May 12, 2016
I was very interested in Tuesday's newsletter on refusing care to a patient who doesn't show ID. Reference was made to "Red Flags" law. What is that? Do I need to be concerned?
Thanks, Dr. KAnswer:
The Red Flags Rule is enforced by the Federal Trade Commission and "requires many businesses and organizations to implement a written Identity Theft Prevention Program designed to detect the warning signs – or red flags – of identity theft in their day-to-day operations." https://www.ftc.gov/tips-advice/business-center/privacy-and-security/red-flags-rule.
The Rule does not apply to healthcare provider practices - doctors and lawyers were exempted out at the 11th hour; however, that doesn't mean the requirements set forth under Red Flags Rule aren't a good idea to adopt regardless. The requirements include checking identification and verifying information before disclosing protected health information or treating. Having a Red Flags policy
allows you to train on and then enforce against staff failing to comply. Also, maintaining a policy offers some protection against a charge of aiding in insurance fraud, if some patients are not coming in with their proper insurance card.
Happy to discuss in further detail offline.