Eli's Rehab Report

Published on Wed Jan 20, 2010 PDF

If you've been stretched to the max, unable to write an identity theft prevention program per the Federal Trade Commission (FTC)'s new "Red Flag Rules," you have more time.

In 2008, the FTC issued rules requiring creditors to create written identity theft prevention programs. Creditors include therapists and other health care providers because they often provide services to patients without requiring the full payment at the time of service. More specifically, if you accept insurance and bill patients after providing the service, you're considered a creditor under the Red Flags Rule.

Newest deadline: The FTC has delayed Red Flags Rule enforcement until June 1, 2010, in response to a request from Congress, according to PT Bulletin Online. The rule originally had a Nov. 1, 2008, compliance date, and the FTC has extended the compliance date three times already, to May 1, 2009, Aug. 1, 2009, and November 1, 2009.

Note: Small business owners may have an out completely if certain legislation passes. The House of Representatives passed HR 3763 on Oct. 20, which then went to the Senate Committee on Banking, Housing, and Urban Affairs, the Bulletin reported. This bill would allow the Red Flags Rules to exclude health care providers with less than 20 employees from being interpreted as creditors.

Meanwhile, everyone -- small business or not -- should get their identity theft prevention programs in place in case the deadline arrives before the legislation can pass, experts recommend. Not to mention, a program to prevent identity theft could only help your rehab organization.

If you need a starting point, the FTC created a Web site with templates to you get started. You can access the Web site here: www.ftc.gov/redflagsrule.