COBRA: Employee health coverage continuation

• COBRA allows former employees or family members to continue health coverage under the employer’s group health plan for up to a maximum of 18 months.
• The continuation of coverage is only available if the employee is terminated, retires, suffers a reduction in hours worked (making the employee ineligible for coverage), is in-between jobs, dies, or becomes divorced.
• Group health plans for employers with 20 or more employees on a typical business day in the previous calendar year are subject to COBRA.

The Consolidated Omnibus Budget Reconciliation Act (COBRA) amended the Employee Retirement Income Security Act (ERISA), the Internal Revenue Code, and the Public Health Service Act to provide continuation of an employee’s group health insurance coverage that otherwise might be terminated.

When is COBRA available?

COBRA applies to group health insurance plans maintained by private-sector employers and sponsored by most state and local governments. Under COBRA, former employees (or retirees) or their families (spouses, former spouses, and dependent children) who may lose employer-based health insurance coverage may be able to continue the coverage under the employer’s group health plan for up to 18 months. However, exceptions to this time limit may apply to disabled individuals and family members. Additional rights may be granted under state law.

This continuation of coverage, however, is only available when coverage is lost due to certain specific events, such as:

• Voluntary or involuntary job loss
• Reduction in the hours worked
• Transition time while unemployed
• Death
• Divorce

Employers subject to COBRA

Employers with 20 or more employees are usually required to offer COBRA coverage and to notify their employees of the availability of such coverage.

Group health plans for employers with 20 or more employees on a typical business day in the previous calendar year are subject to COBRA. Both full-time and part-time employees are counted to determine whether a plan is subject to COBRA. Each part-time employee counts as a fraction of an employee, with the fraction equal to the number of hours that the part-time employee worked divided by the hours an employee must work to be considered full-time.

COBRA premiums

Group health coverage for COBRA participants is usually more expensive than health coverage for active employees, since usually the employer pays a part of the premium for active employees while COBRA participants generally pay the entire premium themselves (up to 102 percent of the premium is allowed).

ERISA governs group health plans

Group health plans sponsored by private-sector employers generally are welfare benefit plans governed by ERISA and subject to its requirements for reporting and disclosure, fiduciary standards, and enforcement. ERISA requires that these plans have rules outlining how workers become entitled to benefits. Link to ERISA requirements

HIPAA portability

• HIPPA prohibits discrimination against employees and dependents in enrollment and premiums based on “health factors,” such as preexisting conditions, claims experience, and genetic information.
• HIPPA provides individuals a SEP to enroll in a new plan due to loss of other health coverage or other qualifying life event trigger.
• Life events that may trigger a SEP include loss of other health coverage, marriage, birth, adoption, or placement of a child for adoption.

In general, the Health Insurance Portability and Accountability Act (HIPAA) improves portability and continuity of health insurance coverage by requiring employer group health plans and group health insurance issuers to:

• Prohibit discrimination against employees and dependents in enrollment and premiums based on “health factors,” (i.e., preexisting conditions, claims experience, and genetic information); and
• Provide individuals a special enrollment period (SEP) to enroll in a new plan under certain circumstances, such as loss of other health coverage, marriage, birth, adoption, or placement of a child for adoption.

The employee must request the SEP within 30 days of the loss of coverage or life event triggering need.

Preexisting condition exclusions

The Affordable Care Act (ACA) has prohibited all preexisting condition exclusions since 2014.

Employer wellness programs

The ACA and HIPPA also prohibit discrimination based on health factors in an employer wellness program that are related to group health plan coverage. For example, programs that encourage employees to stop smoking, exercise, or reach a target cholesterol level must be designed to promote good health and not to collect health information on an employee or family member to shift more of the cost of health insurance to the employee.

Special enrollment period (SEP)

HIPAA allows individuals who previously declined to enroll in an employer’s health plan to enroll outside of the plan’s annual enrollment period (AEP) in certain special circumstances.

For example, if an employee declines employer health coverage because a spouse’s employer already provides coverage for the family, and then the spouse’s coverage is lost, HIPPA requires that the employer’s plan and issuer permit the employee to enroll in available coverage without having to wait for the next AEP. This is called a SEP.

HIPAA privacy and security

• Health care plans (including employer group plans), health care clearinghouses, and medical care providers (collectively referred to as “covered entities”) must protect the privacy and security of an individual’s PHI.
• If a “covered entity” engages a “business associate” to help carry out its health care activities and functions, the covered entity must have a written contract with the business associate or other arrangement that sets forth what the business associate has been engaged to do and requires the business associate to comply with the HIPPA requirements to protect the privacy and security of PHI.

HIPAA has privacy and security regulations that have an impact on employers’ health care plans. Plans (or those responsible for them — but not the sponsor/employer) must protect the privacy of protected health information (PHI). The privacy regulations also give individuals the right to access and amend their PHI, and to request an accounting of the uses and disclosures of their PHI.

Who is covered by the privacy and security provisions?

HIPAA’s privacy and security rules affect most “covered entities”and their “business associates.”

Covered entities are defined in the HIPAA rules as (1) health plans, (2) health care clearinghouses, and (3) medical care providers who electronically transmit any PHI in connection with transactions for which the U.S. Department of Health and Human Services (HHS) has adopted standards. Covered entities include:

• Health plans — This includes health insurance companies, health maintenance organizations (HMOs), company/health plans, and government programs that pay for health care, such as traditional fee-for-service Medicare (Parts A and B), Medicare Advantage (Part C), Medicare Prescription Drug Plans (Part D), Medicaid, and military and veteran health care programs.
• Health care clearinghouses — This includes entities that process nonstandard health information they receive from another entity into a standard (i.e., standard electronic format or data content), or vice versa.
• Medical care providers — This includes doctors, clinics, psychologists, dentists, chiropractors, nursing homes, and pharmacies, but only if they transmit PHI in an electronic form in connection with a transaction for which HHS has adopted a standard.

