Specialty societies seek to enter "red flags" lawsuit against FTC

Washington -- The Council of Medical Specialty Societies has filed a motion to intervene in a pending case to prevent the Federal Trade Commission from applying the "red flags" identity theft rule to physicians.

The regulation requires entities that regularly extend credit to establish formal policies for detecting and preventing identity theft. The council said compliance with the rule imposes a significant burden on physicians, particularly doctors who operate independent practices or work in small groups.

"Adhering to the policies of the red flags rule would substantially drain the financial resources of physicians, particularly those whose support systems are limited," said Norman Kahn, MD, executive vice president and CEO of CMSS, which filed the motion on Aug. 17.

The American Medical Association and two other physician organizations sued the FTC on May 21 to block it from subjecting doctors to the rule. The AMA filed the lawsuit through the Litigation Center of the American Medical Association and the State Medical Societies. It was joined by the American Osteopathic Assn. and the Medical Society of the District of Columbia.

The FTC has taken the position that physicians are "creditors" under the law. Although the ID theft policy requirements are technically in effect, the FTC has said it will not enforce them against physicians until Jan. 1, a deadline that has been extended numerous times.

The commission also has said it will not enforce the red flags rule against any members of the physician organizations that filed the lawsuit until a separate suit brought by the American Bar Assn. against the FTC is resolved. A court in December 2009 said lawyers cannot be considered creditors under the red flags statute, but the FTC is appealing that decision. The commission did not immediately say whether the same enforcement delay would apply to members of the specialty societies if they are permitted to join the physician lawsuit.

Although doctors have acknowledged that medical identity theft is a growing concern for patients and physicians, they said the added regulation duplicates existing laws.

"Physicians are already ethically and legally responsible for ensuring the confidentiality and security of patients' medical information," said AMA President Cecil B. Wilson, MD. "The extensive bureaucratic burden of complying with the red flags rules outweighs any benefit to the public."

The Council of Medical Specialty Societies represents 34 member societies.