Healthcare Providers Receive FTC Red Flags Exemption from Congress

On Tuesday, December 7, the House by voice vote joined the Senate in passage of S.3987, the Red Flag Program Clarification Act of 2010. On November 30, 2010, the Senate passed this legislation by unanimous consent. The bill has been cleared to the White House for signature. Healthcare providers as Covered Entities under HIPAA Administrative Simplification, while exempt from FTC Red Flag identity theft detection and protection provisions under S 3987, are not exempt from HIPAA and HITECH Act privacy and security rule obligations to safeguard patient identity data elements that are protected health information (PHI) identifiers.

FTC Delays Enforcement of FTC Red Flags Rule Fifth Time

The original FTC Red Flags Rule compliance date deadline was extended three times from the original date of November 1, 2008, with an expected compliance date of November 1, 2009. Just prior to that date, the FTC extended for the fourth time the deadline for compliance to June 1, 2010. On May 28, 2010, the June 1, 2010, compliance date was extended a fifth time to December 31, 2010.

FTC Delays “Red Flags” Rule for Third Time

The Federal Trade Commission announced a third delay for compliance, from August 1, 2009, to November 1, 2009, for compliance with the identity theft prevention red flags rule. The delay is for another three months. Entities affected are creditors and financial institutions. Healthcare providers that extend delayed payment plans to patients are deemed “creditors” under the red flags rule.

FTC Delays Identity Theft Prevention Red Flags Rule for Second Time

The Federal Trade Commission announced a second delay on Friday, May 1, 2009, for compliance with the identity theft prevention red flags rule. The delay is for three months, with compliance now scheduled for August 1, 2009. Entities affected are creditors and financial institutions. Healthcare providers that extend delayed payment plans to patients are deemed “creditors” under the red flags rule.