Despite strong lobbying by the ADA and other dental groups and proposed legislation exempting dentists and other small businesses from the U.S. Federal Trade Commission's (FTC) Red Flags identity-theft rules, it appears dentists will have to comply with the rules when they go into effect November 1.
For now, anyway.
HR 3763, which amends the Fair Credit Reporting Act to provide for an exclusion from the guidelines for healthcare practices and law and accounting firms with 20 or fewer employees, passed the House of Representatives last week and is now before the Senate's Banking, Housing, and Urban Affairs Committee. But a spokesperson for the committee told DrBicuspid.com today that no action will be taken on the bill before November 1 and that there is currently no timetable for Senate consideration of the bill.
"It could be a month or many months," he said.
A lawsuit filed in August by the American Bar Association against the FTC over the inclusion of lawyers in the rules could speed things along, however. A federal court today ruled that lawyers are exempt from the rules, which could set a precedent for the dental community as well.
In the mean time, it isn't clear what dentists should do at this point. Under the rules, businesses that accept deferred payments from clients must create written policies outlining how they will prevent, detect, and address identity fraud. The ADA has estimated that the average cost to implement and manage a Red Flags program will be at least $600 per dental office, or $80 million for 130,000 dental offices.
The ADA has also developed compliance guidelines and sample policy and procedure documents for use by ADA members.