Associations Protest Red Flags Rule

Seek exemption for healthcare professionals Howard Anderson (ismg_editor) • February 3, 2010     Four healthcare associations have called on the Federal Trade Commission to exclude healthcare professionals from compliance with the Identity Theft Red Flags Rule designed to combat identity theft. The groups made the request in the wake of a court ruling exempting attorneys from the rule.

The American Dental Association, American Medical Association, American Osteopathic Association and American Veterinary Medical Association wrote the letter to the FTC January 29, contending that the rule "imposes an unjustified, unfunded mandate on health professionals for detecting and responding to identity theft."

Under the Identity Theft Red Flags Rule, the effective date of which has been delayed to June 1, any organization that extends credit to its clients must develop and implement written identity theft prevention programs that help identify, detect and respond to patterns, practices or specific activities, known as "red flags," that could indicate identity theft.

Recent case

The U.S. District Court for the District of Columbia recently ruled in a case brought by the American Bar Association that lawyers should be excluded from the requirements of the rule.

"Congress did not intend the original red flags legislation to apply to small businesses, but rather it was intended to encourage large businesses like banks, credit firms and national retailers to implement best practices to protect customers from identity theft," says Ronald Tankersley, DDS, president of the American Dental Association.

"Our four organizations believe that applying the rule to health professionals, but not to lawyers, would be unfair," adds J. James Rohack, M.D., president of the American Medical Association.

Previous
Surge in Q4 Hacker Attacks
Next
HealthcareInfoSecurity.com Names Board

About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.



Around the Network

How 2U Inc. Is Fortifying Its Systems and Solutions Designs
How 2U Inc. Is Fortifying Its Systems and Solutions Designs
Protecting the Hidden Layer in Neural Networks
Protecting the Hidden Layer in Neural Networks
Whistleblowing Brings Visibility to the Role of CISOs
Whistleblowing Brings Visibility to the Role of CISOs
Showing Evidence of 'Recognized Security Practices'
Showing Evidence of 'Recognized Security Practices'
The Persisting Risks Posed by Legacy Medical Devices
The Persisting Risks Posed by Legacy Medical Devices
David Derigiotis on the Complex World of Cyber Insurance
David Derigiotis on the Complex World of Cyber Insurance
Aité-Novarica's Cybersecurity Impact Award
Aité-Novarica's Cybersecurity Impact Award
Craig Box of ARMO on Kubernetes and Complexity
Craig Box of ARMO on Kubernetes and Complexity
Organization-Wide Passwordless Orchestration
Organization-Wide Passwordless Orchestration
Are We Doomed? Not If We Focus on Cyber Resilience
Are We Doomed? Not If We Focus on Cyber Resilience

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.