Precision.BI

June 2009

Table of Contents

Precision.BI Solution Utilized to Study Improvement of Patient Care

PBI Expands Training

Client Spotlight: University of Minnesota Physicians

SQL Tips and Tricks

Dashboard Design

What's New
V4 Hotfix to be Released in June, PresentationCenter Release Schedule, New Additions to the PBI Team

Industry News-New "Red Flag Rules" Apply to Physician Offices

Object Performance

 

Contact Us

Main Office Phone Number
610-927-9344

Main Fax Number
610-927-9343

Support Email
customer.care@precisionbi.com

Website
www.precisionbi.com

Comments or questions about the newsletter – contact Brenda Millar at bmillar@precisionbi.com

 

 

 

 

 

New "Red Flag Rules" Apply to Physician Practices

By Carmen Walters, RN
Compliance and HIPAA Officer

The Federal Trade Commission (FTC) has promulgated rules requiring physicians to implement written policies to help prevent identity theft. Any physician’s office that extends, renews, or continues credit for a patient (i.e., any practice that bills patients for services rendered) is subject to the Red Flag Rules. Although you may first bill an insurance carrier, if you ultimately bill a patient for any portion of a bill, you are considered a creditor subject to the Rules. Healthcare entities have a responsibility to monitor and oversee employee access to data. The Rules were originally set to be enforced effective May 1, 2009. The deadline has now been extended to August 1, 2009. In order to comply with the Rules, you must develop a program that allows you to:

Identify relevant Red Flags & Detect Red Flags
Your program must spell out how it will be administered and must be appropriate to the size and complexity of your practice and be approved by the senior member of the office.

What is a “Red Flag”?
A Red Flag is basically something that should alert your practice to suspicious activity that may indicate identity theft. The FTC guidelines identify five (5) categories of warning signs that must be identified and addressed:

-Alerts, notifications, or warnings from a consumer reporting agency or a service provider (a service provider is a person or entity which performs services on your covered accounts)
-Suspicious documents
-Suspicious personal identifying information
-Suspicious activity relating to a covered account
-Notices from customers, victims of identity theft, law enforcement authorities, or other entities about possible identity theft in connection with covered accounts.

How are “Red Flags” Detected?
Red Flags may be detected when you verify a patient’s identity, review medical records, verify insurance forms, or receive alerts or information of suspicious activity from outside agencies.

How do I Prevent and Mitigate Identity Theft?
The regulation require the development of a written program to include appropriate responses for the prevention of identity theft .

How Often Must I Update My Program?
The Rules simply require that you update your program “periodically.” However, your program should specify that it will be updated periodically to reflect changes in risks to patients resulting from changes in the methods used to engage in identity theft.

Keep in mind that not only identity theft risk is being identified, but also inappropriate access to protected health information (PHI) under HIPPA privacy and security rules.

For more information, please access the Federal Trade Commission at website www.ftc.gov.


 

 

 

 
 
 
Origin Healthcare Solutions