FTC Delays Enforcement of Red Flags Rule | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

FTC Delays Enforcement of Red Flags Rule

June 1, 2010
by root
| Reprints

At the request of several Members of Congress, the Federal Trade Commission is further delaying enforcement of the “Red Flags” rule through December 31, 2010, while congress considers legislation that would affect the scope of entities covered by the rule.

The Rule was developed under the Fair and Accurate Credit Transactions Act, in which Congress directed the FTC and other agencies to develop regulations requiring entities that have “covered accounts,” such as financial institutions and health care providers, to implement written identity theft programs that isolate “red flags” indicating identity theft.

The rule became effective on January 1, 2008, with full compliance originally required by November 1, 2008. Numerous delays had resulted in delaying enforcement until June 1, 2010.

This announcement and the release of an Enforcement Policy Statement do not affect other federal agencies’ enforcement of the original November 1, 2008 deadline for institutions subject to their oversight to be in compliance.

The Health IT Summits gather 250+ healthcare leaders in cities across the U.S. to present important new insights, collaborate on ideas, and to have a little fun - Find a Summit Near You!


See more on