Healthcare Unexpectedly Subject to FTC ID Theft Rules

Share Article

Many Healthcare Organizations Are Unprepared for Nov. 1 Deadline - Melamedia Audio Seminar Provides Compliance Recommendations on Red Flag Rules

Many healthcare organizations are not aware that they will come under Federal Trade Commission (FTC) authority as a result of identity theft rules that were once thought to only apply financial institutions and other lenders.

The so-called "Red Flag" rules require any organization - including non-profits and government agencies not traditionally subject to FTC jurisdiction -- that does not require payment at the time it provides service to establish and maintain a program to spot and address possible ID theft.

This interpretation by the FTC has surprised healthcare organizations and many others, who thought that the regulations under the Fair and Accurate Credit Transactions Act -- a law aimed at financial institutions, credit reporting agencies and others who provide financing for products or services - did not apply to healthcare providers.

In recent weeks, the FTC has signaled that the law's requirements now apply to anyone business or organization that that does not get paid in full in advance or at the time of a purchase or service.

That means most healthcare organizations as well as nonprofits and government agencies are subject to the requirements.

With a Nov. 1 deadline to have a compliance plan in place, healthcare organizations must take action now.

To assist healthcare organizations meet these new mandates, Melamedia, LLC, publishers of Health Information Privacy/Security Alert is sponsoring an Oct. 30 audio seminar:


Participants will be briefed on:

** Why the Red Flag Rules apply to healthcare;
** What the Red Flag rules require;
** Under what circumstances healthcare organizations must comply with the rules;
** Practical steps to take to comply with the Red Flag rules;
** Areas of HIPAA compliance that may provide some compliance coverage; and
** The outlook for enforcement.

Who should attend:

** Privacy Officers
** Security Officers
** Billing Professionals
** HIM Professionals
** Healthcare Providers
** Hospitals
** Health Insurers
** Third Party Administrators
** Pharmacies
** Healthcare Attorneys and Consultants
** Government Health Services Officials
** Researchers Who Require Patient Payment for Any Service Provided in Clinical Trials

The Faculty

Robert Gellman, JD, a is privacy and information policy consultant in Washington, DC, and co-author of Red Flag and Address Discrepancy Requirements: Suggestions for Health Care Providers, produced by the World Privacy Forum. He served as a member of the National Committee on Vital and Health Statistics (NCVHS) from 1996-200. From 1977 to 1994, he served as a staff member and Chief Counsel of the House Government Operations' Subcommittee on Information, where he was responsible for the panel's information policy activities, hearings, oversight, legislation, and reports on general privacy matters, Freedom of Information Act, Privacy Act of 1974, health privacy, collection and dissemination of electronic data and security classification.

Gerald "Jud" DeLoss, JD is vice chair of the American Health Lawyers Association's Health Information & Technology Practice Group and a principal at Gray Plant Mooty, where his practice focuses on representing medical providers in Health Information Technology (HIT), HIPAA, medical staff credentialing, fraud and abuse, transactions, and regulatory compliance

Thursday, Oct. 30, 2008
1 pm - 2:30 pm Eastern

To register, Visit
call 703.704.5665

Contact: Dennis Melamed


Share article on social media or email:

View article via:

Pdf Print

Contact Author

Visit website