The Senate has passed a bill that exempts doctors and other providers from the Federal Trade Commission's Red Flags Rule, which would have required them to develop and implement written identity theft prevention programs.
The rule is currently scheduled to go into effect on Dec. 31. The House of Representatives is expected to pass the bill during the current legislative session.
The Red Flags rule was developed under the Fair and Accurate Credit Transactions Act, in which Congress directed the FTC and other agencies to develop regulations requiring "creditors" and "financial institutions" to address the risk of identity theft. The resulting Red Flags Rule requires all such entities that have "covered accounts" to develop and implement written identity theft prevention programs to help identify, detect and respond to patterns, practices or specific activities – known as "red flags" – that could indicate identity theft.
According to officials the bill was introduced Nov. 30, and the Senate unanimously passed S. 3987, Red Flag Program Clarification Act of 2010, on the same day. The bill clarifies that small businesses like doctor's offices are not classified as creditors because they do not offer or maintain accounts that pose a risk of identity theft.
This is different than a bill that was introduced May 25 by Senators John Thune (R-SD) and Mark Begich (D-AK). The bill called for "excluding any healthcare practice, accounting practice, or legal practice with 20 or fewer employees from the meaning of creditor subject to Red Flag Guidelines regarding identity."
Many organizations approve of the exemption. In May, the American Medical Association, American Osteopathic Association (AOA) and the Medical Society of the District of Columbia (MSDC) filed suit against the Federal Trade Commission charging that the FTC's rule exceeds the powers delegated to it by Congress and that its application to physicians is "arbitrary, capricious and contrary to the law."
The National Community Pharmacists Pharmacists Association expressed its approval to the Senate. "We commend Senators Begich, Dodd, Shelby and Thune for their hard work to ensure that reasonable consumer protections can go forward without unduly burdening pharmacists and other providers with unnecessary, time-consuming requirements," said NCPA Executive Vice President and CEO Kathleen Jaeger.
But others disapprove. Healthcare IT News spoke to a few in May when earlier bill S. 3416 was introduced.
Pam Dixon, founder of the World Privacy Forum, a nonprofit, public interest research group, views the rule as "appropriate rule making."
"I don't see a good reason for physicians to not want to do this. It ultimately helps both patients and physicians, by protecting both parties," she said.