The Federal Trade Commission (FTC) published guidance to help organizations comply with the May 1 enforcement deadline on the Red Flags Rule, which forces hospitals to implement a documented identity theft prevent program.
The report offers four steps to complete compliance with the rule:
- Include reasonable policies and procedures to identify the “red flags” signaling potential identity theft
- Design your program to detect red flags that you have identified
- Spell out appropriate actions you’ll take when you detect red flags
- Address how you will re-evaluate your program periodically