REVENEWS ARCHIVE
FTC Delays Red Flag Rules till December 31, 2010
On May 28, 2010, the Federal Trade Commission (FTC) announced it is delaying, for the fifth time, enforcement of the Red Flags Rule. The FTC cited Congressional requests as the cause. FTC officials expressed frustration with the most recent delay that was announced just three days before the June 1 enforcement deadline.
The Rule requires healthcare providers and others deemed by the FTC as “creditors” to develop, implement, and enforce a prevention program that spots the warning signs or “red flags” of identity theft. The FTC says healthcare facilities are “creditors” and covered by the Rule since healthcare providers typically bill patients after providing treatment.
The Rule has been met with resistance and requests for clarification. Lawsuits have been filed by industry associations whose members would be covered. The latest enforcement delay is to give Congress more time to resolve any questions regarding which entities are covered and consider legislation that would exempt some small businesses, including small healthcare providers, from the Rule.
The original enforcement date for the rule was November 1, 2008. This most recent postponement pushes the enforcement date back to December 31, 2010. Although enforcement has been delayed, healthcare providers are required to be in compliance with the law since the rule’s January 1, 2008, effective date.
The FTC said it hopes to begin enforcing the Red Flags Rule as soon as possible and will begin as soon as Congress acts on legislation, even if that action comes before December 31, 2010.
References:
“FTC Delays Red Flag Rule for Fifth Time”, Dimick, Chris. Journal of AHIMA, May 28, 2010