For informational purposes only:
The federal “Red Flags” Rule (the “Rule”) requires many businesses and organizations to implement a written Identity Theft Prevention Program designed to detect the warning signs – or “red flags” – of identity theft in their day-to-day operations. The Rule applies, in part, to creditors and requires creditors to develop identity theft prevention programs. The Federal Trade Commission (“FTC”) is one of the regulatory agencies charged with enforcing the Rule.
Under the Rule, “a creditor is any entity that regularly extends, renews, or continues credit; any entity that regularly arranges for the extension, renewal, or continuation of credit; or any assignee of an original creditor who is involved in the decision to extend, renew, or continue credit.” The FTC has held that hospitals and health care providers are creditors under this definition.
The Rule has been in effect since January 1, 2008. However, on April 30, 2009, the FTC announced that it will delay enforcement of the Rule until August 1, 2009. The FTC wants to allow creditors and other financial institutions sufficient time to develop and implement an Identity Theft Prevention Program (http://www.ftc.gov/opa/2009/04/redflagsrule.shtm).
For more information and a how-to guide, please visit the FTC’s website at http://www2.ftc.gov/redflagsrule.