The Federal Trade Commission (FTC) issued rules that require “financial institutions” and “creditors” holding consumer or other “covered” accounts to develop and implement an identity theft prevention program. Enforcement of these rules, referred to as the “Red Flags” Rule (Rule), is effective December 31, 2010.

INTERMED has developed a packet of materials to help clarify the Rule pertaining to patient identity theft protection standards. The packet contains an overview of the new Rule, risk management guidelines, and website references. It also contains several forms and templates to assist with compliance measures. Due to the relative depth of the Rule, INTERMED suggests that you establish a reference manual for your office, ideally as an addendum to current HIPAA reference material.

Red Flags Rule Compliance Measures

Sample Forms

Checklist

Written Policy and Procedures

Letter for Compromised Social Security Number

 

Frequently Asked Questions

This packet, along with any other additional material you obtain, will be a vital resource in implementing protection against patient identity theft and compliance with the Rule.

If you have any questions about this material or require additional copies, contact our Risk Management Department at (800) 741-3742, ext. 3016 or send an e-mail to rm@fpic.com.

NOTE: INTERMED provides Red Flags Rule guidance as a benefit to its policyholders for educational and informational purposes only. Any representations or written reports rendered in conjunction with this benefit should not be considered a certification of Red Flags Rule compliance nor should it be interpreted as offering legal, financial, or other professional services. Policyholders that are developing policies and procedures to comply with the Red Flags Rule should seek legal and/or professional assistance to be sure that an appropriate compliance plan is implemented for their particular practice.