First attorneys got themselves exempted. Physicians then jumped in on sought a similar court order, and now accountants have succeeded in getting a judge to free them from the upcoming implementation of the Red Flags Rule, which requires companies to set up procedures to prevent identity theft.
The Red Flags Rule is part of the Fair and Accurate Credit Transactions Act (FACTA), which Congress passed in 2003. The rule requires financial institutions and creditors, including CPAs who bill clients, to develop and implement a written identity theft prevention program to protect customers’ personal information.
The rule was originally intended to take effect on Nov. 1, 2008, but has been delayed three times by the FTC (Federal Trade Commission) and is now scheduled to take effect on June 1, 2010.
The American Institute of CPAs (AICPA) filed suit in November to piggyback on the success of the attorneys’ American Bar Association (ABA) case.
Voila. The U.S. District Court for the District of Columbia in March granted their wish, but its decision is pending the D.C. Circuit Court’s review of an appeal on the ABA case.
In short, if that court allows the attorney exemption, the accountants will get theirs as well.
For the rest of American business without deep-pocket associations to fend for them, the Red Flags Rule looms large.
You can simplify your preparation and implement of your own proactive Red Flags Rule, get a copy of Personnel Concepts Workplace Identity Theft Prevention Kit.