• Home
  • Blog
  • Contact
HIPAA ComplianceHIPAA Compliance
HIPAA ComplianceHIPAA Compliance
  • Home
  • Blog
  • Contact

Healthcare Providers Receive FTC Red Flags Exemption from Congress

December 14, 2010 Red Flags Rules 1 Comment

HIPAA.com has covered the provisions of the Federal Trade Commission (FTC) Red Flags Rule in earlier postings.  Congressional action now exempts healthcare providers from compliance with the provisions of the Red Flags Rule.

On Tuesday, December 7, the House by voice vote joined the Senate in passage of S.3987, the Red Flag Program Clarification Act of 2010.  On November 30, 2010, the Senate passed this legislation by unanimous consent.  The bill has been cleared to the White House for signature.

The following information from the Library of Congress summarizes S 3987 (see http://thomas.loc.gov):

“Amends the Fair Credit Reporting Act, with respect to federal agency (red flag) guidelines regarding identity theft and the users of consumer reports, to define creditor to mean one that regularly and in the ordinary course of business:  (1) obtains or uses consumer reports, directly or indirectly, in connection with a credit transaction; (2) furnishes information to certain consumer reporting agencies in connection with a credit transaction; or (3) advances funds to or on behalf of a person, based on the person’s obligation to repay the funds or on repayment from specific property pledged by or on the person’s behalf.

“Includes in the definition any other type of creditor as the federal agency (banking agency, National Credit Union Administration, or the Federal Trade Commission) having authority over that creditor may determine appropriate, if the creditor offers or maintains accounts subject to a reasonably foreseeable risk of identity theft.

“Excludes from the definition of creditor, however, any creditor that advances funds on behalf of a person fro expenses incidental to a service the creditor provides to that person.”

Note:  Healthcare providers as Covered Entities under HIPAA Administrative Simplification, while exempt from FTC Red Flag identity theft detection and protection provisions under S 3987, are not exempt from HIPAA and HITECH Act privacy and security rule obligations to safeguard patient identity data elements that are protected health information (PHI) identifiers.

1 Comment
Share
0

You also might be interested in

Word of the Day: Health Level 7 (HL7)

May 6, 2009

Health Level 7 (HL7): One of several American National Standards[...]

Final HIPAA Rule: Security Statutory Authority and Direct Regulation of Business Associates

Feb 4, 2013

February 4, 2013.  Today, we cover the security safeguards of[...]

The Definition of Covered Entity

May 10, 2009

This posting is one of several that outline the HITECH[...]

1 Comment

Leave your reply.
  • April Delgado
    · Reply

    June 8, 2015 at 4:31 AM

    Fair credit reporting haaa lego land california H.R.1314 see clayton act

Leave a Reply Cancel Reply

Categories

  • 5010
  • American Recovery and Reinvestment Act
  • Enforcement
  • GINA
  • Health Care Reform
  • Health IT and HITECH
  • HIPAA Law
  • Identifiers
  • Meaningful Use
  • Privacy
  • Red Flags Rules
  • Security
  • Transactions & Code Sets
  • Uncategorized

Recent Posts

  • Contracting with Vendors that are NOT HIPAA Business Associates: Best Practices
  • HIPAA Breach: Who You Gonna Call?
  • Can I Be Sued for a HIPAA Violation?
  • Business Associate Agreements – a First Look at Indemnification
  • Gmail, Google Apps for Business HIPAA Business Associate Agreements

Archives

Contact Us

We're currently offline. Send us an email and we'll get back to you, asap.

Send Message
HIPAA- Health Insurance Portability Accountability Act

© 2023 · hipaa.com

Prev Next