FTC Delays Red Flags Rule Three Months

UPDATE:  FTC Delays Red Flags Rule Until June



Thanks in part to organized medicine's objections, the Federal Trade Commission (FTC) postponed its " red flags rule " until Nov. 1 to give businesses, including physicians, more time to comply with the anti-identity theft rules. The program, which was to have begun Aug. 1, defines physicians who regularly bill their patients for services (includes billing for copayments and coinsurance) as creditors. The agency thus requires them to develop and implement written identity theft prevention programs for their practices. The programs must identify and respond to patterns, practices, or specific activities known as "red flags" that could indicate identity theft.

TMA, the American Medical Association, and 25 other medical societies believe physicians should not be subject to the rules because they are not creditors. In a letter to the FTC in March, organized medicine expressed several concerns about the rules. They include the FTC defining physicians as creditors, as well as the overlap between this rule and other regulatory requirements already imposed on physicians such as the Health Insurance Portability and Accountability Act (HIPAA). They also say the FTC failed to comply with the Administrative Procedure Act (APA), which requires the FTC to explain its regulatory proposals and give the public notice and a chance to comment.

"The three-month extension, coupled with this new guidance, should enable businesses to gain a better understanding of the rule and any obligations that they may have under it," the FTC said in a July 29 news release . "These steps are consistent with the House Appropriations Committee's recent request that the commission defer enforcement in conjunction with additional efforts to minimize the burdens of the rule on health care providers and small businesses with a low risk of identity theft problems."

The commission also says it delayed the rule to "educate small businesses and other entities" and give them additional resources to comply.

Visit TMA's Identity Theft Compliance resource page and read " Flagging Identity Theft " in the July issue of  Texas Medicine for more information on this topic.

If you have questions or require assistance, contact the TMA Knowledge Center at (800) 880-7955, or e-mail  Shanan Anderson  or call her at (800) 880-1300, ext. 1419, or (512) 370-1419. 


Action , Aug. 3, 2009