Medical and osteopathic associations today sued the Federal Trade Commission for covering them under the Red Flags Rule, which will require them to start verifying their patients' true identities before they agree to treat them. Enforcement begins June 1.
The lawsuit seeks to prevent the FTC from defining physicians as "creditors" whenever they do not require payment in full at the time they provide care, and later bill them, according to the brief filed by the American Medical Association and the American Osteopathic Association and the Medical Society of the District of Columbia, the District Court where the case was filed.
"The worst part is, I think, from a strictly ethical point of view, that you have to approach every new patient with suspicion about their identity," said AMA spokesman Robert Mills. "That violates every precept of the physician-patient relationship; the FTC is asking doctors to violate their role as trusted healer and counselor."
The physician groups say that the rule requires them to set up identity theft prevention and detection programs, which aren't necessary, and said the FTC was "arbitrary and capricious" in extending the application of the law to them. Also, the extension of the Red Flag Rule to doctors would do nothing to improve care, the physician groups say.
Mills says that healthcare providers are already bound by the Health Insurance Portability and Accountability Act, which requires patient information be kept confidential, and several other rules. "So why implement another unfunded mandate to keep medical information secure when it is already confidential?" Mills asks.
Also, the American Bar Association was successful in its litigation to exempt attorneys from having to comply with the rule. "If lawyers are exempted, why are other professionals such as those in healthcare included?" Mills says.
The AMA and several other health provider groups petitioned the FTC in March for a similar exemption, but were not successful.
According to the lawsuit, complying with the Red Flags Rule "imposes significant burdens on physicians, particularly sole practitioners, and those practicing in small groups."
Also it would require physicians to develop a plan to detect red flags, which cannot always be done "on a cookie cutter basis," the lawsuit says. "A plan for a physician who serves in a rural area in which patients are well-known will be different from one for a physician in a large group in a urban area.
"The injuries suffered by the Medical Associations and their members, as well as by the Medical Societies and their members, from application of the Red Flags Rule to physicians cannot be remedied at law and are irreparable."
The physicians' complaint also says that the FTC acted beyond its authority because they are not reasonably considered "creditors" nor are patients "account holders" or "customers" under the Fair and Accurate Credit Transactions Act.
"Creditors," as defined by the FTC, must comply with the rule by implementing an identity theft prevention program that detects "red flags" for potential medical identity theft.