Effective on January 1, 2011, physicians are no longer required to comply with certain identity theft protection measures.
For over two years, the AMA (American Medical Association) has argued that physicians do not fall under the category of creditors and should not be held to the regulations of the Red Flags Rule. Due to HIPAA regulations, physicians already have enough requirements to meet that help prevent identity theft.
On December 7, 2010 Congress voted that physicians are excluded from the Red Flags Rule. The term creditor has been determined by Congress to refer only to those entities that use credit reports, provide information to credit reporting agencies or extend credit to consumers.
The FTC (Federal Trade Commission), the governing entity for the Identity Theft Protection Program has updated the materials on it's website to reflect the changes regarding which circumstances in which creditors are covered under the Red Flags Rule. You can visit their website for more detailed information.
Gallegos, Alicia. Congress exempts doctors from "red flags" rule American Medical News 14 March 2011