Red Flags Rule Delayed Following Congressional Intervention

Location: Home > Advocacy > Endocrine Insider > 2010 > EI_PAGESET_7/1/10

Endocrine Insider
July 1, 2010

(See full issue)

In November 2007, the Federal Trade Commission (FTC) issued a set of regulations known as the “Red Flags Rule,” requiring certain entities to develop and implement written identity theft prevention and detection programs to protect consumers from identity theft. The FTC has indicated that the rule does apply to physician practices. Following a request from Congress, the FTC agreed to push the compliance date back from June 1, 2010 to December 31, 2010. Congress is still working on legislation to limit the scope of the Red Flags Rule, and rather than begin enforcement of a regulation that Congress plans to supersede, the FTC delayed implementation again. The House unanimously passed HR 3763 in October 2009, which would automatically exempt physician practices with 20 or fewer employees from the Red Flag Rules and allow others to request an exemption. The Senate has not yet acted on the bill.

A federal court may ultimately make the decision as to whether physicians are subject to the Red Flag Rule. The American Medical Association, American Osteopathic Association, and the Medical Society of the District of Columbia filed a federal lawsuit in May 2010 seeking to reverse the extension of this rule to physicians.

The Endocrine Society will continue to work with the AMA and other specialty societies to advocate to the FTC that physicians are not “creditors” and therefore should not be subject to the Red Flags Rule.