Red Flag Rule

Red Flag Rule:  Identifies a pattern of behavior or events to indicate a breach of PHI (protected health information) has likely occurred and that identity theft has occurred or is occurring.  An example of this would be inconsistencies between information on file about a patient and identity documents that the patient presents in person.


A Red Flag indicates that identity theft may be occurring or will soon occur.


Red Flag Rule Umbrella Policy: 

·         Must be reviewed at least annually

·         Must be approved by the highest authority in the organization

·         Must require regular program monitoring and that any material changes be approved by senior management.

·         Records retention requirement is 6 years from last effective date.


About Julie

My credentials include a Master's Certificate in Health Informatics, a CHPSE certification (Certified HIPAA Privacy and Security Expert), and certification in HL7 (Health Level 7). The multidisciplinary approach to equipping myself to enter the healthcare IT sector is consistent with my professional background in sales, management, healthcare, and recruiting. I also have a BA in Organizational Psychology from the University of Michigan, which as been invaluable in my professional life for exceling in sales, change management, and laying down an excellent foundation from which I was able to build effective communication skills with professionals of all levels.

Posted on March 14, 2011, in HIPAA and tagged , , , , , , , . Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: