WHO MUST COMPLY
Every healthcare organization and practice must review its billing and payment procedures to determine if it’s covered by the Red Flags Rule. Whether the law applies to you isn’t based on your status as a healthcare provider, but rather on whether your activities fall within the law’s definition of two key terms: “creditor” and “covered account.”
Healthcare providers may be subject to the Rule if they are “creditors.” Although you may not think of your practice as a “creditor” in the traditional sense of a bank or mortgage company, the law defines “creditor” to include any entity that regularly defers payments for goods or services or arranges for the extension of credit. For example, you are a creditor if you regularly bill patients after the completion of services, including for the remainder of medical fees not reimbursed by insurance. Similarly, healthcare providers who regularly allow patients to set up payment plans after services have been rendered are creditors under the Rule. Healthcare providers are also considered creditors if they help patients get credit from other sources – for example, if they distribute and process applications for credit accounts tailored to the healthcare industry.
Read the full outline from the FTC
Covers: Spotting Red Flags, Setting up your identity theft prevention program and what’s at stake.