We are reaching out to all our readers in the medical field to alert them about the impending May 1st, 2009 deadline associated with the “Red Flags” Rule enforced by the Federal Trade Commission (FTC), as well as compliance with the Fair and Accurate Credit Transactions Act (FACTA). You may know that in order to fight identity theft (the fastest-growing crime in the U.S.), Congress added new sections to the federal Fair Credit Reporting Act (FCRA) when it passed FACTA in 2003 – in which privacy, limits on information sharing, new consumer rights to disclosure and accuracy are all addressed.
While the American Medical Association (AMA) has sought exemption from compliance for physicians and medical organizations, the FTC recently made it very clear that industry-based exclusions are not allowed. These new provisions have created serious new responsibilities for our physician clients as well as potential liabilities (financial and legal).
What does this mean for our industry? By May 1st, you need to have formal, written procedures in place outlining how you plan to protect the identity of both your own employees and those of your patients.
If you need more information about meeting compliance with these procedures contact us, and we’ll help you out. We can also put you in contact with some of the experts we have been working with to address identity theft protection for own employees.