If a covered entity engages a “business associate” to help it carry out its health care activities and functions, the covered entity must have a written contract with the business associate or other arrangement that sets forth what the business associate has been engaged to do and requires the business associate to comply with the HIPPA requirements to protect the privacy and security of PHI. Like the covered entities, these business associates are directly liable for compliance with certain provisions of the HIPAA privacy and security rules.

Definitions

For definitions of “covered entity,” “business associate,” and “protected health information,” see the HHS regulations at 45 CFR 160.103.

Exceptions to HIPPA privacy and security rules

There are exceptions — a group health plan with fewer than 50 participants that is administered solely by an employer that established and maintains the plan is not a covered entity and, therefore, not subject to the administrative simplification requirements of the HIPAA privacy and security rules. Certain types of insurance which are not health plans are also exempt, including workers’ compensation, life insurance, car insurance, and property insurance.

Mental health/Substance use disorder parity

• The MHPAEA requires a general equivalence in the way MH/SUD and medical/surgical benefits are treated with respect to annual and lifetime dollar limits, financial requirements, and treatment limitations, if such benefits are provided by large group health plans and health insurance issuers.
• The ACA built on MHPAEA and required coverage of MH/SUD services as one of its 10 EHB categories in non-grandfathered individual and small group plans.
• In 2015, the definition of small employer was amended in the ACA and the Public Health Service Act to mean an employer with 1-50 employees making equivalency rules for MH/SUD services applicable to even smaller group plans.

Legislative history

In 1996, the Mental Health Parity Act (MHPA) provided that large group health plans cannot impose annual or lifetime dollar limits on mental health (MH) benefits that are less favorable than any such limits imposed on medical/surgical benefits.

In 2008, the Paul Wellstone and Peter Domenici Mental Health Parity and Addiction Equity Act (MHPAEA) preserved the MHPA protections and added significant new protections, such as extending the parity requirements to substance use disorders (SUDs). Although MHPAEA requires a general equivalence in the way MH/SUD and medical/surgical benefits are treated with respect to annual and lifetime dollar limits, financial requirements and treatment limitations, MHPAEA did not require large group health plans or health insurance issuers to cover MH/SUD benefits. The law applies only to large group health plans and health insurance issuers that choose to include MH/SUD benefits in their benefit packages.

However, in 2010, the Affordable Care Act (ACA) built on MHPAEA and required coverage of MH/SUD services as one of its 10 essential health benefit (EHB) categories in non-grandfathered individual and small group plans.

In 2015, the Protecting Affordable Coverage for Employees Act amended the definition of small employer in the ACA and the federal Public Health Service Act to mean generally an employer with 1-50 employees, with the option for states to expand the definition of small employer to 1-100 employees.

State vs. Federal oversight

Employment-related group health plans may be either “insured” (i.e., purchasing insurance from an issuer in the group market) or “self-funded.” The insurance that is purchased, whether by an insured group health plan or in the individual market, is regulated by the State’s insurance department.

Group health plans that pay for coverage directly, without purchasing health insurance from an issuer, are called self-funded group health plans. Private employment-based group health plans are regulated by the U.S. Department of Labor. Non-federal governmental plans are regulated by the U.S. Department of Health and Human Services.

State parity requirements

Some states may have mental health parity requirements that are stricter than federal requirements. To view state specific information visit www.ncsl.org, search for “mental health parity” in the search box, and then select “State Laws Mandating or Regulating Mental Health Benefits.”

Newborn’s and Mother’s Health Protection Act

• Health plans and insurance issuers may not restrict the hospital length of stay benefits for a mother or newborn to less than 48 hours following childbirth (or 96 hours following a Cesarean section).
• The mother or newborn may be discharge earlier if a physician or nurse midwife decides, after consultation with the mother, to discharge the mother or newborn earlier.
• The 48- or 96-hour length of stay provision always applies to coverage that is self-insured, but for coverage that is insured, if the state has a law that meets certain criteria, the state law coverage applies.

The Newborns’ and Mothers’ Health Protection Act (Newborns’ Act) and its regulations provide that health plans and insurance issuers may not restrict a mother’s or newborn’s benefits for a hospital length of stay that is connected to childbirth to less than 48 hours following a vaginal delivery or 96 hours following a delivery by cesarean section. However, the attending provider (who may be a physician or nurse midwife) may decide, after consulting with the mother, to discharge the mother or newborn child earlier.

A mother cannot be encouraged to accept less than the minimum protections available to her under the Newborns’ Act and an attending provider cannot be induced to discharge a mother or newborn earlier than 48 or 96 hours after delivery.

If delivery occurs in the hospital, the 48-hour period (or 96-hour period) starts at the time of delivery. If delivery occurs outside the hospital and the woman is later admitted to the hospital in connection with childbirth (as determined by the attending provider), the period begins at the time of the admission.

Type of coverage determines applicable law

The type of coverage provided by the plan (insured or self-insured) and state law will determine whether the Newborns’ Act applies to a mother’s or newborn’s coverage.

• The Newborns’ Act provisions always apply to coverage that is self-insured.
• For coverage that is insured, if the state has a law that meets certain criteria, state law applies to the coverage rather than the Newborns’ Act.

