 |
Identity Theft and Your Practice
What every practice should know about identity theft and the related laws is that being compliant with HIPAA is not enough. There are other federal identity theft related laws that apply to every medical clinic and facility in the United States. The New Red Flag Rules LawThe new Red Flag Rules was passed in January 2008. Mandatory compliance is required by May 1st, 2009.This law requires you to have an "Identity Theft Prevention Program." Ultimately, this law is to protect your facility or practice from treating a new or existing patient who has already stolen an identity, probably because he or she needs treatment and is uninsured. This is a classic case of medical identity theft. The Federal Trade Commission says that you must comply with the law because you are a "creditor" meaning that you extend credit to a patient when you bill a patient. This law applies to you regardless of your facility size. They want to see how you plan to prevent identity theft in writing. The hope is that collectively identity theft will be limited and therefore the financial damages to businesses will lessen. The financial ramifications of your patient's information being lost or stolen could be devastating to even the most successful practices. Did you know that a medical insurance card can sell on the black identity theft market for up to $500 each? Did you know that if an identity thief gets your medical insurance information they can steal your total identity? Did you know that a patient's chart is worth $100,000 to an identity thief? It does not matter how the thieves get the info, your facility can still be held liable if you don't comply with the laws. The Five Areas of Identity Theft
DamagesWhat happens if you don't comply? Federal and state fines up to $2,500 and possible civil law suits. In fact you can be held responsible for restoring the identities of the patients or employees that are affected if you have a breach. The numbers can be staggering. The USA Today reported that the damages for restoring an identity can be up to $92,000. Can you imagine if you had a data breach or a corrupt employee stealing information how many patients or employees could be affected? Multiply the number by $92,000 and you will understand by not having an identity theft prevention program in place, your practice is a sitting duck for civil lawsuits and fines. What happens when patients won't come back to your practice because there has been a data breach? You can no longer afford to put it off.The Federal Trade Commission is serious about compliance with this new law. You are not exempt. While, there is nothing that you can do to prevent identity theft from occurring, certainly by following the FTC's guidelines you may lessen the opportunity for would be thieves to take advantage of you, your staff and your patients. By attempting to comply with the laws you will lessen the chances that you will be sued or fined by the FTC. Here's what you should do:
Finally, you must consider the cost. The cost for attempting to comply could cost you several hundred or even several thousands of dollars while the cost for not making an attempt to comply could possibly cost you millions. Lisa Asbell is a Registered Nurse and is also an Identity Theft Risk Management Specialist. Lisa is the President of Identity Theft Resolutions which is based in St. Petersburg. Identity Theft Resolutions has the only medical specific program in the country. You can reach Lisa at www.idtrx.com Tags:NoneBookmark:
|
Digg
Facebook
Technorati
Newsvine
Google| Google Ad Blocks |
 |
| Add our RSS Feed |
  |
| Copyright © and Trademark ™ 2008 All Rights Reserved Copyright Statement | Privacy Statement | Terms of Service |
