Red Flags Rule is instituted by the FTC and it is designed to protect against identity theft. The rule will take effect on November 1, 2009. It sets out how physicians’ offices, clinics and hospitals assess and identify medical identity theft. This occurs when a person uses another person’s personal information (Name, Social Security Number or insurance information) without the victim’s consent to obtain medical services. As defined by the FTC, “Red Flags” are suspicious patterns or practices that indicate the possibility of identity theft.
Physicians and medical practices are covered under the rule if it is a “creditor” that offers or maintain “covered account”. FTC classifies physicians and medical practices as “creditor” because they extend credits to patients when they bill them and do not collect at the time of service. Patient billing account is considered a “covered account” because it permits multiple payments and it carries a reasonably foreseeable risk to patients.
Four steps to developing a Red Flag compliant program:
Steps physicians and medical practices can do to prevent a compromise of patient record:
After the Red Flags Rule take effect on November 1 of this year, physicians and medical practices must keep their program updated and to guard against latest threats. Physicians who fail to comply could face a fine of up to $2,500 per identity theft incident. Physicians may even face a lawsuit as well.
Resources to learn more about Red Flags Rule:
The AMA-American Medical Association has prepared a guidance document, along with sample policies to help physicians incorporate a simple identity theft prevention and detection program into their existing compliance and HIPAA security and privacy policies. You can visit The AMA website to access these documents to access these documents.
About Medvertex Client Education Center
Medvertex Client Education Center (CEC) was developed to assist and educate our current and future clients to be good stewards of their clinics’ business and financial health. Our CEC has a library of articles on wide spectrum of topics, tools, processes, latest updates on insurance and government regulations. For more information, please email our Client Education Center at cec@medvertex.com.