The Senate has passed legislation exempting health care providers, attorneys and certain other service providers from provisions of the Red Flags Rule to combat identity theft, HealthcareInfoSecurity.com reports.

The rule requires businesses to take specific steps to minimize identity theft. The compliance date for the rule has been extended several times times as various industries contest their inclusion, and several medical associations previously filed a lawsuit to prevent the Federal Trade Commission from extending the rule to physicians.

The Senate-passed bill, S. 3987, is on a fast-track. It was introduced and approved by unanimous consent on Nov. 30, and referred to the House Committee on Financial Services. The bill clarifies "creditors" who must comply with the rule. In effect, it exempts providers and others who permit payment to be deferred.

The House has previously passed similar legislation and must approve S. 3987 during the lame duck session or the bill must be reintroduced in 2011. The present compliance date for the Red Flags Rule is Jan. 1, 2011.The Federal Trade Commission previously announced it will not enforce the rule on physicians until pending litigation by the American Medical Association and other physician organizations has cleared the courts.

What follows is text of the bill as passed by the Senate:

SECTION 1. SHORT TITLE.

      This Act may be cited as the `Red Flag Program Clarification Act of 2010'.

SEC. 2. SCOPE OF CERTAIN CREDITOR REQUIREMENTS.

      (a) Amendment to FCRA- Section 615(e) of the Fair Credit Reporting Act (15 U.S.C. 1681m(e)) is amended by adding at the end the following:

            `(4) DEFINITIONS- As used in this subsection, the term `creditor'--

                  `(A) means a creditor, as defined in section 702 of the Equal Credit Opportunity Act (15 U.S.C. 1691a), that regularly and in the ordinary course of business--

                        `(i) obtains or uses consumer reports, directly or indirectly, in connection with a credit transaction;

                        `(ii) furnishes information to consumer reporting agencies, as described in section 623, in connection with a credit transaction; or

                        `(iii) advances funds to or on behalf of a person, based on an obligation of the person to repay the funds or repayable from specific property pledged by or on behalf of the person;

                  `(B) does not include a creditor described in subparagraph (A)(iii) that advances funds on behalf of a person for expenses incidental to a service provided by the creditor to that person; and

                 `(C) includes any other type of creditor, as defined in that section 702, as the agency described in paragraph (1) having authority over that creditor may determine appropriate by rule promulgated by that agency, based on a determination that such creditor offers or maintains accounts that are subject to a reasonably foreseeable risk of identity theft.'

      (b) Effective Date- The amendment made by this section shall become effective on the date of enactment of this Act.

--Joseph Goedert

 

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access