May 12, 2016


Hi Jennifer,

I was very interested in Tuesday's newsletter on refusing care to a patient who doesn't show ID. Reference was made to "Red Flags" law.  What is that?  Do I need to be concerned?

Thanks,  Dr. K


The Red Flags Rule is enforced by the Federal Trade Commission and "requires many businesses and organizations to implement a written Identity Theft Prevention Program designed to detect the warning signs – or red flags – of identity theft in their day-to-day operations." 

The Rule does not apply to healthcare provider practices - doctors and lawyers were exempted out at the 11th hour; however, that doesn't mean the requirements set forth under Red Flags Rule aren't a good idea to adopt regardless. The requirements include checking identification and verifying information before disclosing protected health information or treating. Having a Red Flags policy allows you to train on and then enforce against staff failing to comply.  Also, maintaining a policy offers some protection against a charge of aiding in insurance fraud, if some patients are not coming in with their proper insurance card.  

Happy to discuss in further detail offline.   


Looking for HIPAA and compliance forms?  
Click here to visit our website.
Have a question or comment for Jennifer?
Contact Jennifer at or  at (516) 747-6700 x. 302.
Interested in having Jennifer speak at an event or
at a residency/fellowship program?
Contact Jennifer directly at (516) 747-6700 x. 302 or
Click here or the image below to learn about
K&K's Prepaid Legal Audit/Investigation Defense Now!