Summary plan description

All group health plans that provide maternity or newborn infant coverage must include the following statement in their summary plan description (SPD) advising individuals of the Newborns’ Act requirements:

• “Group health plans and health insurance issuers generally may not, under federal law, restrict benefits for any hospital length of stay in connection with childbirth for the mother or newborn child to less than 48 hours following a vaginal delivery, or less than 96 hours following a cesarean section. However, federal law generally does not prohibit the mother’s or newborn’s attending provider, after consulting with the mother, from discharging the mother or her newborn earlier than 48 hours (or 96 hours as applicable). In any case, plans and issuers may not, under federal law, require that a provider obtain authorization form the plan or the insurance issuer for prescribing a length of stay not in excess of 48 hours (or 96 hours).”

Plans subject to state law requirements will need to prepare SPD statements describing any applicable state law.

Deductibles and cost sharing

Under the Newborns’ Act, group health plans, insurance companies, or health maintenance organizations (HMOs) may impose deductibles or other cost-sharing provisions for hospital stays in connection with childbirth. This is true only if the deductible, coinsurance, or other cost-sharing for the later part of a 48-hour (or 96-hour) stay is not greater than that imposed for the earlier part of the stay.

• For example, with respect to a 48-hour stay, a group health plan is permitted to cover only 80 percent of the cost of the hospital stay. However, a plan covering 80 percent of the cost of the first 24 hours could not reduce coverage to 50 percent for the second 24 hours.

Older Workers Benefit Protection Act (OWBPA)

• The OWBPA prohibits age discrimination in the provision all employee benefits, including life and health insurance, disability, pensions, and retirement benefits.
• Employers, however, can reduce benefits to older employees when age-based reductions in employee benefit plans are justified by significant cost considerations.

In 1990, the Older Workers Benefit Protection Act (OWBPA) amended the Age Discrimination in Employment Act (ADEA) to make it illegal for an employer to:

• Use an employee’s age to discriminate in the provision of benefits;
• Target older employees in staff reduction efforts; and
• Require older employees to waive their rights without observing certain safeguards.

Benefit protections

The OWBPA prohibits age discrimination in the provision all employee benefits, including life and health insurance, disability, pensions, and retirement benefits. Generally, employers must provide older employees benefits equal to younger employees.

Exceptions — Employers, however, can reduce benefits to older employees when age-based reductions in employee benefit plans are justified by significant cost considerations. For example:

• Employers might avoid discrimination by spending the same amount on the benefit provided to each group, even if older employees receive lesser benefits as a result.
• Employers are also allowed to provide lesser benefits to older employees if the older employees receive additional benefits from the government or the employer that make up the difference.

Women’s Health Rights and Cancer Act

• Federal law does not require individual or group health plans to pay for mastectomies or elective breast reconstruction but if covered then the plan or issuer is subject to the requirements of WHCRA.
• The mastectomy coverage, if provided, must include reconstruction of the breast on which the mastectomy has been performed, surgery and reconstruction of the other breast to produce a symmetrical appearance, prostheses (e.g., breast implant), and treatment for physical complications of the mastectomy (including lymphedema).
• Group health plans and health insurance issuers, including insurance companies and HMOs, are required to notify individuals regarding coverage upon enrollment, and annually thereafter.

The Women’s Health and Cancer Rights Act of 1998 (WHCRA) is a federal law that provides protections to individuals who have had a mastectomy and who elect breast reconstruction in connection with the mastectomy.

The Act (P.L. 105-277) amended the Public Health Service Act (PHS Act) and the Employee Retirement Income Security Act of 1974. The law is administered by the Department of Health and Human Services and the Department of Labor.

This law applies generally both to persons covered under group health plans and persons with individual health insurance coverage. But WHCRA does NOT require health plans or issuers to pay for mastectomies. If a group health plan or health insurance issuer chooses to cover mastectomies, then the plan or issuer is generally subject to WHCRA requirements.

If WHCRA applies to someone, and if that person is receiving benefits in connection with a mastectomy, and that person elects breast reconstruction, coverage must be provided for:

• Reconstruction of the breast on which the mastectomy has been performed;
• Surgery and reconstruction of the other breast to produce a symmetrical appearance;
• Prostheses (e.g., breast implant); and
• Treatment for physical complications of the mastectomy, including lymphedema.

Coverage under WHCRA

Whether WHCRA or a state law that affords the same coverage as WHCRA applies to someone’s coverage will depend on the situation. Generally, WHCRA applies to most group health plans. However, certain plans, such as “church plans” or “governmental plans” may not be subject to this law.

Notice

The WHCRA requires group health plans and health insurance issuers, including insurance companies and health maintenance organizations (HMOs), to notify individuals regarding coverage required under the law. Notification is required upon enrollment, and annually thereafter.

Benefits communication

• Satisfaction with company benefits like health insurance and retirement plans is strongly correlated with an employee’s understanding of these plans.
• Highly visual, consumer friendly, and interactive online tools can be used to drive employees to the right health insurance with the goal of containing costs for both the employer and employee.
• Regarding retirement plans, the goal is to use the same online tools to increase employee participation and assist the employee in attaining a comfortable retirement nest egg.

Benefits can influence turnover and productivity indirectly by having a positive effect on employee buy-in to a company. Companies continue to spend millions of dollars annually on benefits without employees even realizing it. If for no other reason, an employer should be doing everything possible to educate its employees on the value of the benefit plans, as well as how they operate. Employee turnover and lost productivity — both expensive in themselves — can have a great impact on the overall profit of the company.

Two of the most common benefit areas that employees are at a loss to understand, are health insurance and retirement plans. Just the terminology alone can be overwhelming, or to anyone not familiar with benefit plans.

