|
 |
FTC "Red Flag Rules" - Strategies for Compliance with the Hospital Identity Theft Program
Webinar
November 11, 2008
Time: 12-2 p.m. CENTRAL TIME
Register for this event online:
November 11, 2008 ($295 per line)
Program Description
The Federal Trade Commission, the Federal Reserve and other financial regulatory agencies are phasing in new rules for institutions, such as banks, credit unions, and hospitals that govern their detection of, response to, and prevention of identity theft. By November 1, 2008, hospitals must have an identity theft prevention program that has been approved by its board of directors or an appropriate committee of the board. Overall, the "Red Flags Rules" are designed to detect, prevent and mitigate identity theft, in particular with regard to the patient accounts that the hospital maintains. In general, this program is designed to detect "Red Flags" defined as a "pattern, practice, or specific activity that indicates the possible existence of identity theft." The program must be updated periodically. Risk assessment of the covered patient accounts must be conducted with particular consideration of how those accounts are opened, accessed and any previous experience that the institution has had with identity theft. The approved plan must contain certain elements and provide for continued administration by either the board, a committee of the board or a designated employee in senior management to oversee, develop, implement and administer the Program. Notably, the "Red Flags Rules" can include existing policies and procedures to prevent patient identity theft.
In preparing this program, the presenter drafted template documents for hospitals to consider in designing their identity theft program. The program must be tailored to the hospital's specific risk, based on historical experience with identity theft. Since each hospital should have its own policies, the information is offered as guidance for illustrative purposes only. The templates to be provided focus on possible "Red Flags" associated solely with patient accounts, although it is possible that a hospital has other financial accounts that could be used for improper purposes of identity theft.
Program Topics: (Templates for the required policies and procedures will be provided.)
-
"Red Flags Rules" - what is and what is not required by November 1, 2008
- Board resolution approving program and providing administrative oversight
- Overview of the identity theft program
- Required training, reporting, and administrative requirements under the rules (Sample training and reporting forms will be included. Also, because the regulations contemplate that oversight of this program extend to service provider contracts, sample boilerplate language that could be used in certain contracts associated with maintaining the patient accounts will be provided.)
- Identification, detection and response to "Red Flags"
- Suspicious activities of medical identity theft
Who Should Participate
Chief Executive Officers
Chief Operating Officers
Chief Financial Officers
Chief Nursing Officers
Chief Medical Officers
Board of Trustee members
Compliance Officer
Patient Financial Services personnel
Privacy and Security Officer
Hospital Legal Counsel
Faculty
Tracy Field, Partner, Arnall, Golden, Gregory, LLP
Tracy Field is an attorney in the Healthcare and Life Sciences Practice Groups at Arnall, Golden, and Gregory. She counsels health care providers regarding HIPAA and other federal laws affecting their operations. Also, she assists providers and life sciences companies with FDA and reimbursement issues. Field has presented and published on various health care legal topics. In 1993, she received her J.D. from Emory University School of Law.
The views expressed by the speaker do not necessarily reflect the policies or opinions or the Wisconsin Hospital Association.
Registration Information
Fee
$295.00 for one phone line per site
Please register only one name per connection.
Additional phone lines will be billed at $295.00 each.
How the Webinar Will Work
Dial-in instructions, on-line login instructions and any other reference materials will be emailed to each registrant approximately three days prior to the conference. If you do not receive them by this date, please email lgeishirt@wha.org.
It is the responsibility of the registrant to access presentation materials prior to the day of the event. If your e-mail address changes, you do not receive an e-mail with instructions from WHA, or if you are unable to open presentation materials, please contact Lisa Geishirt at WHA two days prior to the event to allow time to address the issue.
Substitution, Transfer and Cancellation Policy
Cancellations received in writing up to five business days prior to an event will be given a full refund less a $50 processing fee. No refunds will be given for cancellations received less than five business days prior and day-of-program no-shows. Substitutions are accepted.
Register for this event online:
November 11, 2008 ($295 per line)
|
|
|
