 business days after the request.

Delivery methods and HIPAA safeguards

• Paper: hand delivery or mail in an accessible, readable format the patient can keep with their patient medical records.
• Electronic: secure patient portal or encrypted email that allows the patient to download, save, and print.
• Unsecured data transmission: if a patient asks for unencrypted email or text, warn them of the risks and document their preference; honoring the patient’s request is permissible under the HIPAA Privacy Rule.

Whenever material facts change before the appointment (for example, newly added tests or a different setting of care), issue a revised GFE as soon as practicable so the patient can review costs in advance.

Responsibilities of Convening and Co-Providers

The convening provider or facility is the entity that receives the scheduling request or GFE request and is responsible for furnishing the complete estimate for the period of care. Co‑providers (for example, anesthesiology, pathology) furnish related items or services and may either be included in the convening provider’s estimate or issue their own estimate, depending on operational realities.

Convening provider duties

• Identify items/services reasonably expected to accompany the primary service and the co‑providers likely to furnish them.
• Coordinate with co‑providers to obtain expected charges in time to meet the 1‑ and 3‑business‑day delivery deadlines.
• Assemble and deliver a clear, consolidated estimate, including itemized charge disclosure and total expected charges for the period of care.
• Document outreach to co‑providers, decisions about inclusion or separate billing notices, and any revisions issued.

Co‑provider duties

• Respond promptly to convening provider requests with itemized expected charges, relevant codes, NPI/TIN, and service location.
• Notify the convening provider when changes arise that could affect the estimate, enabling timely updates to the patient.

Coordination best practices

• Standardize request templates and deadlines for co‑provider coordination.
• Maintain rosters of typical co‑providers by procedure to accelerate outreach.
• Track responses and retain correspondence as compliance documentation.

Patient-Provider Dispute Resolution Process

Patients may challenge bills that significantly exceed their GFE through a federal patient‑provider dispute resolution process. Clear instructions on the GFE help patients navigate this option and reduce confusion.

Eligibility and timing

• Trigger: billed charges for the same provider/facility and period of care are substantially higher than the GFE (commonly referenced as a difference of at least $400 for an item or service).
• Deadline: the patient must initiate the dispute within 120 calendar days of the first bill for the disputed charges.

How the process works

• The patient submits a copy of the GFE, the bill, and supporting information to the dispute resolution process and pays a modest administrative fee (amount subject to periodic updates).
• An independent reviewer requests documentation from the provider; you must supply records that justify the variance (for example, unforeseen clinical complexity).
• The reviewer determines the amount the patient owes based on the GFE and any credible, documented reasons for deviation. Overpayments are adjusted or refunded accordingly.

Provider responsibilities during a dispute

• Designate a point of contact, pause collection efforts on the disputed portion when feasible, and cooperate promptly with document requests.
• Use outcomes to refine estimates, coding practices, and co‑provider coordination to prevent repeat issues.

Record Retention and HIPAA Compliance

Retain GFEs, revisions, delivery confirmations, and related communications for at least six years. This aligns with common federal record‑retention expectations and supports audit readiness.

Where and how to store

• Store the GFE in the patient’s designated record set or link it clearly to the encounter so it is retrievable alongside patient medical records.
• Index estimates by service date and period of care to simplify updates and dispute response.

HIPAA Privacy Rule touchpoints

• Process patient requests for copies of GFEs like other designated record set requests—timely, secure, and documented.
• Apply reasonable safeguards to electronic transmission; obtain and document patient preferences for unsecured data transmission when requested.

Compliance documentation and oversight

• Maintain written policies, templates, and staff training logs covering when GFEs are required, timelines, delivery methods, and dispute‑handling.
• Conduct periodic quality checks comparing billed charges to GFEs to spot outliers and update estimating assumptions.

Key takeaways

• Deliver complete, comprehensible, and timely GFEs to every uninsured or self‑pay patient who schedules or requests one.
• Coordinate early with co‑providers, and document your process from estimate creation through delivery and any revisions.
• Retain all GFE records and communications for six years and honor patient preferences under the HIPAA Privacy Rule.

FAQs

What information must a Good Faith Estimate include?

Include patient name and date of birth; your name, NPI, TIN, and service location; a plain‑language description of the primary service and related items/services; relevant diagnosis and service codes when known; itemized expected charges and a total for the period of care; anticipated service dates or timeframe; and required notices about possible variances, separate billing by co‑providers, and the patient’s right to use the dispute resolution process.

How soon must a Good Faith Estimate be provided after scheduling?

If the service is scheduled at least 10 business days ahead, provide the GFE within 3 business days of scheduling. If it is scheduled at least 3 business days ahead (but fewer than 10), provide it within 1 business day. If the patient requests a GFE without scheduling, provide it within 3 business days of the request.

What is the process for disputing a Good Faith Estimate?

If billed charges for the same provider/facility and period of care substantially exceed the GFE (commonly by $400 or more for an item or service), the patient can initiate a federal dispute within 120 calendar days of the first bill. An independent reviewer evaluates documentation from both sides and sets the payable amount, considering the GFE and any well‑documented, unforeseen clinical factors.

How long must providers retain Good Faith Estimates?

Retain GFEs, any revisions, delivery confirmations, and related correspondence for at least six years. Store them with or clearly linked to the patient’s medical record to support access requests, audits, and effective compliance documentation.