Federal Appeals Court Exempts Physicians From Costly FTC 'Red Flags' Identity Theft Rule
A federal appeals court has ruled that physicians who bill patients after providing services are not subject to the expensive and burdensome requirements of the Federal Trade Commission's "red flags" rule. The rule, which took effect last year, requires financial institutions and "creditors" to implement identity theft detection and prevention programs.
Despite objections from the California Medical Association (CMA), the American Medical Association (AMA), and others in organized medicine, the FTC had insisted that physicians who regularly bill their patients for services (including copayments and coinsurance) are considered "creditors" and thus are subject to the red flags rule.
CMA argued that the rule is unnecessary for most physicians because the Health Insurance Portability and Accountability Act (HIPAA) and California laws impose strict requirements to safeguard the confidentiality and security of patient information.
CMA and AMA also objected to the red flags rule requirement that physicians verify the identity of their patients before agreeing to treat them if the patients did not pay in full at the time of the visit. The intention of the requirement was to prevent identity theft so that if a patient provides a false identity, the wrong person would not be billed for the physician's care.
But physicians objected, arguing that requiring proof of identity is time-consuming, awkward, and might delay care if the patient failed to bring proper documents to their appointments.
AMA applauded the ruling by the U.S. District Court of Appeals in Washington, DC. "The court's decision reinforces the intent of a new law clarifying the scope of the red flags rule and helps eliminate any further confusion about the rule's application to physicians," said AMA President Cecil Wilson, MD.
After the appeals court ruling, AMA dropped a lawsuit it brought against the FTC in May 2010.
In December 2010, President Obama signed the Red Flag Program Clarification Act of 2010, which states that small businesses such as physician offices are not classified as creditors because they do not provide or maintain accounts that are identity theft risks.
"The Clarification Act makes it plain that the granting of a right to 'purchase property or services and defer payment therefore' is no longer enough to make a person or firm subject to the FTC's red flags rule — there must now be an explicit advancement of funds," said the ruling by the three-judge appeals panel.