Presentation is loading. Please wait.

Presentation is loading. Please wait.

© Chery F. Kendrick & Kendrick Technical Services.

Similar presentations


Presentation on theme: "© Chery F. Kendrick & Kendrick Technical Services."— Presentation transcript:

1 © Chery F. Kendrick & Kendrick Technical Services

2 Presented by: Dr. Chery F. Kendrick Kendrick Technical Services © Chery F. Kendrick & Kendrick Technical Services

3  Define the Red Flag Rule  Identify who must comply and why  Identify risks for and ways to prevent, detect or minimize the effects of identity theft  Discuss a compliance program to address risks and respond to flags © Chery F. Kendrick & Kendrick Technical Services

4  Identifies Risk Factors  Discusses Protective Measures  Discusses Fraud Alerts  Presents Simplified RFR Form Packages © Chery F. Kendrick & Kendrick Technical Services

5 The Red Flag Rule is a relatively new rule developed by the FTC (Federal Trade Commission) to help prevent identify theft and credit card fraud © Chery F. Kendrick & Kendrick Technical Services

6 Could this apply to you? YES! The FTC ruled medical practitioners must comply © Chery F. Kendrick & Kendrick Technical Services

7 … and all patients pay in full at time of service, you likely will not have any Red Flag Rule issues. However, if you extend credit, bill patients, set up payment plans, or file insurance claims the RFR does apply to your practice. © Chery F. Kendrick & Kendrick Technical Services

8  We are considered creditors when we allow patients to pay over time or accept credit applications on their behalf, for example, through CareCredit or through their insurance.  Thus, we must have a program to address the risk of identity theft, and train employees. © Chery F. Kendrick & Kendrick Technical Services

9  It’s not HIPAA- the RFR protects financial information not medical info  Specifically for protection of consumers (that would be our patients) from identity theft  HIPAA policies can overlap with the RFR in terms of identity protection (such as Social Security Numbers) © Chery F. Kendrick & Kendrick Technical Services

10

11  Designate a Privacy Officer, (for example, your Safety Officer or Practice Manager)  Determine potential risks in your front office, billing and record keeping procedures (use checklist)  Have a written protocol on file (use RFR policy) © Chery F. Kendrick & Kendrick Technical Services

12  Protecting the practice and its patient’s information is everyone’s concern from the front desk to the exam rooms to treatment areas and labs. All areas,all personnel need to be made aware.  The Red Flag Rule also requires that we notify all suppliers, tech support, cleaning crew, et al that their adherence to the Red Flag Rule compliance program is required © Chery F. Kendrick & Kendrick Technical Services

13  That’s where I come in ◦ As a regulatory specialist I understand your time constraints and “one more government regulation” to follow ◦ I have developed the tools you need ◦ RFR policy ◦ RFR Checklist ◦ RFR Training Programs ◦ It’s that simple © Chery F. Kendrick & Kendrick Technical Services

14  Go over the risk assessment checklist (next slide)  Read the RFR policy  Set up training for management and all employees  Send notification to vendors and suppliers  Review policy and training annually © Chery F. Kendrick & Kendrick Technical Services

15  Has the clinic ever had a case of identity theft?  How do you protect patient’s personal information when transmitting payments or dealing with outside service providers such as insurance companies or pharmacies? © Chery F. Kendrick & Kendrick Technical Services

16  New Patient forms – what personal information do you collect?  DL#? SS#? Credit Card#?  When a patient calls for refill of meds, how is that billed? Account info accessed? How is file and info protected?  Secondary vendors: what information do they receive about patient?  Do vendors have own RFR protocol? © Chery F. Kendrick & Kendrick Technical Services

17  All employees should be trained on the RFR compliance policy  As with all training there should be an annual review  New employees should have RFR training © Chery F. Kendrick & Kendrick Technical Services

18  Employee records SSN Medical information Checking acct info for direct deposits Payroll information  Clinic Information Medical license numbers Credit card numbers Bank records © Chery F. Kendrick & Kendrick Technical Services

19  Beware of what you put in the trash un-shredded. Thieves use contents of trash containers to steal identities.  Shred all messages or notes with information about personal records such as addresses, and billing info.  Don’t forget electronic media: shred discs, clear out files before disposing of computer. © Chery F. Kendrick & Kendrick Technical Services

20

21  On completing your Red Flag Rule training  Main Points:  1) Guard personal information collected  2) Be careful with credit applications  3) Be vigilant and report suspicious activity  4) Review Red Flag Rule Protocol  5) Train new employees on Red Flag Rule © Chery F. Kendrick & Kendrick Technical Services

22 Call “Doc Chery” Dr. Chery F. Kendrick Regulatory Specialist Kendrick Technical Services © Chery F. Kendrick & Kendrick Technical Services

23 Dr. Chery F. Kendrick Regulatory Specialist © Chery F. Kendrick & Kendrick Technical Services


Download ppt "© Chery F. Kendrick & Kendrick Technical Services."

Similar presentations


Ads by Google