FTC Again Delays Enforcement of 'Red Flags' Rule -- This Time Until Nov. 1

The Federal Trade Commission, or FTC, announced in a July 29 news release that it has once again delayed enforcement of a regulation known as the Identity Theft "Red Flags" Rule, pushing the deadline back to Nov. 1.

The rule is an antifraud regulation administered by the FTC that requires financial institutions and creditors -- including physician practices -- to develop and implement written identity theft prevention programs as part of the Fair and Accurate Credit Transactions Act of 2003 (62-page PDF; About PDFs).

Originally, physician practices and other entities covered under the rule were to come into compliance on Nov. 1, 2008; the FTC subsequently extended that deadline to May 1, 2009, and then to Aug. 1.

The FTC now says the new Nov. 1 deadline will permit the commission to further increase its efforts to educate businesses about the rule by providing more resources and compliance guidelines.

The Academy has developed an online resource to help FPs comply with the regulation. Physicians also may find the FTC's Red Flags Web site useful.