After a six-month delay, the
Red Flags Rules will now go into effect for all health care
providers on May 1. Under these rules dentists, doctors and other
health care providers are considered "creditors," and must ensure
reasonable precautions are taken to protect patients from identity
While it's not yet precisely clear what dentists will need to do to
ensure their practices are compliant, the Federal Trade Commission,
which enforces these regulations, says
on their Web site:
Under the Red Flags Rules...creditors must develop a
written program that identifies and detects the relevant warning
signs - or "red flags" - of identity theft. These may include, for
example, unusual account activity, fraud alerts on a consumer
report, or attempted use of suspicious account application
documents. The program must also describe appropriate responses
that would prevent and mitigate the crime and detail a plan to
update the program. The program must be managed by the Board of
Directors or senior employees of the financial institution or
creditor, include appropriate staff training, and provide for
oversight of any service providers.
The American Dental Association has protested the new regulations.
In an e-mail today to dental society staff,
Dr. John Findley
Speaking for the ADA, I urged the FTC staff not to
apply the Red Flags Rule to dentists....
Fellow ADA representatives also explained the special problems that
dentists and physicians will face under the Rule. In particular,
they may have to report any suspected identity theft both to the
patient whose identity is at issue and to law enforcement
officials. Reporting of this
nature could raise issues under the HIPAA privacy
regulations. [emphasis mine] Determining how to harmonize
the Red Flags Rule with HIPAA requirements in any given case could
result in yet more costs for our members in terms both of their own
time and in connection with obtaining legal advice.
In response, the FTC staff expressed its intention to enforce the
Reg Flags Rule with "flexibility." It assured the ADA that it
sought only "reasonable compliance."
Dr. Findley notes that the FTC demurred on the ADA's requests to
exempt dentists from the rules, provide formal guidance on how
dentists should incorporate the rules into their practices or delay
enforcement until more information was available.
overview for business owners, from the FTC
The complete guidelines, from the FTC
News coverage from the ADA (
ADA's letter of complaint to the FTC
The FTC's response to the AMA's objections about treating doctors
A brief summation by Dental Blogs
Posted by: Anonymous (email@example.com) on 05/16/2011