Providers also should note that compliance with the Health Insurance Portability and Accountability Act (HIPAA) does not shield them from complying with the Red Flags Rule. “The Red Flags Rule is really about fraud protection, and HIPAA is more about data security,” said Naomi Lefkowitz of the division of privacy and identity protection at the Federal Trade Commission.
Mary Ellen Schneider contributed to this story.