Optum360 coding books logo
    Contact Us   (7 a.m.–7 p.m. CST)
  Home > Coding Central Articles > Coding Central Articles  
Coding Central
Coding Central Home
Inside Track to ICD-10
Coding Central Articles
Code This!
Case Studies
Chargemaster Corner

Articles for:
January 25, 2018

Four Tests Added to List of CLIA Waived Tests

In early January, the Centers for Medicare and Medicaid Services (CMS) announced new waived tests... Learn More

New and Revised Vaccine Codes Added to 2018 CPT Code Book

The American Medical Association (AMA) added and revised several vaccine CPT codes for its 201... Learn More

OIG Recommends Measures for Curbing Opioid Misuse and Fraud

Office of Inspector General testimony before the House Committee on Ways and Means in January ... Learn More

View Article Archive

To subscribe, paste this link into your preferred feedreader, or click on one of the buttons below:

Medical Coding News Archives

AMA Seeks to Block Red Flag Rule

June 10, 2010:

The American Medical Association (AMA), in conjunction with the American Osteopathic Association (AOA) and the Medical Society of the District of Columbia, has filed a suit in federal court seeking to block the Federal Trade Commission (FTC) from imposing the “red flag” rule on physicians.

The suit alleges that the FTC is unfairly placing physicians under the same regulations as banks, credit card companies, and mortgage lenders.

The red flag rule enforced by the FTC has been effective since January 1, 2008, but on May 28, 2010, the FTC announced it was delaying enforcement of the rule through December 31, 2010. Physician offices have until then to implement a written identity theft prevention program aimed at identifying warning signs—or red flags—for possible theft. The FTC states that the red flag rules will help to head off identify theft and prevent its escalation. The delay action was taken at the request of members of Congress who plan to consider legislation that would modify the scope of entities currently covered by the rule. In the event that Congress passes legislation prior to the December 31, 2010, date, the FTC will begin enforcement as of that effective date.

Many people mistakenly believe that the red flag rule applies only to banks, credit unions, or savings and loan organizations. In fact, the rule applies to any organization that is a creditor or “any entity that regularly defers payments for goods or services or arranges for the extension of credit.” A key indication that someone is considered a creditor is if he or she bills patients after providing services. Entities not run as cash-only businesses probably extend some form of credit. This includes balance billing after insurance has paid or helping patients obtain financial help to pay off medical debt.

As stated under the FTC Articles for Business, the following are not subject to the red flag rule:

  • Providers who accept payment from Medicaid or similar programs under which the patient has no responsibility
  • Providers who require payment in full at the time of service by check, cash, or credit card

The second key indicator of a creditor is a practice that provides “covered accounts.” Such accounts are defined as consumer accounts that may be settled in more than one payment or transaction. Other accounts or transactions that may be at risk for identity theft are also included.

Practices subject to the Red Flag Rule must incorporate the following four steps into their policies and procedures:

  • Determine any red flags (possible identity theft).
  • Identify red flags within your patient accounts.
  • Take appropriate actions.
  • Monitor and update policies and procedures related to red flags regularly.

Practices should implement a fraud prevention or security program with policies and procedures to recognize possible identity theft in their day-to-day operations. Policies and procedures should clearly identify what steps are to be taken when the practice is notified of a possible identity theft. Some of the red flags the FTC identifies as related to physician practices are discussed below.

Suspicious documents: Identification documents should be reviewed carefully. Look for alterations and obvious forgeries, and compare photo identification with the patient presenting the documents. Can the patient verbally confirm the information on file such as birth date and chronic conditions? Additional information may be requested to confirm the validity of the documents.

Suspicious personally identifying information: Information submitted by the patient that is inconsistent with information from other sources may trigger a red flag. Home address, employment, birth date, enrollment number, or Social Security number may be a red flag when the information is different from what is on file or what was provided by an insurer or employer.

Suspicious activities:

  • Repeated returned mail from an address of a patient who continues to seek treatment, or who verifies the address as being correct.
  • Patients who complain about a bill for services they did not receive.
  • Inconsistency between patient history and physical exam and prior treatment records. For example, a clinical exam finds that a previously noted tattoo or scar is missing.

Notices from victims of identity theft, law enforcement authorities, insurers, or others suggesting possible identity theft: If you receive such a notice, it is important to cooperate in recognizing and verifying the theft.

Failing to comply may result in monetary penalties and injunctive relief. Currently, civil cases will be filed in federal court and the penalty is set at $3,500 per violation. Note that “each instance in which the company has violated the rule is a separate violation.” The injunctive relief requires the company to verify compliance through reports, documents, and other steps demonstrating compliance.

Deborah C. Hall
Clinical/Technical Editor


Sign in to
Your Account
Forgot your username?
Forgot your password?
Don't have an account?
It's easy to create one.
Promo code

Have a promotional source code? Enter it here:

What is this?