FRONT PAGE : | TECH | Op-Ed Page | About | Advertise | List
THCB UPDATE Get email updates of new posts and industry news.
facebook

May 19, 2009

The Red Flags Rule

By JOHN HALAMKA

HalamkaYou may have seen the recent headlines "FTC delays Red Flags Rule implementation until August 2009". What is the Red Flags Rule and how does it relate to healthcare?

The FTC has a great website that it explains it all in detail.

Basically, the FTC requires most clinical offices, hospitals, and other health care providers to develop a written program to spot the warning signs of identity theft - “red flags”  If a patient's name on a photo ID and on their insurance card do not match, that's a red flag. If a patient visited last week as John Smith but today is Fred Jones, that's a red flag. If patient seems to travel from provider to provider seeking numerous expensive treatments, that's a red flag.

The law was initially designed to cover creditors and it seems odd for healthcare providers to be considered creditors. The FTC defines a creditor as anyone who enables the customer to carry a balance after services are rendered. Unless a clinician asks for payment upfront (all balances not covered by insurance), the clinician is a creditor.

The FTC will be begin enforcement August 1, 2009, so it's important to develop policies and procedures to address red flags in healthcare settings.

What is BIDMC doing?

We are actively working to develop procedures and an educational plan. We created an interdisciplinary group that includes IS, Compliance, Finance, Patient Financial Services, clinicians, Human Resources , Ambulatory Services, Health Information Management, and others to examine Red Flags, but also the broader issues of HITECH/ARRA privacy provisions, and new Massachusetts Data Protection regulations. First, we will finish our Red Flags program and implement it, then we will move on to working on the other issues. We have not finalized our specific policy, but have already reported to the Board of Directors and to senior leadership about the issues and the work we are doing. As soon as the policy is finalized, I will post it on my blog.

If you have not begun a program to address compliance with the Red Flag rule, now is the time!

May 19, 2009 in Hospitals, Privacy | Permalink

Comments

Seems like this effort is totally pointless, since most theft in healthcare is simply not paying the bill, no matter what your name is. Second, it is counter to EMTALA, where any person can request a medical screening exam, even before any financial or identity info can be obtained or verified. It is one more policy making the system responsible for the bad behavior of people.

Posted by: MD as HELL | May 20, 2009 12:22:06 AM

It saddens me that this is even necessary. Yet another regulation to drive up costs, because the bad apples in society tend to ruin it for everyone.

Posted by: Deron S. | May 20, 2009 3:31:25 AM

All on top of the hundreds of thousands of Americans who needlessly lose their lives in America each year from a rush to profit by the private for profit healthcare industry. Rich, middle class, and poor a like. Insured, and uninsured. Men Women, Children, and Babies.

Posted by: Spink ITES | May 20, 2009 7:09:38 AM

We offer a no cost training course for this to your employees of all medical and dental offices, with certification of the training, in exchange for the opportunity to present Identity Theft Shield as a fringe benefit program or individual program for all employees. Training will be by a Certified Identity Theft and Risk Management Specialist. Most areas of the United States are covered by this offer.

Posted by: Gary Jackson | May 20, 2009 1:05:35 PM

this makes me angry that the f***s that bone our government is boning the whole country. It is maddening to watch our gov do things that are bad for tax payers

Posted by: debt reduction | Jun 2, 2009 2:26:14 PM

With Red Flag, most people do not understand the requirements and think all they have to do is develop a policy and train the employees. This does NOT make them compliant. We have the only web based 100% Compliant Red Flag Program available. Visit us online, we have all the steps to make you compliant. If you are not compliant, the fines are big.

Posted by: Lanny Britnell | Sep 11, 2009 11:25:12 AM

Post a comment