Identity Theft
&
The AMA
As discussed previously on this site, FACTA legislation and Disposal Rule has been in place since 2005. The additional Red Flag's Rule was added and began to be enforced in the fall of 2007. The increase in publicity recognizing the prevalence of Identity Theft, the #1 white collar crime in America, has brought the importance of protecting your own identity as well as those you do business with. Regardless of the career path your business follows, it is imperative that you provide protection to your clients, customers and in the case, your patients.
In defense of ALL businesses that state they are not aware of the definition of "creditors" made by the FTC, general information may have been advantageous for these companies to become aware of their necessity to abide by the rulings of the Red Flag's Rule.
On the other hand, I will tell you that I and many, many others have been out in the business community speaking to many business owners, including medical clinics and physicians about FACTA, the Disposal Rule and the Red Flag's Rule for approximately 2 years. The general consensus that we have encountered is the flat denial that THEIR business needs to abide by these rulings. This denial has caused an extension of the deadline of November 1, 2008 to May 1, 2009 a mere few weeks away. The last letter written by Betsy Broder of the FTC states that another extension is not being considered. A copy of this statement can be reviewed HERE. The final ruling and definition of "creditor" as defined by the Equal Credit Opportunity Act is:
by Alexei Alexis.
The ECOA defines "creditor" as "any person who regularly extends, renews or continues credit; any person who regularly arranges for the extension, renewal or continuation of credit;or any assignee of an original creditor who participates in the decision to extend, renew or continue credit." "Credit", in turn, is defined by the ECOA as "the right granted by the creditor to a debtor to defer payment of a debt or to incur debts and to defer its payments or to purchase property or services and defer payment therefor." The agencies concluded that the plain language of the statute covered all entities engaged in the provision of credit, as broadly defined by the ECOA, and does not permit industry-based exclusions.
The biggest argument at first was the AMA stating that physicians already have to comply with HIPAA legislation and that is adequate, therefore, physicians do not have to fulfill the requirements of the Red Flag's Rule. The Red Flag's Rule addresses another area that needs to be protected, the personal identity of employees as well as clients, customers or patients. Both Acts address privacy, although different types of privacy and different types of information. Although many times in the medical community, this information may overlap, this does not exclude the fact that personal information is routinely treated the same as medical information.
Last letter from Michael D Maves, MD of the AMA 3/9/09
Another concerns stated by the AMA is the added cost of implementing the necessary requirements set forth in the Red Flag's Rule to protect the information they have gathered from Identity Theft. Since I am aware of the many of the requirements needed, many are easily implemented and common sense approaches. Additional requirements can be fulfilled at NO COST to the physician or the clinic. I have personally found companies that charge anywhere from $899 to $5000 for what I and others can do at no cost. After also researching what this other company does, we far exceed what they help to put in place. Our customer service is second to none!!!
For more information on how I can assist your clinic to fulfill some of the requirements at NO COST to your facility.
BACK
