Physician groups call on FTC to reevaluate its "broad application" of Red Flags privacy rule

Objecting to the Federal Trade Commission's notion that physician practices should be considered "creditors" with regard to identity theft protection regulations, four national organizations--including the American Medical Association, the American Osteopathic Association and the American Dental Association--petitioned the FTC for exclusion from such regulations. Their appeal to FTC Chairman Jon Leibowitz was based on a recent federal court decision that lawyers should be excluded from compliance to the same rules. 

The so-called "Red Flags Rule," issued in November 2007 by the FTC, requires various "creditors and financial institutions" to create and enforce written identity theft protection and detection programs, all in the name of consumer safety.

In November, a federal court decision in Washington, D.C., determined that lawyers do not have to abide by such rules after the American Bar Association brought litigation against the FTC. Specifically, the court ruled that FTC's application of the rule to lawyers was "inconsistent with the purpose underlying enactment of the [Fair and Accurate Credit Transactions] Act" of 2003, which served as a basis for the rule. 

The AMA, in particular, has opposed the regulation since its initial issuance. "The court ruling sends a clear signal that the FTC needs to re-evaluate the broad application of the red flags rule," said AMA President J. James Rohack, M.D. "Our organizations firmly believe that applying the rule to health professionals, but not to lawyers, would be unfair." 

The compliance date for the rule originally was set for Nov. 1, 2008, but has been delayed until June 1, 2010. 

For more information:
- read this press release
- here's the letter
- read about the "red flags" rule