HelpFeedback
HIPAA for Allied Health Career
Information Center
Feature Summary
Industry Updates
Table of Contents
Book Preface
Sample Chapter
Supplements


Student Edition
Instructor Edition
HIPAA for Allied Health Careers

Cynthia Newby, CPC

ISBN: 0073374121
Copyright year: 2009

Industry Updates



10/30/09: FTC Extends Enforcement Deadline for Identity Theft Red Flags Rule

The Federal Trade Commission (FTC) is delaying enforcement of the “Red Flags” Rule until June 1, 2010. As part of the Federal Trade Commission's (FTC's) implementation of the Fair and Accurate Credit Transactions (FACT) Act of 2003, most medical providers would have needed to comply with the "Red Flags" rule November 1, 2009. The rule requires "creditors" – which the FTC defines to include most health care providers – to establish a program to prevent identity theft in their practices.


Click each link to download the Updates for this book.



CMS Data Content And Code Sites (1407.0K)

Medicare Medical Information and Privacy Clarification (85.0K)

Date: 02/25/2008

Subject: New HIPAA Security Information on the CMS website

Content: On February 20, 2008 The Office of E-Health Standards and Services (OESS) within CMS posted a document called Information Request for Onsite Compliance Reviews. OESS recently procured contracted services to assist with onsite compliance reviews related to potential HIPAA Security Rule violations. To ensure that the industry has an idea of the type of information OESS might request during these reviews, OESS developed a sample security checklist, which highlights several areas of vulnerability associated with the security of electronic protected health information.

Click Link below for full story:

New HIPAA Security Information on the CMS website

Identity-Theft Red Flag Requirements

The Federal Trade Commission requires healthcare organizations that provide credit to patients to comply with identity-theft red flag rules. The organization must set up a process to find "red flags"--actions that might indicate an attempt to steal the person's personal data for illegal use.

The FTC released the final rules on what it calls “identity theft red flags” on November 9, 2007 in the Federal Register (72FR63718). Essentially, the requirement calls for the creditor (healthcare organization, office, or practice) to set up a process so that its staff can determine or identify possible identity theft “red flags” and respond. The rules are flexible, but do require identification of the potential problem areas, what action is to be taken, and a means to revisit the protocol and update as needed. The final rule and other guidance from the FTC provide suggestions for the flags that might be established.

After a number of delays, the rule takes effect Nov. 1, 2009

For further information read the current information at www.ftc.gov/redflagsrule. The rule contains an appendix (72FR63774) to assist businesses to set up the red flags. Helpful information is also offered on the American Medical Association website at

www.ama-assn.org/ama/no-index/physician-resources/red-flags-rule.shtml

 

HIPAA AND HITECH Update (50.0K)

 

Red Flag Update 6/2010

The Federal Trade Commission will temporarily exempt physicians from the “Red Flags” rule, pending the outcome of an ongoing court case. The rule requires creditors and financial institutions with "covered accounts" to implement written programs to help detect and respond to practices and activities that could indicate identity theft by Dec. 31. FTC identified Dec. 31as the starting date for enforcement after several previously announced delays. The American Medical Association, American Osteopathic Association and Medical Society of the District of Columbia in May filed a federal lawsuit seeking to prevent the FTC from extending the rule to physicians. Last November, the U.S. District Court for the District of Columbia ruled that the FTC may not apply the rule to attorneys, but the FTC has appealed that decision. Until the court reaches a decision in the case, which was brought by the American Bar Association, the FTC has agreed not to enforce the rule for physicians. The agreement is pending the approval of the D.C. Circuit Court of Appeals.--From the AHA News Now

Small Cover

To obtain an instructor login for this Online Learning Center, ask your local sales representative. If you're an instructor thinking about adopting this textbook, request a free copy for review.