The
Red Flag Rule implementation, originally scheduled
for May 1, 2009, has again been extended by the Federal
Trade Commission (FTC) to
December 31, 2010. Red Flag Rules
require all financial institutions and creditors,
including physician offices, to
design and implement a compliance policy appropriate
to their size and complexity.
To assist small businesses
and other entities, the Federal Trade Commission
staff will redouble its efforts to educate them
about compliance with the "Red Flags" Rule and ease
compliance by providing additional resources and
guidance to clarify whether businesses are covered
by the Rule and what they must do to comply.
To give creditors and financial institutions more
time to review this guidance and develop and
implement written Identity Theft Prevention
Programs, the FTC will delay enforcement of
the Rule until December 31, 2010.
The extension,
coupled with this new guidance, should enable
businesses to gain a better understanding of the
Rule and any obligations that they may have under
it. These steps are consistent with the House
Appropriations Committee’s recent request that the
Commission defer enforcement in conjunction with
additional efforts to minimize the burdens of the
Rule on health care providers and small businesses
with a low risk of identity theft problems.
The Duval County Medical Society (DCMS) has
developed a guidance document outlining the
requirements of the red flag rule, as well as
provided a sample policy recently released by the
American Medical
Association. To download the file,
click here.
If you have any questions,
please contact DCMS Executive Director Jay Millson
at (904) 355-6561 or via email at
dcms@dcmsonline.org
Related Links:
The “Red Flags” Rule:
What Health Care Providers Need to Know About
Complying with New Requirements for Fighting
Identity Theft, on the
Federal Trade Commission website.
