Red flag regulations effective Nov. 1

By Marty Krawczyk

On Nov. 1, 2008, new rules and guidelines intended to detect, prevent, and mitigate identity theft go into effect. These “red flag rules” focus on implementing technologic and procedural frameworks to support fraud detection and prevention. The financial arrangements inherent in the physician/patient relationship would classify medical practices as creditors and subject to the rules.

The regulations require a written identity theft prevention program that includes five basic elements: An assessment of areas that may be vulnerable to the act of identity theft or that may provide the means by which identity theft can take place; identification of specific “red flags” that alert staff and/or practice management to the potential theft of information; guidelines to identify “red flags”; protocols to deal with identity theft; and detailed actions to prevent future theft potential.

This content is only available to members of the AAOS.

Please log in using the link at the top right corner of this page to access your exclusive AAOS member content.

Not a member? Become a member!