mgma.com > Legistation, Regulation and Advocacy > Compliance > Federal Trade Commission's Red Flags Rule

Federal Trade Commission's (FTC) Red Flags Rule

Update on the Fed Flags Rule
MGMA and others filed a motion to intervene in a lawsuit pending against the FTC relating to the Red Flags Rule
Aug. 18, 2010 

As a result of requests by several Members of Congress, the FTC is once again delaying enforcement of the Red Flags Rule until Jan. 1, 2011. 

As part of the FTC's implementation of the Fair and Accurate Credit Transactions (FACT) Act of 2003, most medical providers would have needed to comply with the Red Flags Rule by June 1, 2010. The rule requires "creditors" – which the FTC defines to include most healthcare providers – to establish a program to prevent identity theft in their practices.

Free 30-minute Red Flags Rule Webinar

• Learn the requirements of the Red Flags Rule, including definitions of key terms
• Review guidance from the FTC to help you comply
• Get a list of helpful resources from MGMA 

Prep Your Practice for Jan. 1, 2011

• Read the Red Flags Rule Summary
  Get the background and the basic requirements of the rule, including guidance from the FTC in its appendix to the rule.
  
  
• The FTC's Web site is dedicated to Red Flags guidance. The FTC's Feb. 4, 2009 letter  also provides an indication of how the FTC sees the rule affecting healthcare providers. Have questions? Contact the FTC at redflags@ftc.gov.
  
  

  Fighting Fraud with the Red Flags Rule: A How-To Guide for Businesses

  Complying with the Red Flags Rule: A Do-It-Yourself Prevention Program for Businesses and Organizations at Low Risk for Identity Theft
  
  FAQs

• Sample procedures in MGMA format
  To get you started as you adapt various identity theft prevention procedures into MGMA format. This is not to be taken as a complete compliant program. As you develop your program, we recommend you consult the MGMA summary, the FTC’s Web site, Appendix A, and the AMA sample policy.
  Updated: Oct. 23, 2009 
  
  
• Red Flag Alert Resource Guide
  Buy a complete set of downloadable documents for your practice, including a detailed analysis, a sample board resolution approving the identity theft program, sample staff training slides and others. Published by the American Health Lawyer's Association. MGMA members get the AHLA's member price of $99.
  
  
• American Medical Association (AMA) identity theft prevention, detection and Red Flags Rule compliance   
  Sample policy available to MGMA members by the AMA
  
  
• What you need to know about the Red Flags Rule
  The physician perspective on Red Flags, available to MGMA members by the AMA
  
  
• Complete text of the Red Flags Rule (including Appendix A)
  
  
• Complete multi-agency Federal Register issuance on the Red Flags Rule, including commentary, text of the rule, and Appendices (59 pages)

Red Flags Rule Advocacy 

MGMA is still concerned about how this rule applies to healthcare providers and objects to the FTC's late notification that providers are considered "creditors." As a result of the late notification, the healthcare community was not able to provide meaningful comments to the agency on the rule, which is normally the case in the rulemaking process. We will continue our advocacy efforts on this issue.

• Coalition letter to the FTC objecting to its interpretation of "creditors"
  Feb. 23, 2009
  
  
• FTC's letter reasserting its position that healthcare providers are "creditors"
  Feb. 4, 2009
  
  
• FTC notice of the Red Flag rules enforcement delay
  Oct. 22, 2008
  
  
• Coalition letter asking for clarification of the FTC Red Flags rules application
  Sept. 24, 2008