
Health Care Law Blog
The Red Flags Rule requires "creditors" to address the risk of identity theft by implementing and updating identity theft programs that identify, detect, and respond to potential identity theft problems. While the definition of "creditor" under the Red Flags Rule was previously broad enough to include healthcare providers, the recently passed Red Flag Program Clarification Act of 2010 (the "Act") narrowed the definition of "creditor" to include only entities that use consumer reports or furnish information to consumer reporting agencies or to others who extend credit.
The Act, therefore, exempts doctors, dentists, orthodontists, pharmacists, nurse practitioners, and other healthcare providers from the Red Flags Rule. This is timely news as compliance with the Red Flags Rule is set to begin on December 31, 2010.