Clinics Exempt from Red Flags Rule
The President recently signed “red flags” legislation that makes doctors exempt from the anti-identity theft requirements and safeguards that banks and other creditors must follow.
This amendment to the Fair Credit Reporting Act is primarily a definition of the term “creditor.” Confusion over the definition of “creditor” resulted in a Federal Trade Commission position that physician practices and other small professional service businesses would need to comply with the same regulation that calls for banks and creditors to have written procedures in place to prevent, identify and mitigate identity theft and to train staff to follow those plans. With the new legislation and clarification, compliance is no longer necessary.
Federal Trade Commission Delays Red Flag Rules
The Federal Trade Commission (FTC) says that it will further delay enforcement of the “Red Flag” rules until November 1. The rules were to go into effect August 1.
Therapists who provide services to patients without requiring those patients to pay in full at the time of service will need to comply with Federal Trade Commission (FTC) Red Flag rules.
Red Flag rules require the development of a written Identity Theft Prevention Program. Medical identity theft refers to situations when someone uses a person’s name and other parts of their identity, such as insurance information, without the person’s knowledge or consent to obtain medical services or goods.
For more information and resources, go to APTA’s Identity Theft Web page or visit our blog post from July.
Red Flag Rule Enforced Effective August 1, 2009
Therapists who provide services to patients without requiring those patients to pay in full at the time of service will need to comply with Federal Trade Commission (FTC) “Red Flag Rules.” We blogged back in April that practices would need to comply with these rules effective May 1, 2009. It’s important to know, now, that — effective August 1, 2009 — the FTC will begin to enforce this rule.
Red Flag rules require the development of a written Identity Theft Prevention Program. Medical identity theft refers to situations when someone uses a person’s name and other parts of their identity, such as insurance information, without the person’s knowledge or consent to obtain medical services or goods.
The FTC has posted an article called “The ‘Red Flags’ Rule: What Health Care Providers Need to Know About Complying with New Requirements for Fighting Identity Theft,” by Steven Toporoff. The article covers off on
- Who Must Comply
- Spotting Red Flags
- Setting Up Your Identity Theft Prevention Program
- What’s At Stake
We suggest that a representative from your facility reads the article to come up to speed on compliance with this rule.
Red Flag Rule Becomes Effective May 1, 2009
Physical therapists and other providers who provide services to patients without requiring those patients to pay in full at the time of service will need to comply with new “Red Flag Rules” on May 1.
Red Flag rules require the development of a written Identity Theft Prevention Program. Medical identity theft refers to situations when someone uses a person’s name and other parts of their identity, such as insurance information, without the person’s knowledge or consent to obtain medical services or goods.
The Federal Trade Commission (FTC) has indicated that these rules will apply to physicians, other health care professionals, and providers.
With the May 1 deadline fast approaching, the American Medical Association has requested the FTC to suspend application of the red flag rules to physicians and other health care professionals.
Source: American Physical Therapy Association’s PT Bulletin Online, current issue.
A copy of the FTC letter on the red flag rules is available at http://www.ftc.gov/os/closings/staff/090204amaresponse.pdf