In an attempt to combat a problem that does not exist, the FTC, has implemented rules that go into effect on August 1, 2009, requiring attorneys to have a written plan to identify and respond to red flags that indicate possible identity theft. Certainly these rules make sense for certain industries. However, I would challenge the FTC to provide me with an example of any situation in which identity theft was an issue with an attorney that “extended credit” to a client by allowing the client to time to pay their bill.
Certainly identity theft is a problem in today’s world. However, if we focus our efforts on making sure that identity theft does not occur in lawyer’s offices or doctor’s offices, I think we are going to be wasting a whole lot of effort with no reward.
Never one to allow reason to stand in the way of implementing a rule, however, the FTC has decreed that the rule applies to attorneys who allow their clients time to pay their bills. Thus, as of August 1, 2009, your office likely needs to have a written Identity Theft Prevention Program in place.
You havea couple of options to make compliance with this ridiculous rule as painless as possible. First the FTC has a site explaining the rule and linking to a PDF that helps you create your own program. Additionally, Jim Calloway has a great post that details the types of things that an attorney should consider in implimenting their written Identity Theft Prevention Program. To give further credit where due, much of what Jim has to say comes from Judith D. Equels, Director of The Florida Bar’s Law Office Management program.
Regardless, check out Jim’s post and c0mplete your program before the due date arrives.