Red Flags Rule
Red Flags rule
The Red Flags Rule to be implemented no later than August 1, 2009, is a federal mandate stating that any creditor must protect customer information from identity theft. Although on the surface it doesn’t seem like health care providers would be subject to this rule, a closer examination of the Red Flags Rules reveals that we are.
According to the Red Flags Rule, health care providers are considered creditors because we provide services and later bill for them. Additionally, we collect billing information from the patient that could be used to steal a patient’s identity.
This is not an uncommon experience. Examples are all over the internet including a woman who was being billed for an operation to amputate her foot. Although the hospital released her from the bill, she was later haunted by erroneous medical information in her records.
In Florida, a hospital employee was found to have stolen billing information for numerous patients that allowed a fraudulent laboratory to bill over 2 million dollars to Medicare.
And one of the worst possible breaches of security was a Massachusetts psychiatrist who billed visits to a client’s insurance company that were never made and also billed visits for the patient’s children who never saw the doctor. Consequently, the children are noted on medical records to suffer from severe depression.
Medical Identity Theft is not a joke!
The Red Flags Rule mandates that we do four things:
- Design a written plan to protect your patients’ specific information
- Identify risks within your organization
- Design procedures for addressing risks and breaches of information
- Review the plan annually.
Additionally, it is written in the federal register that all ‘relevant’ employees be educated in the plan. Because so many documents contain pertinent billing information such as social security numbers, Medicare or insurance card numbers, etc., all employees privy to this information should be educated.
Remember, Medical Identity Theft is on the rise and it is suspected that further harm may come to patients as the current administration’s plan to share health care data across providers is implemented.
Questions about the Red Flags Rule can be addressed to Haydelconsultingservices@bellsouth.net or you may leave a comment below. As always, we enjoy hearing from you.
Thank you for all the helpful information you post on the Decision Health list serve. It is always timely and relevant. thanks again.
Linda
Thank you so much for your kind words.
Good Morning Julianne,
I am interested in purchasing the Policy and
Procedure you have for Red Flags rules for
$150.00. Is this something you send via e-mail?
Can you bill us for this with an Invoice to pay?
Kindly advise.
Thank you!
Pat Montalvo, R.N. Administrator
Associated Home Health
3313 W. Commercial Blvd., Suite 113
Ft. Lauderdale, Florida, 33309
Phone (954) 938-3500, Ext. 17
Fax (954) 938-3509
e-mail: pmontalvo@unisourceinc.org
Thank you for all the information you have provided.
We are interested to buy the Red flag Policy, we have some thing that I’m very happy with please let me know what other poilicies you have
thanks
Anab Ali, RN