Bill Exempts Doctors from FTC's Red Flag Rule on ID Theft

Dom Nicastro, December 9, 2010

The Senate and House have each passed a bill that changes the Red Flags Rule's definition of "creditor" and relieves doctors of complying with the Federal Trade Commission's identity theft prevention law.

The House Tuesday passed the bill—"Red Flag Program Clarification Act of 2010"—less than a week after the Senate approved the bill.

The enforcement date for the rule is Dec. 31, 2010. The FTC said earlier this year on its website that it delayed enforcement at the request of Congress as it "considers legislation that would affect the scope of entities covered by the rule." Compliance date was November 1, 2008.

And now, that very legislation passed this week only awaits a signature from President Obama before becoming law.

The bill calls for changes to the FTC's definition of "creditor." Smaller entities such as physician practices and doctor's offices have long debated they should be let off the hook from complying. Some have filed lawsuits.

Representative John Adler, D-NJ, said in the House debate Tuesday that the purpose of the Red Flag Program Clarification Act "is to limit the type of creditor that must be covered by the FTC's Red Flags Rule."

"When I think of the word 'creditor,' dentists, accounting firms, and law firms do not come to mind," Adler said.

However, he said, the Red Flags Rule as written now requires these types of professions and others to comply.

Dom Nicastro Dom Nicastro is a contributing writer. He edits the Medical Records Briefings newsletter and manages the HIPAA Update Blog.
Facebook icon
LinkedIn icon
Twitter icon