The Federal Trade Commission has postponed the compliance deadline for the Red Flags Rule from Aug. 1 to Nov. 1, 2009, according to a July 29 release from the FTC.
The rule requires that creditors and financial institutions implement programs to identify, detect, and respond to the warning signs, or “red flags,” that could indicate identity theft. Health care providers fall under the ‘creditors’ heading. As HIT professionals well know, identity thieves often target a person’s medical information (such as a Medicare or Medicaid number), with serious consequences for both the legitimate bene and the health care organization involved.
One reason for the delay? The FTC wants to give small businesses more guidance on how to comply with the rule. To determine whether your health care organization falls within the FTC’s ‘low risk’ category,
If you've already signed in and are still seeing this screen, click here to refresh the page.