An Explanation of Benefits (EOB) is a statement an insurer sends to the policyholder after processing a claim. It shows the date and place of service, the provider name, the procedure codes, the amount the provider charged, the amount the insurer paid, and the patient's share. It is not a bill — the bill comes from the provider.

Is an EOB the same as a medical bill?

No. The EOB is the insurer's summary of how a claim was processed. The bill is what the provider sends asking for the patient's share. The EOB usually arrives first; the bill follows separately.

When does an EOB get sent for STI testing?

Whenever insurance is billed for an STI test, the insurer processes a claim and generates an EOB. Free public clinics and cash-pay testing don't bill insurance, so no EOB is created.

Can the EOB show what test I had?

Often yes. EOBs include CPT or HCPCS procedure codes that identify the service. Even when codes are non-specific (e.g., 'lab work'), the combination of provider type, location, and date is usually enough for someone to infer the visit type.

How do I suppress an EOB for sensitive services?

Submit a HIPAA §164.522 confidential communications request to your insurer asking that EOBs about sensitive services be sent only to you (alternate address, phone, or electronic-only). Some states (CA AB 1184, CO, MD, MA, NJ, NY, OR, WA) reinforce this with state law.

Definitional guideLast updated: May 6, 2026

What is an EOB for STD testing?

An Explanation of Benefits is the document that often discloses an STI test to whoever holds the insurance plan. It’s not a bill — it’s a summary the insurer sends to the policyholder after a claim is processed. Knowing what’s on it (and how to suppress it) is the foundation of insurance-related testing privacy.

Short answer

Definition: the EOB is the insurer’s post-claim summary, mailed or posted to the policyholder. Not a bill — the bill comes from the provider.
What it shows: date, place of service, provider name, procedure codes, charged amount, covered amount, your share. The combination is usually enough to identify the visit type.
When it’s sent: whenever insurance is billed. Cash-pay and free-clinic visits don’t generate one.
How to suppress one: file a HIPAA §164.522 confidential communications request, or use a cash-pay route to skip insurance entirely.

EOB vs bill vs claim summary

These three documents are related but distinct. Mixing them up is the most common source of confusion.

Document	Sent by	Purpose
Explanation of Benefits	Insurer	Summary of how a claim was processed; sent to the policyholder. Not a request for payment.
Medical bill	Provider	Asks the patient to pay their share. Arrives after the EOB.
Member portal claim	Insurer	A real-time entry visible inside the insurer’s online portal. Often shows the same information as the EOB.

What an EOB actually shows for an STI test

A typical STI-testing EOB will include:

Date and place of service (clinic, lab, or telehealth platform)
Provider or facility name (sometimes a parent organization, sometimes the specific clinic)
CPT codes for the test — e.g., 87491 (chlamydia NAAT), 87591 (gonorrhea NAAT), 86703 (HIV antibody), 86592 (syphilis screen)
Diagnosis codes (Z-codes for screening, or specific ICD-10 codes if treated as diagnostic)
Charged amount, allowed amount, plan paid, member responsibility

Even when the procedure code is generic, a sexual-health clinic name plus a Friday-evening date is often enough to identify the visit. Privacy from an EOB usually means stopping the EOB from being delivered, not hoping the codes are vague.

When an EOB is generated — and when it isn’t

Scenario	EOB generated?
Used insurance at clinic	Yes
Used insurance for at-home kit	Yes (if the kit billed insurance)
Cash-pay lab (Labcorp OnDemand, STDcheck, etc.)	No claim filed, no EOB
Free or sliding-scale Title X / county clinic	Usually no — clinic absorbs the cost
Medicaid (varies by state)	Often no traditional EOB; check plan-specific notices
Telehealth visit billed to insurance	Yes — visit + any ordered labs each generate claims

How to suppress an EOB for sensitive services

Submit a HIPAA §164.522 confidential communications request to your insurer. Specify the alternative communication channel: a different mailing address, your direct phone, your direct email, or electronic-only delivery. You don’t need to give a reason. Most insurers have a form on the member portal; if not, call member services and ask.
Submit it before the visit. Once a claim has been processed and an EOB mailed, retroactive suppression is harder.
Check for state-law overlay. California (AB 1184) makes the protection automatic for sensitive services. Colorado, Maryland, Massachusetts, New Jersey, New York, Oregon, and Washington reinforce the federal right with stronger or more explicit state statutes.
If you don’t want to depend on the request being honored, pay cash. No claim, no EOB.

Source: HHS HIPAA Privacy Rule guidance.

Get a personalized answer for your situation

Three questions — state, who holds the plan, whether you’ll bill insurance — and we tell you exactly how exposed an STI test would be on the EOB and what to do about it.

Open the privacy check tool →

Sources: HHS HIPAA Privacy Rule · California AB 1184 · CMS HCPCS coding.

This page is a decision aid — general information, not medical advice. See methodology for how we rank options.

Found this useful? Pass it on.