Health care plans

Employers need to educate employees in a way that is clear, concise, and easy to understand. Employers need to develop communications designed to influence opinions and change behaviors — to drive the right employees to the right plans. The goal is to contain health care costs for both organizations and employees and to help employees become good healthcare consumers.

If available, online tools for healthcare education can offer:

• Healthcare selection information,
• Medical cost estimators,
• Consumer Drive Health Plan (CDHP) modeling,
• Flexible Spending Account (FSA) calculators,
• Needs analysis,
• Educational tours of doctors/hospitals,
• Claims status of personal account,
• Account balance (if applicable, i.e., Health Reimbursement Account (HRA)), and
• Current, reliable information on medical conditions and prescription drugs.

Many insurance carriers can now provide a system of unbiased health information and tools that enable users to assess health risks, evaluate treatment options, and learn how to live healthier. Ideally the system would be highly visual, interactive, and consumer-friendly, making it very informative to employees and family members. The content would be current, well-researched, physician-reviewed, and unbiased.

Retirement plans

If available, online tools for retirement plan education can offer:

• Daily valuation of account balance,
• Retirement planning modeling,
• Investment options,
• Prospectus information,
• Beneficiary designations,
• Investment election,
• Deferral percentage, and
• Pension calculator tools.

When it comes to retirement plans, the goal is to increase participation and assist employees in attaining the goal of being able to retire with a comfortable nest egg.

Benefit communication methods

Technology now makes benefits communication a bit easier by providing the means to do this. However, it is up to the employer to take advantage of the new technology and use it to its fullest potential. If these electronic advances are not available to an organization, then paper-based information and enrollment can also be used.

There are several vehicles that can be used to accomplish this goal. They include:

• Newsletters,
• Group meetings (either by employer or vendor),
• Individual meetings (usually by vendor for those interested),
• Announcement letters and fliers for new plans or changes to existing plans,
• PowerPoint presentations,
• E-mail communications,
• Posters,
• Weekly “lunch & learn” sessions,
• Side-by-side charts showing employee/employer contributions to plans, and
• Total compensation statements.

It can be a bit overwhelming for employees to look at benefit options for the first time and make decisions affecting the medical and financial future of their families. Imagine how relieved an employee will be to be educated in advance on how the benefits plans work and the various options to choose from. Open enrollment period is the prime time to implement this, but don’t let it be a one-time only attempt. Employee communication and education should be an ongoing process for a company. A little preparation goes a long way.

Consumer-driven health plans

• CDHPs put the individual consumer in charge of paying for health care costs out of accounts funded by the individual.
• These plans are generally favored by young, healthy employees who use little health care and have sufficient time to accumulate funds and higher income employees who can afford to allocate enough to pay for medical care.
• CDHPs generally have low premiums, high deductibles, and the contributions to the accounts are tax-exempt.

The cornerstone of consumer-driven health care is the consumer. For decades, individuals, many of whom were employees in a group health plan, were not part of the equation. In fact, plans were designed in ways that shielded individuals from cost information of health care. Employees paid their deductible and their co-pays without ever realizing the true costs incurred. Now that many people have gotten accustomed to $25 co-pays, many companies have seen fit to turn the tide and help make employees aware of the true costs of health care.

Types of consumer-driven health plans

One tool that employers are using to help employees see the true costs are plans that involve the individual as a consumer, known as consumer-driven health plans (CDHPs). These types of plans generally involve:

• A high deductible health plan (HDHP), along with:
  • A Health Savings Account (HSA), or
  • A Health Reimbursement Arrangement (HRA).

There can also be supplemental plans that fill in gaps between account balances and the deductible.

With these types of plans, the individual consumer is in control of paying for health care. The plans generally accumulate funds for paying medical costs, and the consumer has the option of using the funds when they wish, up the limits of what has been deposited in the account. The accounts accumulate over the years — there are no use it or lose it elements.

What type of workers favor CDHPs?

In considering if these types of plans are right for your employee population, it may help to note that:

• They work best for younger, healthier individuals who have fewer medical problems and can take some time to build up a sufficient fund.
• If you have an older, or less healthy employee population, such a plan may not be as well received.
• CDHPs also appear to be favored by higher income individuals who are in a financial situation to easily allocate appropriate amounts of funds to pay for medical care.

CDHP benefits

Benefits of such plans include the low premiums paid for coverage. Despite the plan having high deductible, low premiums may help individuals put more of their income into their medical accounts. Another benefit, as was discussed earlier, is that such plans are designed to help individuals become very savvy medical consumers. Perhaps they feel they won’t need to run to the doctor for every sniffle, but rather, turn to online information or nurse hotlines for information. In addition, such accounts are tax-exempt.

Some CDHPs are set up such that preventive care is funded separately to avoid having individuals forego such care and risk missing early detection.

Cautionary note

CDHPs do require a high level of communication to plan participants. Many individuals are not well versed in medical information, and they will need this to make wise medical choices. Consumers will need to understand how the plans work, what the short- and long-term costs may include, and who can be turned to for assistance.

Dental and vision coverage: ACA and traditional plans

• Individuals can obtain dental coverage through the federal and state ACA Marketplaces as part of an ACA health plan or through a separate, stand-alone ACA dental plan.
• Because the ACA defines dental care as an EHB for children, both ACA health plans and stand-alone plans must make dental coverage “available,” but it does not have to be purchased.
• All plans in the Marketplace include vision coverage (eye exams and glasses) for children as an EHBs. Only some plans include vision coverage for adults.

