OSMA Membership

Take a few moments to join or renew online so you can make sure that you will continue to receive the benefits of OSMA membership and help the future of medicine remain strong.

Join Renew

Upcoming Events

View all upcoming events

Subscribe to Events

Find a Physician

Or use the Advanced Finder to make your search more specific.

RED FLAGS RULE RESOURCE CENTER

Implementing an Identity Theft Prevention Program in your Practice

UPDATED January 6, 2011

Red Flags Rule and Physician Offices

The Red Flag Program Clarification Act of 2010 limits application of the red flags rules to a more limited set of "creditors" that meet any one or more of the following:

1. uses consumer reports in connection with a credit transaction;
2. furnishes information to consumer reporting agencies in connection with a credit transaction; or
3. advances funds to or on behalf of a person based on an obligation of that person to repay the funds from specific property pledged by or on behalf of the person. Creditors that “advance funds on behalf of a person for expenses incidental to a service provided by the creditor to that person” are specifically excluded.

However the law gives the FTC the authority to expand who is considered a "creditor" subject to the act if the FTC determines certain types of entities offer or maintain accounts that are subject to a reasonably foreseeable risk of identity theft. This determination would likely occur in future rule-making by the FTC.

Though most physician offices will not be subject to the Red Flags rules, if a practice engages in any of the activities in items 1-3 above, the rules will apply. Please explore the links to additional information if you think the rules apply to your practice.

Also review the FTC's FAQs about medical identity theft and steps you can take to protect your practice and assist your patients.

The resources below are FREE for OSMA members.