In accordance with a request from Congress, the FTC has delayed enforcement of the Red Flags Rule until December 31, 2010. This enforcement extension is necessary in order for lawmakers to finalize the scope of those impacted by the Rule. Should legislation determining the scope of affected entities be passed before the new deadline, the Rules will go into immediate effect.
The Federal Trade Commission has extended enforcement of the Red Flags Rule until June 1, 2010. Enforcement of the rule has been delayed previously as the FTC sought to adequately educate affected corporations and institutions. The Red Flags Rule impacts financial institutions and creditors subject to FTC jurisdiction. According to the Rule, created under the Fair and Accurate Credit Transactions Act, covered entities must develop and implement written policies that aid in identity theft prevention.
In an effort to extend their Red Flags education campaign, the FTC has announced that enforcement on the Red Flags Rule will be delayed until November 1, 2009. This education campaign seeks to educate businesses on whether they are covered by the Rule, and if so, which steps to take in order to be compliant. Small businesses, in particular, had fumbled to grasp whether their risk-based programs were harmonious with the Red Flags Rule.
FTC announced on April 30, 2009 that the enforcement of the Red Flag Rule will be delayed until August 1, 2009. This will allow time for creditors and financial institutions to create and fine tune their identity theft prevention programs. A template has also been developed and will be available soon which will aid companies with a low risk of identity theft.
More information is available from here: http://www.ftc.gov/opa/2009/04/redflagsrule.shtm
On April 17, 2009, HHS issued guidance specifying the technologies and methodologies that render protected health information unusable, unreadable, or indecipherable to unauthorized individuals, as required by the Health Information Technology for Economic and Clinical Health (HITECH) Act passed as part of the American Recovery and Reinvestment Act of 2009. The guidance was developed through a joint effort by OCR, the Office of the National Coordinator for Health Information Technology, and CMS.
On January 1, 2008, the newly-released Red Flags Rule stipulated that certain businesses are required to "spot and heed" the red flags for identity theft. Health care providers, in particular, should be vigilant in monitoring any suspicious activity that may indicate identity thieves have accessed stolen information including social security numbers, birth dates, account numbers, etc. in order to acquire accounts or services. Compliance to the Red Flags rule will be enforced starting on May 1, 2009. Is your organization covered?
With a May 1st deadline for compliance looming, the American Medical Association (AMA) has asked the Federal Trade Commission (FTC) to suspend the application of the Red Flag Rules to physicians and publish a new rule so that physicians have an opportunity to provide comments. In a March 9 letter to the FTC, AMA Executive Vice President Michael D. Maves wrote that the AMA “strongly believes that the FTC did not provide physicians with an opportunity to review and comment on this Rule.”
On May 1, 2009, the FTC's six month suspension of the enforcement of the Red Flag Rules will be lifted. Is your organization's Identity Theft Prevention Program in place? If not, review the requirements at 16 CFR 681 on the MediRegs research portal. If your organization has implemented a program - be sure it passes compliance muster by conducting the Red Flag Rules risk assessments developed by MediRegs for ComplyTrack. Question sets include:
The “Identity Theft Red Flag Rules” (Rules) impose mandatory compliance with the regulations that require financial institutions or creditors to establish (1) protocols on discrepancies between an address requested in a consumer report and the address in the consumer reporting agency's file, and (2) policies and procedures to assess the validity of a change of address.
American Medical News Article on FTC Red Flag Rules
Amy Sorrel of AMNews wrote a recent article discussing the Red Flag Rules and the delayed enforcement: "New Federal Trade Commission regulations to combat identity theft have taken physicians and the health care industry by surprise and prompted the agency to delay enforcement from Nov. 1 to May 1, 2009."
Browse Posts by Category
- AHIMA ICD-10 and Computer Assisted Coding Summit – Our Takeaways
- Navigating the Diabetes Self-Management Training (DSMT) Reimbursement Maze (Webinar Replay)
- The Medical Record – Best Evidence in Response to Audits (Webinar Replay)
- MEGA HIPAA Can Be An Opportunity!
- Compliance and the Hospital Value-Based Purchasing Program
- Beyond HIPAA: Developing Your Information Security Program
- Absorbing the Changes for Behavioral Health
- WK + MEA Partnership
- Maria Bounos from WKLB to co-host ICD10monitor’s Talk Ten Tuesday
- Security Risk Analysis: 12 Steps to Meaningful Results (Webinar Replay)
MediBlog - A Resource for the MediRegs User Group. MediBlog was designed to allow you the opportunity to communicate directly with MediRegs specialists as well as colleagues that work in your field of work.
- March 20, 20135
- March 25, 20135
- March 21, 20135
- March 25, 20135
- April 1, 20134.5
Recent Comments / Archives
you have to bill 80103
24 weeks 4 days ago
- Nice article
25 weeks 4 days ago
- Yes we did, thank you for
45 weeks 2 days ago
1 year 2 weeks ago
- great news for the dms
1 year 7 weeks ago
- Multiple IDE Billing on one claim
1 year 13 weeks ago
- Normal Birth Example
1 year 16 weeks ago
- Billing of Assay Units
1 year 28 weeks ago
- S codes
1 year 29 weeks ago
- Electronic ICD-10-CM and ICD-10-PCS CodeBook
2 years 2 weeks ago