Through the federal and state Affordable Care Act (ACA) Marketplaces, individuals can get dental coverage two ways: (1) as part of an ACA health plan or (2) through a separate, stand-alone ACA dental plan. If an ACA health plan includes dental, the premium covers both health and dental coverage. If a separate ACA dental plan is chosen, a separate, additional premium must be paid.

However, given the efforts to “repeal and replace” the ACA, the high cost of coverage in the federal and state healthcare Marketplace, and the lack of dental insurance coverage options for adults under the ACA, exploring traditional, non-ACA options for dental coverage makes sense.

ACA dental plan categories: High and low:

• The high coverage level has higher premiums but lower copayments and deductibles.
• The low coverage level has lower premiums but higher copayments and deductibles.

Adult & child dental insurance in the Marketplace

Under the ACA, dental insurance is treated differently for adults and children 18 and under:

• Dental coverage is an essential health benefit (EHB) for children: This means for ACA health coverage for someone 18 or younger, dental coverage must be “available” for the child either as part of a health plan or as a stand-alone plan. However, even though the coverage is “available,” it does not have to be purchased.
• Dental coverage isn’t an essential health benefit for adults: ACA plans don’t have to offer adult dental coverage.

Cancellation of ACA dental plans

Separate, stand-alone ACA dental plans can be cancelled any time. However, if enrolled in an ACA health plan with dental benefits, the plan can only be cancelled if the enrollee has a life event that qualifies for a Special Enrollment Period (SEP). If the enrollee qualifies for a SEP, a new health plan with or without dental coverage can be chosen, but a stand-alone dental plan cannot be obtained.

Traditional dental insurance

Most traditional, non-ACA dental insurance plans cover 100 percent of the cost of preventive care such as cleanings, checkups and x-rays, 80 percent of basic treatments such as fillings, and 50 percent of procedures such as root canals and crowns. Coverage begins after meeting an annual deductible. Traditional dental plans are usually issued by health maintenance organizations (HMOs) or preferred provider organizations (PPOs).

The premium paid tends to be higher on PPOs than on HMO plans. But regardless of plan, there will be an annual coverage cap between $1,200 and $1,500.

• Dental HMOs require in-network treatment. Referrals to dental specialists must be provided by the primary dentist. There is frequently no waiting period imposed before coverage kicks in, but the plan may limit the number of annual visits.
• Dental PPOs allow care from any dentist or dental specialist, but use of in-network providers will cost the member less. Typically, there are no annual limits on the number of visits, but a new plan member most likely will have to wait months before coverage is available for treatments such as bridges and crowns.

Vision coverage

All plans in the Marketplace include vision coverage (eye exams and glasses) for children as an EHBs. Only some plans include vision coverage for adults.

If a Marketplace plan doesn’t include adult vision coverage, a “stand-alone” vision plan can be obtained to reduce vision care expenses. The Marketplace doesn’t offer stand-alone vision plans. To shop for stand-alone vision plans, contact an insurance broker, search online for plans, or contact the state’s Department of Insurance.

Educational assistance program

• Employers can exclude up to $5,250 of educational assistance provided to an employee under an educational assistance program from the employee’s wages each year.
• Educational assistance expenses generally include the cost of books, equipment, fees, supplies, and tuition but do not include the cost of a course or other education involving sports, games, or hobbies, unless it has a reasonable relationship to the employer’s business or is required as part of a degree program.
• The CARES Act expanded the definition of educational assistance to allow certain employer payments of student loans paid after March 27, 2020, through January 1, 2026, unless extended by future legislation.

Qualifications

For an employer to offer a qualified educational assistance program which is nontaxable income to the employee, certain requirements must be met under Internal Revenue Code Section 127 and 26 CFR 1.127-2:

• Must be a written plan;
• May be for graduate or undergraduate courses;
• Annual reimbursement maximum of $5,250;
• Must not discriminate in favor of highly compensated employees.

The courses are not required to be job related. However, in general, courses related to sports, games, or hobbies, are only covered under Section 127 if they are reasonably related to the employer’s business or required as part of a degree program.

A company must establish a written plan to assist employees financially for approved educational courses — graduate or undergraduate, professional certifications and classes to prepare for professional certifications. Any type of course, certification, class or anything covered under such a policy must usually be pre-approved by Human Resources.

An approved course of study is typically defined as a course, degree program or professional certification that maintains or improves skills in the employee’s present job or a job to which the employee could likely/reasonably be promoted or transferred. However, it does not have to be job-related to be nontaxable. Training that is necessary to perform or improve a job (e.g., forklift training and certification or attending a seminar or conference) would fall under training, not the Educational Assistance program.

Annual reimbursement maximum

Under this policy an employee may be reimbursed a designated percentage for each approved course or professional certification, and related expenses (e.g., tuition, books, supplies, equipment necessary for class, but not tools or supplies which employee may keep after the course is completed), up to $5,250 per calendar year. Reimbursement of any amount over $5,250 is considered taxable income according to IRS regulations.

Employer requirements and restrictions may be set

An educational assistance program offered by an employer may set numerous requirements and restrictions, including:

• The designation of approved institutions of higher learning (often defined as technical or trade schools, accredited colleges, and universities).
• When suitable courses are not available locally, or when an employee’s work schedule limits the method of study, the company may grant approval for enrollment in certain e-learning and correspondence courses.
• Allowing reimbursement only for the attainment of a minimum grade for a successfully completed course. Course attendance should not interfere with the employee’s regular job and must typically be taken on the employee’s own time (unless an exception is granted).
• An expectation that individuals receiving significant reimbursements for completion of approved courses will reciprocate to the company in productivity and service longevity.
• Any employee who voluntarily terminates employment with the company within a specific time after completing a course of study for which reimbursement was received may be required to repay a certain percentage of the money received during the preceding 12 months.

