• Time Running Out on Identity Theft Rules Deadline
  • April 29, 2009 | Authors: Sarah Edelman Coyne; Kerry L. Moskol; Kevin J. Eldridge
  • Law Firm: Quarles & Brady LLP - Madison Office
  • Time is ticking away for health care providers to design and implement an identify theft policy that complies with the Federal Trade Commission’s (FTC’s) Red Flags Rule, which will be enforced starting on May 1.

    And for those of you who were waiting with crossed fingers, in the hope that the FTC would exempt health care providers from the rule, wait no longer. In a February 4 letter to the American Medical Association (AMA), the FTC roundly rejected the AMA’s argument that the rule should not apply to physicians and other health care providers. The FTC wrote that the “plain language and purpose of the Rule dictate” that health care providers are subject to the rule, that applying the rule to providers would reduce medical identity theft and that the rule would impose minimal burdens on health care providers.

    To read more about the Red Flags Rule and how it may affect your company, please read our October 2008 Update.

    For those of you who have not yet developed an identity theft policy, the FTC has published a “How-To” guide for complying with the Red Flags Rule.