Topic: Flag identity theft before federal rule takes effect
HIM Connection, October 7, 2008
Want to receive articles like this one in your inbox? Subscribe to HIM Connection!
Effective November 1, hospitals must have a plan in place to detect, mitigate, and prevent red flags that signal potential identity theft, according to the Identity Theft Red Flags and Address Discrepancies Under the Fair and Accurate Credit Transactions Act of 2003 (final rule).
There was confusion over whether the rule, which is primarily geared toward financial institutions and other lenders, also applied to healthcare providers. However, although the rule doesn’t specifically reference hospitals, it does imply that they may fit the legislation’s extremely broad definition of "creditor" because they permit a deferred payment of certain ongoing accounts. Essentially, providers become "creditors" when they establish payment plan. Supplementary information published with the rule states the following:
Creditors in the healthcare field may be at risk of medical identity theft (i.e., identity theft for the purpose of obtaining medical services) and, therefore, must identify Red Flags that reflect this risk.
Examples of red flags could include, but are not limited to, any of the following:
- A mismatch between an individual’s address according to their insurance policy and what appears on their driver’s license
- A photograph on a driver’s license or other ID that doesn’t match the individual presenting it
- An address provided that is a P.O. box or mail drop
- The telephone phone number provided is for a pager or answering service
To view the red flag rule, which was published in the November 9, 2007 Federal Register, visit http://edocket.access.gpo.gov/2007/pdf/07-5453.pdf. For illustrative examples that hospitals can use when developing an identity theft prevention program, refer to Supplement A to Appendix J of the rule. Also refer to the World Privacy Forum Web site to view its latest report titled "Red Flag and Address Discrepancy Requirements: Suggestions for Health Care Providers," released September 24. Click here to view the report.
Want to receive articles like this one in your inbox? Subscribe to HIM Connection!
Comments
0 comments on “Topic: Flag identity theft before federal rule takes effect ”
Related Products
Most Popular
- Articles
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- Catch up on what's new with injections and infusions
- Identify potential Medicaid RAC target areas
- HIPAA Q&A: Level of encryption needed for email
- Topic: CMS, OESS post new security compliance review information, checklist
- Capturing all necessary codes for IUD insertion and removal can be challenging
- What does case-mix index mean to you?
- OB services: Coding inside and outside of the package
- QA:Coding multiple initial infusions
- E-mailed
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- HIPAA Q&A: Level of encryption needed for email
- Q&A: Follow CMS' coding guidelines when using modifier -25
- What does case-mix index mean to you?
- Catch up on what's new with injections and infusions
- CMS has reformulated payments for some bilateral procedures
- New conflicts of interest create new challenges
- Q/A. One injection code or two?
- ED-to-inpatient transfers are flawed with safety gaps
- Searched