For the fifth time since November 1, 2008, the FTC has delayed enforcement of the Red Flag Rules, which seeks to require any “creditor” that has “covered accounts” to develop and implement written identity theft prevention programs. Due to the frenzy of litigation from groups including the American Bar Association, the American Medical Association, the American Osteopathic Association, and the Medical Society for the District of Columbia, the FTC delayed the compliance deadline through December 31, 2010, while Congress considers legislation that would affect the scope of entities covered by the Rule.

In addition, on June 25, 2010, the FTC and AMA reached a joint stipulation that the Rules will not be enforced against any AMA or state medical society members engaging in the practice of medicine until the U.S. Court of Appeals for the District of Columbia renders its decision in the appeal brought by the FTC against the ABA. The Court has previously enjoined application of the rule to attorneys, finding the FTC overstepped its regulatory authority. The AMA has cited many of the same arguments used by the ABA in its lawsuit to enjoin enforcement against physicians.

What this means for physicians and other medical professionals engaging in the practice of medicine is that it is unlikely the Rule will be applicable to them by December 31, even if the FTC decides to finally to stop extending the enforcement date.

The author, James R. Bullard, may be contacted at jbullard@dsda.com