Recently the Federal Trade Commission (FTC) announced that all municipalities would be required to develop and implement written identity theft prevention programs, as part of the Fair and Accurate Credit Transactions (FACT) of 2003. While these requirements were meant for Financial Institutions and Credit Card Companies, a small provision within the regulations requires municipalities that provide services in which payment is ?deferred? to adopt these same requirements.  The effective date for implementation is May 1, 2009.

As a subcontractor to municipalities, EMSMC has implemented an Identity Theft Policy to fully comply with these regulations.  The HIPAA Regulations for privacy and security are in most cases more extensive than the Red Flag Rules; therefore, many of the provisions of this policy will overlap the existing HIPAA safeguards.

A link to the FTC Website for additional information is:  http://www.ftc.gov/opa/2008/10/redflags.shtm  

EMSMC will be happy to share their Identity Theft Policy/Red Flag Compliance for inclusion in the municipality policy.

Please feel free to contact us if you have any questions related to these new regulations.