FTC Delays Identity Theft Rule Yet Again 44
coondoggie sends news that the FTC, at the request of several members of Congress, has delayed enforcement of anti-ID-theft rules — for the fourth time since the original implementation date, November 2008. "The [Red Flags] rule requires financial institutions and other creditors to develop and carry out identity-theft prevention programs. ... The problem with the rule revolves around which entities must comply and develop identity-theft prevention programs. ... 'It's the act of delaying payment for services that can sweep in entities you wouldn't normally think of as creditors,' Kuehn said. Already, the American Bar Association, the American Medical Association, and the American Institute of Certified Public Accountants have sued, saying that the Red Flags Rule shouldn't apply to their members."
ok... (Score:3, Insightful)
why not? do they not have important data that could be used in an identity theft?
Re:AMA objections. (Score:5, Insightful)
If you read the article, it claims that the issue is the Red Flags rule, which is aimed at preventing *misuse* of identification information while accessing services rather than theft of identification from their systems.
This definitely should apply to the medical industry. Or have you not yet heard of people not only getting billed for medical procedures that they have not had, but simultaneously having their medical history corrupted and having their insurance history mangled as well. http://en.wikipedia.org/wiki/Identity_theft#Medical_identity_theft [wikipedia.org]
Just Make it Their Problem (Score:1, Insightful)
Re:AMA objections. (Score:3, Insightful)
Huh? the red flag rules are almost all covered already by HIPAA and Sox. There's immense overlap between them, red flag just applies to a lot more than medical and legal records... Doctors already are required to obey these rules, and most small doctors, due to the cost, already use intermediary companies to handle billing and colelction eliminating them from direct responsibility (and the creditor lablel).
Re:Bad idea in the first place (Score:3, Insightful)
As I understand it, the difference between classic fraud and ID theft is whether or not new credit is established. And the problem isn't so much the money, but the destruction of reputation. Someone steals my credit card number, I just cancel it and don't pay the fraudulent charges. Someone obtains and uses enough information to apply for new credit in my name, I still don't have to pay the bills, but credit reporting agencies list me as a deadbeat; I can challenge the information but the criminals can just keep doing it; I can do little to stop it that doesn't hurt me as well.
Re:Stupid and confusing (Score:3, Insightful)