HIPAA Blog

[ Thursday, October 15, 2009 ]

 

RED FLAGS UPDATE:
In case you're following the Red Flags issue (the latest FTC compliance date was shifted to November 1), here's some big, big news: The House Financial Services Committee has quickly (and without Republican objection) moved forward a bill that would fully exempt healthcare, legal, and accounting firms with fewer than 20 employees from the definition of "creditor" under the Red Flags Rule. It will also allow any company to seek an exemption directly from the FTC.

You can read below (and here, here and here) some of my other posts, but the gist is this: The FTC passed rules required by Congress under FACTA that require financial services companies and "creditors" to adopt identity theft prevention programs designed to spot "red flags" indicating that a customer may be a victim of identity theft. "Creditors" is broadly defined, so the AMA wrote a letter to the FTC asking for clarification that doctors aren't "creditors" generally. The FTC wrote back and said almost all doctors are, which started a war of words between the FTC and the AMA (and a bunch of other physician organizations), but which also led the FTC to serially delay the effective date of the Red Flags Rule. Further, the ABA took a more direct route, suing the FTC to remove lawyers from the definition of "creditors." As far as I know, the AICPA has sat on the sidelines, figuring they'll get the benefit of the efforts of the doctors and lawyers.

This Congressional action will settle the matter for small practices of lawyers, doctors and accountants, but won't impact the issue for larger organizations. It will be interesting to see if conceding the fight for the majority of AMA members will cool the AMA's lather; I don't suspect this will have any impact on the ABA lawsuit.

UPDATE: the bill to limit the applicability of the Red Flags Rule to companies with 20 or more employees has passed the House. However, there's no companion legislation in the Senate at this time, so it might just die where it is.

UPDATE 2: should've mentioned that it passed the House 400-0. Can't they get someone in the Senate to pick it up?

Jeff [9:48 AM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template