|
ICCOM International Center for Chiropractic Office Managers
“A Leader in Chiropractic Office Management and Compliance Training”
|
|
©2009 ICCOM |
|
The 35 page Electronic Version only: $117.00
|
|
Identity Theft Prevention Protect Your Patient and Yourself Prevention Policies and Procedures #1 Your Patient #2 Your Service/Collection
Patients Insurance Information and Credit Card Information may be at risk. Training your staff to recognize possible problems. |
|
Red Flags Rule: Identity Theft Prevention |
|
Not ALL Providers are Exempted from the Red Flags Rule Compliance This past week I had an attorney call me to purchase my Red Flags Rule: Identity Theft Prevention Manuals. Some of his clients have my Red Flags manual and he wanted to purchase it for several of his new healthcare clients. Part of his work as an attorney is in patient debt collections and wanted to be sure all of his clients were compliant. He told me that he has found that most healthcare providers do not think that they have to be compliant under any conditions. We got into a discussion about the changes in the Fair Credit Reporting Act (Red Flags Clarification) last December that exempted most healthcare providers because they extend credit incidental to the services they provide. But “MOST” has been highly misunderstood and overlooked. The fact is that if doctors report patient debts to a consumer reporting agency whether directly or indirectly through a 3rd party debt collector they were considered a “creditor” and must comply with the Red Flags Rule. On December 18, 2010, a congressional clarification bill called the Red Flags Rule Clarification Act was passed and in effect exempted most doctors’ offices from the Red Flags Rule. The Act states: A creditor is someone who: · obtains or uses consumer reports, directly or indirectly, in connection with a credit transaction; · furnishes information to consumer reporting agencies… in connection with a credit transaction; · or advances funds to or on behalf of a person based on an obligation of the person to repay the funds The bill also states that entities cannot be considered creditors if “they advance funds on behalf of a person for expenses incidental to a service provided by the creditor to that person.” That is where everyone is confused. http://www.ftc.gov/bcp/edu/microsites/redflagsrule/index.shtml Many think that the last statement was what exempted us totally from having to comply with the Red Flags Rule. Healthcare attorney Kevin Ryan, principal at Chicago-based law firm Much Shelist, says some physician and hospitals could still be covered by the rule if they use or report to credit agencies. http://healthcare-executive-insight.advanceweb.com/Features/Articles/Following-the-Red-Flags-Rule.aspx Ryan stated that because some physician groups and hospitals use credit reports or furnish information to consumer reporting agencies as a regular aspect of business those facilities would still qualify as creditors under the Red Flags Rule and advises healthcare providers to consult with their attorneys on whether their business practices meet the amended creditor definition. In an article published online by the American Health Information Management Association, Naomi Lefkovitz, senior attorney, division of privacy and identity protection at the FTC says it is not an outright exemption. She says the clarification act does not outright exempt any industry, including healthcare providers, from inclusion under Red Flags. She goes on to state that a small doctor’s office is likely to be exempted because they typically do not use or obtain consumer reports routinely in connection with credit transactions or furnish information to consumer reporting agencies. But any entity, including a doctor’s office, that conducts any of the three creditor criteria defined in the clarification bill as part of their normal business practices would still need to develop an Identity Theft Mitigation Program as described in the rule. http://journal.ahima.org/2010/12/16/red-flag-clarification-exempts-most-not-all-providers/ So doctors….. If you report patient bad debts directly or indirectly to a credit reporting agency, you still may need to be compliant. Get your Identity Theft Prevention Program in order. It does not have to be difficult or expensive and no matter what it is still a good practice policy for your office. My manual is only $117.00, which is a small price to pay to be completely compliant. Keep it simple but get it done today.
|
