Moving slower than government efforts to control the gulf oil spill, the Feds have again delayed enforcement of the FTC Red Flag for the fifth time since the original deadline of November 2008.  The deadline has now been extended until December 31, 2010.

Under the Red Flags Rule, a creditor is required to develop and implement a written identity theft detection and prevention program that is intended to prevent an identity thief from using another individual's personal information to open a new account or otherwise fraudulently obtain goods and services.

The American Medical Association (AMA) and other organizations have fought the laws arguing that they are not creditiors.  The FTC has taken the position that a physician who regularly defers collection of a portion of the fee at time of service falls within the definition of "creditor" and that medical identity theft represents a growing threat that has implications for consumers beyond those of financial identity theft.

AMA, along with the American Osteopathic Association and the Medical Society of the District of Columbia, filed suit in the U.S. District Court for the District of Columbia on May 21, 2010,  have all sought to have the courts block application of the law to physician practices, while a bill sits in Congress to exempt practices with fewer than 20 employees. The organizations are hoping for a sympathetic court following the DC District's previous ruling blocking the enforcement of the Red Flag rules against attorneys.