 |
Red Flag Rules: Does a Medical Practice Need Protection?
Once again, the Federal Trade has postponed implementation of the Red Flag Rules. As a reminder, back in November 2007, the FTC issued a set of regulations requiring organizations to have in place “reasonable policies and procedures” to identify, detect and respond to identity theft. Much discussion has surrounded whether medical practices were subject to the proposed rules in an attempt to clarify whether physicians are deemed “creditors.” The American Medical Association questioned the FTC about applicability to medical practices and as a result, the FTC delayed implementation until June 2010. According to the FTC, the application of these Red Flag Rules encompasses any institution considered a creditor. The definition the FTC is using of a creditor is “any person who regularly extends, renews, or continues credit; any person who regularly arranges for the extension, renewal, or continuation of credit; or any assignee of an original creditor who participates in the decision to extend, renew or continue credit.”
Under the definition, medical practices that accept insurance or allow payment plans are subject to the rule.
While the implementation date has been pushed back, practices are encouraged to consider implementing the sample policies provided by the AMA. If a practice which extends credit by allowing a deferred payment until the services are rendered and the insurance is collected does not have policies in place by June 1, 2010, they may be subject to a penalty of up to $2,500 for each violation. Medical practices may incorporate the sample polices provided by the AMA into their existing compliance and HIPAA security and privacy policies which will demonstrate that a reasonable effort has been made to comply with the spirit of the Red Flag Rules. The rules differ from HIPPA security and privacy rules by covering additional sensitive information. Examples of this information include:
The FTC has identified the following examples of red flags (patterns, practices, or account activities that identify, detect and response to identity theft):
Each medical practice should educate the appropriate personnel to be aware of these examples in order to follow a reasonable practice related to the rules. In anticipation of implementation, medical practices should be prepared now to be compliant by June 2010.
HORNE is one of the top 50 accounting and business advisory firms in the country, as reported by both Public Accounting Report (PAR) and INSIDE Public Accounting (IPA), and one of the top 10 accounting and business advisory firms in the Southeast. With 13 offices in Mississippi, Tennessee, Alabama, Louisiana, Arizona and Texas, the firm has more than 475 team members serving clients across the nation. For more information on HORNE LLP, visit www.horne-llp.com.
Ken Bonin, CPA, is a health care reimbursement manager in health care services for HORNE LLP.
David A. Williams, CPA, FHFMA, is a partner at HORNE LLP and serves as the leader of health care reimbursement and advisory services. He also serves as chairman of HORNE’s personnel committee. Tags:NoneBookmark:
|
Digg
Facebook
Technorati
Newsvine
Google| Google Ad Blocks |
 |
| Add our RSS Feed |
 
|
| Copyright © and Trademark ™ 2008 All Rights Reserved Copyright Statement | Privacy Statement | Terms of Service |
