Posted by Jason Greis on July 29, 2009 under Articles | 
On July 29, 2009, the U.S. Federal Trade Commission (FTC) deferred enforcement of the Red Flags Rule from August 1, 2009 to November 1, 2009 in order “to give creditors and financial institutions more time to develop and implement written identity theft prevention programs.” As we discussed in our articles from 4/27/09 and 5/4/09, the Red Flags Rule will require many businesses to develop, implement, and administer an Identity Theft Prevention Program that is designed to detect the warnings signs (or “red flags”) of identity theft, as well as to prevent and mitigate it. Read More...
Tags: august 1, federal trade commission, ftc, greisguide, greisguidetoltachs, healthcare, hoefling, hospital, james riley, jonathan vogel, ken dort, ltac, LTACH, LTCH, matthew, mcguirewoods, november 1, physician, red flag
Posted by Jason Greis on July 26, 2009 under Articles |
The new deadline for health care providers, including LTACHs and other post-acute care providers, to comply with the “Red Flag” identity protection rules (the “Rules”), which were first published by the Federal Trade Commission (“FTC”) in 2007 as part of the Fair and Accurate Credit Transactions Act of 2003 (“FACTA”) is quickly approaching. On August 1, 2009, “financial institutions” and “creditors” covered by the Rules will be required to implement a written Identity Theft Prevention Program (“Program”) to define, detect, and respond to “Red Flags” in order to prevent and/or mitigate identity theft. Failure to comply with the Rules can result in the assessment of civil monetary penalties for violations. Read More...
Tags: FACTA, Fair and Accurate Credit Transactions Act, federal trade commission, ftc, greisguide, greisguidetoltachs, hha, hospital, identity theft, jason greis, ltac, LTACH, LTCH, red flag, snf
Posted by Jason Greis on March 2, 2009 under Articles |
Health care providers and any businesses that provide information technology services for them will be subject to much greater regulation of their information security practices as a result of a major component of the recent economic stimulus legislation. Known as the Health Information Technology for Economic and Clinical Health Act (or the “HITECH Act”), this portion of the federal economic stimulus package is the most expansive modification to the federal privacy and security rules for health-related businesses since the 1996 enactment of HIPAA. Read More...
Tags: american recovery and reinvestment act, ARRA, audit, breach, business associate, business associate agreement, civil monetary penalties, cmp, covered entity, enforcement, federal trade commission, fine, ftc, greisguide, greisguidetoltachs, Health Information Technology for Economic and Clinical Health Act, hhs, hipaa, HITECH, hospital, interim final rules, kimberly kannensohn, limited data set, ltac, LTACH, LTCH, minimum necessary, notification, phi, privac, safeguard, security
Posted by Jason Greis on February 24, 2009 under Articles |
On February 17, 2009, President Barack Obama signed the American Recovery and Reinvestment Act of 2009 (the “ARRA”), commonly referred to as the federal stimulus bill. The ARRA contains several provisions — intended to promote the use of health information technology — that would significantly expand the scope of the privacy and security requirements of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). These changes, summarized below, include: Read More...
Tags: american recovery and reinvestment act, ARRA, BAA, business associate, business associate agreement, covered entity, Department of Health and Human Services, disclosure, federal trade commission, ftc, greisguide, greisguidetoltachs, health insurance portability and accountability act, hipaa, hospital, kimberly kannensohn, liability, ltac, LTACH, LTCH, marketing, minimum necessary, notification, obama, personal health information, personal health record, phi, PHR, privacy, ryan higgins, security
Posted by Jason Greis on under Articles |
On October 22, the FTC announced that enforcement of its Identity Theft Red Flag Rules, originally scheduled to begin November 1, 2008, will now be delayed until May 1, 2009. The reason for the delay is that many entities, including health care providers, have been uncertain or even unaware of their coverage under the Rules until this point. The extension will allow covered entities more time to comply with the mandate to create and implement a written identity theft prevention program. The FTC is also planning to provide additional guidance as to Rules themselves and to which entities the Rules apply, but no date has been provided for this guidance. Read More...
Tags: covered account, creditor, elizabeth diller, FACTA, Fair and Accurate Credit Transactions Act, federal trade commission, ftc, greisguide, greisguidetoltachs, health care, health insurance portability and accountability act, healthcare, hipaa, identity theft, j. brian jackson, ltac, LTCH, mcguirewoods, nathan kottkamp, red flag rules
Posted by Jason Greis on December 8, 2008 under Articles |
On October 22, the FTC announced that enforcement of its Identity Theft Red Flag Rules, originally scheduled to begin November 1, 2008, will now be delayed until May 1, 2009. The reason for the delay is that many entities, including health care providers, have been uncertain or even unaware of their coverage under the Rules until this point. The extension will allow covered entities more time to comply with the mandate to create and implement a written identity theft prevention program. The FTC is also planning to provide additional guidance as to Rules themselves and to which entities the Rules apply, but no date has been provided for this guidance. Read More...
Loading ...
GreisGuide News Feed