Unique patient setting carries certain risks and responsibilities. The elements of your identity theft prevention plan may be a little different in the home care setting, but the Red Flags Rule requirements that take effect May 1 still most likely apply to you as a home care provider, notes attorney "I have not seen anything that would indicate an exemption," agrees attorney Ross Lanzafame with Harter Secrest & Emery in Rochester, N.Y. The risk of identity theft may be lower for your patients because you see them in their homes,but a low-risk business model won't let you off the hook for the rule's requirements, the Federal Trade Commission notes on its Web site. "If identity theft isn't a big risk in your business, complying with the Rule should be simple and straightforward, with only a few red flags," the FTC says. "But even a low-risk business needs to have a written Program." Focus On Admission Process Prioritize: In home care, most of the ID theft risk will be present during the intake process,says attorney Robert Markette Jr. with Gilliland & Markette in Indianapolis. That's because home care providers generally have an ongoing relationship with the patient. "Once you admit a patient, you're in their home and get to know the patient well," Markette explains. That means your ID theft prevention plan and practices should focus most of your resources during that initial period, Markette advises. Good idea: Asking patients for documentation such as their driver's licenses as well as their insurance or Medicare cards is good practice,Lanzafame suggests. "Although we always hate to add even one more task to the large number of tasks that admission nurses must accomplish, it seems appropriate under the new rule" to ask for IDs during the initial visit, Hogue says. And don't just stop at the basics, counsels attorney Marie Berliner with Lambeth & Berliner in Austin, Texas. More than any other type of provider, home care providers "will be in a unique position to view personal documents including not only ID cards, driver's licenses, and social security cards, but also insurance information, medical records or orders left in the home, names and ID numbers on prescription medications and physician orders, etc.," Berliner tells Eli. "A quick confirmation that all of the patient identifying information presented matches up is, therefore, possible." Checking for discrepancies between the patient's description in your referral information and the patient herself, plus information in her documentation,is an important red flag step, Markette adds. Don't forget: Just because the highest risk is during the intake process doesn't mean you can ignore ID theft red flags once the patient is on your service. For example, a patient who can never seem to find their ID or insurance card may be a red flag, Lanzafame offers. The reason for not producing the documents may be innocent, but it's your responsibility to determine the legitimacy of the reason,Markette suggests. Or you might receive notice indicating that a legitimate patient of yours is having her identity stolen and used elsewhere. For example, a patient you're seeing could have another home care episode pop up in a different part of the country. Stay tuned: The FTC is maintaining that the Red Flags Rule applies to health care providers, but many of those providers don't agree, Markette points out. Watch for provider groups with deep pockets and substantial influence, such as hospitals or physicians, to challenge the FTC's interpretation of the rule in the future. But for now, behave as though you are covered,he advises.