« aspirin all around | Home | will work for health insurance »
the red flag rules
By | April 8, 2009
i just found out i’m a “financial institution”! little old me! somehow, it doesn’t make me feel more important.
it turns out the federal trade commission has a rule – in place since 1/1/2008, but not enforced until, well, right about now – requiring doctors, who are now defined as “financial institutions and creditors,” to check photo IDs of their patients. why? to prevent identity theft.
according to the FTC website, physicians, since they are financial institutions and creditors who provide services and collect a copay (or bill the patient in full or in part), must develop, implement, and regularly update a formal identity-theft red-flag-identification program. they suggest checking a “government-issued” photo id for each encounter, and also suggest that one might want to run a credit check on the id holder too.
apparently the AMA complained, saying that doctors are not financial institutions and creditors. the FTC replied, oh yes they are. the AMA also complained that the HIPPA privacy rules in place already protect patient’s identities; the FTC said, not their financial identities. the AMA also complained that the doctor community was not informed of this new law. the FTC said, too bad.
the red-flag rules are mainly going to confront patients who go to large medical groups where the doctors, or the front-desk people, don’t know them well. in that setting, every patient may be a potential identity thief – not because of who they are particularly, but just because the institution is too big to recognize them as individuals.
what if a doctor has a small, personal practice, and no front desk people at all? the law, which assumes that every medical practice is a semi-anonymous patient-processing plant, still applies. you’d better set aside a weekend to nail down your red flag rules. a kindly law firm offers a free template showing you how.
if a doctor is found to be “noncompliant,” in other words, without a written 4-part plan, implemented and updated “to respond to emerging threats”, they are subject to a fine of $2,500 for each time they “extended credit”. if they had already received a “regulatory warning” and are still not compliant, the fine is $11,000 “per incident.” states can add on their own penalties.
identity theft is bad, and makes a victim’s life a living hell; everyone is against identity theft. however, i don’t think patients will appreciate having a background check, and presenting a photo id with a correct current address and a photo that matches their current appearance, when they go to a doctor; they will presume that suspicion will only fall on the other guy, not their honest selves. it’s an extension of the mentality behind school and workplace drug testing, that “the innocent have nothing to fear,” which some would use to supplant “innocent until proven guilty.” don’t even get me started on the appropriation of the word “identity” to refer only a person’s credit history.
the good news is, the vast majority of doctors have no idea that this rule exists.
Topics: Uncategorized | 1 Comment »
April 25th, 2009 at 5:54 pm
MLK uses a term called “phobiaphobia” which means fear or fear.
I think that is where we are headed. Thank GOD their are ideal docs like you are out there to bring us back to our senses! Can’t wait to see you in May!