Small Providers May Not Have to Deal With Red Flags Rule
Congressmen filed a bill October 8 that would exempt a healthcare practice with 20 or fewer employees from the FTC's Red Flags Rule requirement.
The Red Flags Rule, which will be enforced starting November 1, 2009, requires healthcare entities considered to be "creditors" to implement an identity theft prevention program.
Further, the bill, filed by John Herbert Adler (D-NJ), Paul Collins Broun, Jr. (R-GA), and Mike Simpson (R-ID), lets off the hook an entity that:
- Knows all of its customers or clients individually
- Only performs services in or around the residences of its customers
- Has not experienced incidents of identity theft and identity theft is rare for businesses of that type
The FTC would determine if a business meets these criteria.
But some industry experts do not think the new bill is a necessary addition to the rule.
Chris Apgar, CISSP, president, Apgar & Associates LLC, in Portland, OR, says healthcare entities should already have an identity theft prevention program in place.
Frank Ruelas, director of compliance and risk management at Maryvale Hospital and principal, HIPAA Boot Camp, in Casa Grande, AZ, says it does not make sense because it affects a great number of physician offices.
"This was most concerning because in isolation, it may sound like it makes sense to base exclusions on the number of employees in a particular healthcare practice," Ruelas says. "But with a bit more analysis, this exclusion has a sweeping effect on an industry level when speaking of primacy care physicians where most people receive their medical care."
Ruelas adds he does not "see a correlation between the objective of the Red Flag Rules and the size of an organization, which would support smaller organizations to be excluded."
- Primary Care Docs Average More Hospital Revenue Than Specialists
- 69% of Employers Plan to Offer Healthcare Coverage After 2014
- Building a Better Healthcare Board
- Q&A: Catholic Health Initiatives' New Senior VP for Capital Finance
- CMS Seeks to 'Rapidly Reduce' Medicare Spending with $1B in Grants
- Quiet ORs Better for Patient Safety
- CMS Releases Hospital Pricing Data
- Evidence-Based Practice and Nursing Research: Avoiding Confusion
- Hospital Pricing Data Dump Won't Hurt You, Yet
- Telemedicine is Retail Health Clinics' Newest Tool