AAPC - Back to school
Results 1 to 8 of 8

Thread: Hipaa rules question

  1. #1

    Thumbs down Hipaa rules question

    AAPC: Back to School

    Has anyone heard of this new HIPAA rule stating that patients have to show photo identification now?

    My boss wants me to try to find something in writing about it but I can't find anything. If someone has a site that says something about that can you please share?

    Thank you,

  2. #2

  3. #3


    Thanks for that link, although I still don't see anything where photo id is required so I don't think it is required, but I wanted to see if anyone else knows anything about that.
    Thanks again.

  4. #4
    Join Date
    Apr 2007

    Default Red Flags


    This is probably more what you are looking for. It is not a HIPPA rule, it applies to "creditors", which most health care settings fall under that title.

    Hope this helps,

    Laura, CPC, CEMC

  5. #5
    Join Date
    Apr 2007


    They had something on Foxnews this morning, it's about preventing medical identity theft. Not sure where to find it in written though.

  6. #6
    Join Date
    Apr 2007


    Found it!

    Subject: Red Flag Rules require you to watch for identity theft among patients
    Source Coder Pink Sheets: Orthopedic
    Publication Orthopedic: Orthopedic Coder's Pink Sheet, April 2009, Vol. 10, No. 4
    Effective Date Apr 1, 2009
    Publish Date Apr 1, 2009

    Starting May 1, a new set of government rules require health care providers, including orthopedic practices, to keep an eye out for the possibility of identity theft involving their patients.

    Those regulations are the Federal Trade Commission's (FTC's) Red Flag and Address Discrepancy Rules. (The rules actually took effect Nov. 1, 2008, but the FTC extended the implementation date until May 1 this year.) They apply to any entity that may offer credit to consumers, e.g., allowing a patient to pay for a procedure in installments.

    What it is: A "Red Flag" is "a pattern, practice, or specific activity that could indicate identity theft," according to a report prepared by the World Privacy Forum to help health care providers understand and apply the Red Flag Rules.

    As part of your compliance procedures, you will need to keep an eye out for the possibility your patients may be the victim of identity theft, but you should also consider overseeing employee and vendor access to patient data as well, the Forum report advises.

    How to spot it: Potential red flags for physician practices, according to the World Forum report, include complaints or questions from patients based on receipt of:

    a bill for another individual;
    a bill for a product or service the patient says he never received;
    a bill from a health care provider the patient never visited; or
    a notice of insurance benefits (or explanation of benefits) for health services never received.
    "If you did a good job of HIPAA privacy and security compliance, compliance with the Red Flag Rules will be fairly simple - it will probably amount to a memo or official training," explains Linda Gates-Striby, compliance manager at The Care Group, a 150-doctor physician practice in Indianapolis, Ind.

    "You need to be on the lookout for patients who say: ‘I didn't see that doctor,'" Gates-Striby warns. In the past, such a complaint might have made you think there was a billing mistake, she explains. "Now you must also consider the possibility that the patient was a victim of identity fraud."

    Tip: Make sure you have a formal way to confirm key facts in the patient's chart when a patient comes in for a visit or procedure.

    "Some offices are starting to make a copy of the patient's driver's license, but providers might not want to do that," Gates-Striby says, "because it increases your liability and security exposure to have that on file."

    In any case, you can look out for practical "red flags" among your patients, including changes in age, race, or significant variation in chart or height, she advises.

    As electronic medical records become more widespread in use, practices will be able to download an increasing amount of this type of demographic and observational data in advance - even on new patients, if they've already been seen by physicians in a different office. And that could help you spot a possible identity theft even for your first-time patients.

    What to do if you think you have an identity theft case on your hands: The FTC says that in your Red Flag compliance program, you must "describe appropriate responses that would prevent and mitigate the crime, and detail a plan to update the program."

    That response might include inserting a Red Flag Alert in the patient's medical record "to warn providers, insurers, and consumers of potential fraudulent activity," suggests the World Privacy Forum.

    If identity theft is confirmed, you may also need to have a process for purging all information entered as a result of the fraudulent activity, leaving a brief cross-reference and explanation of the deletion, the Forum report says.

    Official resources:

    View an FTC notice about the Red Flag Rules here: http://www.ftc.gov/bcp/edu/pubs/busi...ts/alt050.shtm

    Download the World Privacy Forum report, "Red Flag and Address Discrepancy Requirements: Suggestions for Health Care Providers," here: http://www.worldprivacyforum.org/medical.html

  7. #7


    Thanks alot Martn!!!

  8. #8


    The Red Flags Rule compliance date has been moved to November 1, 2009.

Similar Threads

  1. Question to confirm HIPAA backup requirements
    By Bran19 in forum Compliance General Discussion
    Replies: 1
    Last Post: 02-12-2014, 01:17 PM
  2. HIPAA Concern Question
    By SRickman in forum Compliance General Discussion
    Replies: 2
    Last Post: 06-26-2012, 03:53 PM
  3. HIPAA rules
    By ShelleyM in forum Medical Coding General Discussion
    Replies: 5
    Last Post: 03-14-2011, 07:02 PM
  4. Hipaa Medical Records Question
    By cbosi1 in forum Medical Coding General Discussion
    Replies: 1
    Last Post: 11-18-2008, 07:33 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Enjoying Our Forums?

AAPC forums are a benefit of membership. Joining AAPC grants you unlimited access, allowing you to post questions and participate with our community of over 150,000 professionals.

Join Now Continue Reading Without Full Access

Already a Member?


Close Message

In addition to full participation on AAPC forums, as a member you will be able to:

  • Access to the largest healthcare job database in the world.
  • Join over 150,000 members of the healthcare network in the world.
  • Be a part of an industry leading organization that drives the business side of healthcare.
  • Save anywhere from 10%-50% with exclusive member discounts on courses, books, study materials, and conferences.
  • Access to discounts at hundreds of restaurants, travel destinations, retail stores, and service providers. AAPC members also have opportunities to save on heath, life, and liability insurance.
  • Become a member of a local chapter and attend regular meetings.