(July 5, 2010): The Federal Trade Commission (FTC) has agreed to once again delay enforcement of its illogical and onerous identity theft Red Flags rule with respect to physicians.The Red Flags rule arose under the Fair and Accurate Credit Transactions Act of 2003 and requires "financial institutions" and "other creditors" to develop written plans to detect identify theft in their day-to-day operations. Under the FTC’s interpretation of the rule, physicians who permit patients to pay after they have rendered medical service are transformed into "creditors."Extension of the rule to physicians has been delayed several times as the extent of the burden on health care providers has become clear. As recently as May 28, the FTC made note of the concerns:
"At the request of several Members of Congress, the [FTC] is further delaying enforcement of the ‘Red Flags’ Rule through December 21, 2010, while Congress considers legislation that would affect the scope of entities covered by the Rule….The Commission urges Congress to act quickly to pass legislation that will resolve any questions as to which entities are covered by the Rule and obviate the need for further enforcement delays."
The June 25th agreement arises in connection with a suit filed against the FTC last month by the American Medical Association (AMA) and others seeking to prevent enforcement of the Red Flags rule and alleging that the FTC overreached its bounds in seeking to enforce the rule against physicians. A similar complaint by the American Bar Association (ABA) is currently making its way through the appeals process after the U.S. District Court for the District of Columbia enjoined enforcement of the rule against lawyers. Until a ruling is issued in the ABA case, the AMA case will be held in abeyance and physicians will be safe from the Red Flags rule.