Exclusion for employer payments of student loans

Section 2206 of the Coronavirus Aid, Relief, and Economic Security Act (CARES Act) expands the definition of educational assistance to include certain employer payments of student loans paid after March 27, 2020. Qualified education loans are defined in chapter 11 of IRS Pub. 970. This exclusion expires January 1, 2026, unless extended by future legislation.

Flexible benefits

• Flexible benefit plans, often referred to as “cafeteria” or “Section 125” plans, may offer employees a “menu” of benefits that can be obtained with taxable or pre-tax dollars.
• Pre-tax (or qualified) benefits may include health care, vision and dental care, group-term life insurance, disability, and adoption assistance.
• FSAs offered to employees may stand alone or be offered under a cafeteria plan and may include health FSAs for expenses not reimbursed under any other health plan or dependent care assistance programs.

As the workforce evolved, employers saw a need to offer a variety of benefit choices as different employees had different benefit needs. Enter the concept of flexible benefits.

These types of plans are often referred to as cafeteria plans, as participants can choose from a “menu” of offerings. These types of plans became more popular when the Internal Revenue Service (IRS) provided some tax relief for what they refer to as “cafeteria” or “Section 125” plans. Now employees could obtain certain benefits with pre-tax dollars.

Cafeteria plans

Under the Internal Revenue Code (IRC), a cafeteria plan is a written plan under which participants may choose from two or more benefits consisting of cash and certain other benefits. In general, benefits that are excludable from the gross income of an employee under a specific section of the IRC may be offered under a cafeteria plan.

Employees can choose between taxable and nontaxable (qualified) benefits.

Qualified benefits include such things as health care, vision and dental care, group-term life insurance, disability, and adoption assistance.

Employer contributions to the cafeteria plan are usually made pursuant to salary reduction agreements between the employer and the employee in which the employee agrees to contribute a portion of his or her salary on a pre-tax basis to pay for the qualified benefits. The contributions are not considered wages for federal income tax purposes. In addition, those sums generally are not subject to FICA (Social Security and Medicare deductions) and FUTA (Federal Unemployment Tax). Employees and employers share in paying FICA taxes. FUTA is paid by the employer only.

Flexible spending accounts (FSAs)

Employers may offer FSAs to employees. These may stand alone or be offered under a cafeteria plan. FSAs include health FSAs for expenses not reimbursed under any other health plan and dependent care assistance programs.

With an FSA, employees can purchase benefits on a pre-tax basis through salary reduction.

There are a couple of drawbacks to FSAs. The first one is that employees have access to the entire fund, no matter how much is in their account. For example, if an employee has only two months’ worth of contributions in his account, he can access the entire amount that was to be accumulated.

Another drawback is the use-it-or-lose-it element. If an employee has any money left in his account at the end of the plan year, he forfeits it. This forfeiture must be used only for the payment of benefits and administration costs. The IRS extended the deadline to use the funds by 2.5 months after the end of the plan year.

HEART Act option: The Heroes Earnings Assistance and Relief Tax (HEART) Act allows for the taxable distribution of unused funds in health care FSAs for military reservists who are called to active duty. The Act also does away with the “use it or lose it” provision of FSAs for reservists. While this measure is optional, employers are encouraged to adopt it.

Plan designs

Employers may design such flexible benefits in several different ways. They can offer core benefits such as health and life insurance coverage and provide employees with a certain number of dollars or credits to obtain other optional benefits. The benefits could be, for example, additional life insurance, vacation days, vision coverage, or cash.

Employees may or may not contribute to the core benefits.

Plans can also have pre-designed packages from which employees may choose. In some situations, the plan may include different health care coverage options such as an health maintenance organization (HMO), a preferred provider organization (PPO), and a traditional insurance plan.

If an employee chooses a lower cost package, he or she can recoup the difference in cash.

Employers can be creative in designing their plans. However, because of the Patient Protection and Affordable Care Act (PPACA), the annual contributions to a medical FSA are limited, with the specific amount revised annually for inflation.

Health plans

• Group health plans are employee welfare benefit plans established by an employer or an employee organization that provide medical benefits directly or through insurance, reimbursement, or otherwise.
• ERISA provides protections for participants and beneficiaries in employee benefit plans (including providing access to plan information) and requires individuals who manage the plans to meet certain fiduciary responsibilities.

One of the most common benefits organizations offer to their employees are health plans. A group health plan is defined as an employee welfare benefit plan established or maintained by an employer or by an employee organization (such as a union), or both, that provides medical care for participants or their dependents directly or through insurance, reimbursement, or otherwise.

Most private sector health plans are covered by the Employee Retirement Income Security Act (ERISA). Among other things, ERISA provides protections for participants and beneficiaries in employee benefit plans (participant rights), including providing access to plan information. Also, those individuals who manage plans (and other fiduciaries) must meet certain standards of conduct under the fiduciary responsibilities specified in the law.

Health Reimbursement Arrangements (HRA)

• HRAs consists of funds solely set aside by an employer to reimburse employees (and other family members) for qualified medical expenses incurred by the employee or family members.
• “Individual Coverage HRAs” and “Excepted benefit HRAs” are alternatives to traditional employer group health plan coverage and reimburse medical expenses, like monthly premiums, copayments, and deductibles.
• For certain types of HRAs, the employee (and other family members) must be enrolled in a health plan to use the HRA money.

Health reimbursement arrangements (HRAs), also known as “health reimbursement accounts” or “personal care accounts,” are a type of health insurance plan that reimburses employees for qualified medical expenses. HRAs consist of funds set aside by employers to reimburse employees, tax free, for qualified medical expenses, just as an insurance plan will reimburse covered individuals for the cost of services incurred. Qualified medical expenses are those specified in the plan that would generally qualify for the medical and dental expenses deduction.

