The April 30, and July 31, 2009 editions of the Long Term Care Newsletter contained articles regarding the new “Red Flags Rule” being implemented by the Federal Trade Commission (FTC). The Red Flags Rule will affect nearly half of the healthcare providers in America, and will require written procedures and policies pertaining to identity theft. The implementation date had previously been extended from November of 2008 until May 1, 2009. Late on April 30, 2009, after the Long Term Care Newsletter had been mailed, the FTC announced that it was extending the implementation three months from May 1, 2009 to August 1, 2009. Subsequently, the FTC again delayed enforcement until November 1, 2009.
Long term care clients should continue preparing to implement the Red Flags Rule, and should now be targeting the November 1, 2009 date. Additional information should be reviewed at: https://www.ftc.gov/tips-advice/business-center/privacy-and-security/red-flags-rule, including the FTC’s templates for “low risk” entities.
The FTC believes this three-month extension, along with the new guidance it is providing to help creditors and financial institutions, will help to bring about a better understanding of the Red Flag Rule and allow companies to write and then implement written Identify Theft Prevention Programs.
Kevin R. McManaman