FTC’s New Red Flags Rules FAQ

Today the US FTC released “Frequently Asked Questions: Identity Theft Red Flags and Address Discrepancies.”
Here are a couple important things to take away from this FAQ…

Who is the FAQ prepared for?
It was created for all entities that must follow the Red Flags Rules; to “assist financial institutions, creditors, users of consumer reports, and card issuers in complying with the final rulemaking on Identity Theft Red Flags and Address Discrepancies implementing section 114 of the Fair and Accurate Credit Transactions Act of 2003 (FACT Act).” Note that many/most healthcare providers fall under the Red Flags Rules.
What is “identifying information”?

“The FTC defines the term “identifying information” to mean:
any name or number that may be used, alone or in conjunction with any other information, to identify a specific person, including any-
1) Name, social security number, date of birth, official State or government issued driver’s license or identification number, alien registration number, government passport number, employer or taxpayer identification number;
2) Unique biometric data, such as fingerprint, voice print, retina or iris image, or other unique physical representation;
3) Unique electronic identification number, address, or routing code; or
4) Telecommunication identifying information or access device (as defined in 18 U.S.C. ยง 1029(e)).”

If you think you MIGHT be a covered entity under the Red Flags Rule, READ THIS FAQ!

Tags: , , , , , , , , ,

Leave a Reply