An HRA is an arrangement that:

• Is financed or paid for solely by the employer.
• Is not provided pursuant to an employee salary reduction election or under a cafeteria plan.
• Employer contributions are not included in the employee’s income. The employee does not pay federal income taxes or employment taxes on amounts the employer contributes to the HRA.
• There is no legal limit on the amount of employer contributions. Of course, contributions should be consistent to avoid any discrimination claims.

HRAs: 3 things to know

1. An HRA isn’t traditional health coverage through a job — The employer contributes a certain amount to the HRA. The employee uses the money to pay for qualifying medical expenses. For some types of HRAs (such as “Individual Coverage HRAs”and “Qualified Small Employer HRAs”), the employee can also use the money to pay monthly premiums for a health plan.
2. An employee may need health coverage to use the HRA — For certain types of HRAs, the employee (and possibly other family members) must be enrolled in a health plan to use the HRA money.
3. It’s important for the employee to understand all options before enrolling in an HRA — The employee could pay more for coverage, use more tax credits than qualified for, or face tax penalties unless options are fully understood.

Coronavirus changes

Under the Coronavirus Aid, Relief, and Economic Security Act (CARES Act, P. L. 116-136, March 27, 2020), over-the-counter medicine and menstrual care products are treated as qualified medical expenses for purposes of HRA reimbursement incurred after 2019.

Individual Coverage HRA

As of January 1, 2020, employers can offer employees an “Individual Coverage HRA” instead of offering a traditional job-based health plan. This type of HRA is an alternative to traditional group health plan coverage to reimburse medical expenses, like monthly premiums and out-of-pocket costs like copayments and deductibles.

If an employer offers an individual coverage HRA and the employee accepts it, the employee (and family, if applicable) must enroll in individual health insurance coverage, or Medicare Parts A (Hospital Insurance) and B (Medical Insurance) or Part C (Medicare Advantage) that starts by the time the individual coverage HRA begins. The employee may also enroll in individual health insurance coverage through the federal or state Marketplace or through a private plan outside the Marketplace.

Qualified Small Employer HRA

Small employers who don’t offer group health coverage to their employees can help employees pay for medical expenses through a Qualified Small Employer Health Reimbursement Arrangement (QSEHRA). If a QSEHRA is provided by an employer, the employee can use it to help pay for household health care costs (like monthly premium) for qualifying health coverage.

To use a QSEHRA, the employee (and family, if applicable) must enroll in minimum essential coverage (MEC) such as federal or state Marketplace coverage, coverage through a family member’s job, or Medicare Parts A (Hospital Insurance) and B (Medical Insurance) or Part C (Medicare Advantage).

Excepted Benefit HRAs

The new rules also increase flexibility in employer-sponsored insurance by creating another, limited kind of HRA that can be offered in addition to a traditional group health plan. These “Excepted Benefit HRAs” permit employers to finance additional medical care (for example to help cover the cost of copays, deductibles, or other expenses not covered by the primary plan) even if the employee declines enrollment in the traditional group health plan.

Health Savings Accounts (HSAs)

• HSAs are a type of savings account that lets individuals set aside money on a pre-tax basis to pay for qualified medical expenses, such as deductibles, copayments, coinsurance, and some other expenses, but generally not premiums.
• Individuals may contribute to an HSA only if enrolled in a High Deductible Health Plan (HDHP) — generally a health plan that only covers “preventive services” before the deductible.
• HSA funds roll over year to year if not spent and an HSA may earn interest or other earnings, which are not taxable.

Health Savings Accounts (HSAs) are a type of savings account that lets individuals set aside money on a pre-tax basis to pay for qualified medical expenses. By using untaxed HSA dollars to pay for deductibles, copayments, coinsurance, and some other expenses, the individual may be able to lower overall health care costs. HSA funds generally may not be used to pay premiums.

High deductible health plan requirement

While individuals can use the funds in an HSA at any time to pay for qualified medical expenses, the individual may contribute to an HSA only if enrolled in a High Deductible Health Plan (HDHP) — generally a health plan (including federal and state Marketplace plans) that only covers “preventive services” before the deductible.

“Preventive services” include, but aren’t limited to, the following:

• Periodic health evaluations, including tests and diagnostic procedures ordered in connection with routine examinations, such as annual physicals.
• Routine prenatal and well-child care.
• Child and adult immunizations.
• Tobacco cessation programs.
• Obesity weight-loss programs.
• Screening services.

For plan year 2023:

• The minimum deductible is $1,500 for an individual and $3,000 for a family.
• If enrolled in an HDHP, an individual can contribute up to $3,850 for self-only coverage and up to $7,750 for family coverage into an HSA.

HSA funds roll over year to year if not spent. An HSA may earn interest or other earnings, which are not taxable.

Some health insurance companies offer HSAs with HDHPs. Some banks and other financial institutions also offer HSAs.

Consolidated Appropriations Act, 2023 (CAA 2023)

The CAA 2023 extends for a second time the HSA relief permitting HDHPs to provide first-dollar telehealth and other remote care services for plan years beginning after December 31, 2022 and before January 1, 2025 (i.e., the 2023 and 2024 plan years for employers with a calendar plan year). Those telehealth or other remote care services do not need to be preventive or related to Covid-19 to qualify for the relief.

This CAA 2023 HSA relief is an extension of the CARES Act and CAA 2022 provisions, which provided the same telehealth relief for plan years beginning on or before December 31, 2021, and subsequently from April 2022 – December 2022.

