Revenue Cycle Management
COVID-19
Reimbursement
Diabetes Awareness Month
Risk Management
Patient Retention
Staffing
Medical Economics® 100th Anniversary
Coding and documentation
Business of Endocrinology
Telehealth
Physicians Financial News
Cybersecurity
Cardiovascular Clinical Consult
Locum Tenens, brought to you by LocumLife®
Weight Management
Business of Women's Health
Practice Efficiency
Finance and Wealth
EHRs
Remote Patient Monitoring
Sponsored Webinars
Medical Technology
Billing and collections
Acute Pain Management
Exclusive Content
Value-based Care
Business of Pediatrics
Concierge Medicine 2.0 by Castle Connolly Private Health Partners
Practice Growth
Concierge Medicine
Business of Cardiology
Implementing the Topcon Ocular Telehealth Platform
Malpractice
Influenza
Sexual Health
Chronic Conditions
Technology
Legal and Policy
Money
Opinion
Vaccines
Practice Management
Patient Relations
Careers

Legislation: FTC delays enforcement of ID theft regulations

November 26, 2008

Article

Last month many physicians received a reprieve from the federal government ? and most probably didn?t even realize it.

Last month many physicians received a reprieve from the federal government – and most probably didn’t even realize it.

In October, the Federal Trade Commission delayed enforcement from Nov. 1, 2008, to May 1, 2009, of its so-called “red flags” rules, which require creditors to establish a written program for combating identity theft. In a controversial move, the FTC has defined most physicians as “creditors,” drawing fire from the American Medical Association and other medical groups, who argue that the FTC is too broadly defining the term.

The red flags rules are based on legislation that defines a creditor as “any person who grants the right to defer payments,” says Naomi Lefkovitz, an attorney in the FTC’s division of privacy and identity protection. Using this definition, the red flags rules would apply to physicians who accept payment, either in part or in full, at a time after they provide medical services to patients.

Under the red flags requirements, creditors must create a written program listing warning signs for ID theft, how they’ll detect those threats, and how they’ll respond, Lefkovitz says.

According to the AMA, typical medical ID theft warning signs physicians should be on the lookout for include:

Records showing medical treatment that is inconsistent with a patient’s history

Suspicious documents, such as a forged insurance card

A patient who has an insurance number but no card or documentation

Unusual billing patterns

The FTC delayed its enforcement of the red flags rules because there was “lots of confusion” about the rules among “entities not accustomed to being regulated by the FTC,” Lefkovitz says. Once the rules take effect, the FTC will have the right to fine violators $2,500 per offense. The agency typically learns of violations through consumer complaints, but it also may launch its own investigations, she says.

In a letter sent to the FTC in October, the AMA and 26 other medical organizations said they “strongly disagreed” with the FTC’s decision to define physicians as creditors. “Physicians should not be considered creditors simply because they accept insurance and hold the patient responsible for the amount(s) unpaid by insurance,” the letter states.

Lefkovitz says the FTC has “no response” to the AMA’s statements.

Mike Brown, CHBC, a practice management consultant with Health Care Economics in Indianapolis, says few doctors he’s spoken with recently are aware of the red flags rules. “No one is worried about this or even mentions it,” he says via e-mail.

Hospitals apparently aren’t paying much attention, either. In a survey of 100 hospitals, 91 said they’re not compliant with red flags rules, 73 were surprised to find out the rules applied to them and 60 said it would cost them more than $10,000 to comply. The survey was conducted by Compliance Coach, a San Diego-based compliance software developer.