The practical effect of the relief is that HDHPs may choose to waive the deductible for any telehealth services through 2024 without causing participants to lose HSA eligibility. The provision is optional—HDHPs are not required to waive the deductible that would otherwise apply to non-preventive telehealth services.

Medical tourism

• Many “medical tourists” travel from the U.S. to another country each year for medical care due to decreased cost, the chance to combine medical care with a vacation destination, a preference for care from providers who share the traveler’s culture, or to receive a procedure or therapy not available in the U.S.
• The U.S. Department of State Bureau of Consular Affairs cautions that medical tourism is not without risks and advises U.S. citizens to verify the training, qualifications, and reputation of the foreign doctor and facility.
• The CDC offers information on medical tourism, including risks of complications and how to minimize those risks.

Medical tourism is when a person travels to another country for medical care. The U.S. Department of State Bureau of Consular Affairs confirms that many thousands of U.S. citizens travel abroad for medical care each year, including medical and cosmetic surgery, dentistry, fertility treatments, organ and tissue transplantation, and cancer treatment.

Rationale for medical tourism

Medical tourists may pursue medical care abroad for a variety of reasons, such as decreased cost, the opportunity to combine medical care with a vacation destination, a preference for care from providers who share the traveler’s culture, or to receive a procedure or therapy not available in the U.S.

Bureau advice

Medical tourism, however, is not without risks. The Bureau advises U.S. citizens considering travel abroad for medical care to:

• Verify the doctor’s training, qualifications, and reputation. Accrediting groups, including Joint Commission International, DNV GL International Accreditation for Hospitals, and the International Society for Quality in Healthcare, have lists of standards that facilities need to meet to be accredited.
• Visit the U.S. Centers for Disease Control and Prevention (CDC) website for more information on medical tourism.
• Check for more information about medical tourism in the country you are visiting.

CDC: Risk of complications

The CDC cautions that the risk of complications depends on the destination, the facility where the procedure is being performed, and whether the traveler is in good physical and psychological condition for the procedure(s). Other issues that can increase the risk of complications include:

• Infectious disease. Risks associated with a procedure done in other countries include wound infections, bloodstream infections, donor-derived infections, and diseases such as hepatitis B, hepatitis C, HIV.
• Antibiotic resistance. Antibiotic resistance is a global problem; however, a patient is more likely to get an antibiotic-resistant infection in some countries.
• Quality of care. Some countries’ requirements for maintaining licensure, credentialing, and accreditation may also be less than what would be required in the U.S. In some countries, counterfeit medicines and lower quality medical devices may be used.
• Communication challenges. Communicating with staff at the destination and healthcare facility may be challenging and could lead to misunderstandings about care.
• Air travel. Flying after surgery can increase the risk for blood clots, including deep vein thrombosis.

How to minimize medical tourism risks

The CDC recommends having a pre-travel consultation with a U.S. physician before the trip to discuss information for healthy travel and to learn about specific risks that may be faced because of health status, the procedure, and travel before and after the procedure. CDC also recommends the following steps:

• Obtain international travel health insurance that covers medical evacuation back to the U.S.
• Before planning vacation activities, such as swimming or taking tours, find out what activities are not permitted after the procedure.
• Bring copies of medical records, including results of lab tests and any other tests done related to condition and care. Inform the destination medical staff of any allergies.
• Pack a travel health kit with prescription and over-the-counter medicines. Bring enough medicine to last the whole trip, plus a little extra in case of delays.
• Bring copies of all prescriptions and a list of medications taken, including brand names, generic names, manufacturers, and dosages.
• Get copies of all medical records from the destination as they may need to be translated into English upon return.
• Identify where you will be staying immediately after the procedure.

Multiple Employer Welfare Arrangements (MEWA)

• For years, businesses joined together to create MEWAs, allowing them to reduce coverage costs by purchasing health coverage as a large group.
• Claiming they were covered by ERISA and thereby exempt from state insurance rules with regards to reserves and contribution, MEWAs were able to undercut other state regulated health insurance companies.
• Congress eliminated the state regulation exemption in 1983 and in 2010 the ACA strengthened reporting requirements for MEWAs, required registration of MEWAs with the DOL, and provided DOL with enforcement tools, including the authority to issue an ex parte cease-and-desist order when a MEWA engages in fraudulent conduct and issue a summary seizure order when a MEWA is in a financially hazardous condition.

A Multiple Employer Welfare Arrangement (MEWA) is one in which businesses band together to purchase health coverage as a large group. For many years, promoters and others have established and operated MEWAs, also described as “multiple employer trusts” or “METs,” as vehicles for marketing health and welfare benefits to employers for their employees.

Avoidance of state insurance regulation

Promoters of MEWAs have typically represented to employers and state regulators that the MEWA is an employee benefit plan covered by the Employee Retirement Income Security Act (ERISA) and, therefore, exempt from state insurance regulation under ERISA’s broad preemption provisions.

By avoiding state insurance reserve, contribution, and other requirements applicable to insurance companies, MEWAs are often able to market insurance coverage at rates substantially below those of regulated insurance companies. This concept makes the MEWA an attractive alternative for those small businesses finding it difficult to obtain affordable health care coverage for their employees.

In practice, however, some MEWAs have been unable to pay claims because of insufficient funding and inadequate reserves. Or in the worst situations, were operated by individuals who drained the MEWA’s assets through excessive administrative fees and outright embezzlement.

Congress makes MEWAs subject to state regulation

Recognizing that it was both appropriate and necessary for states to be able to establish, apply and enforce state insurance laws with respect to MEWAs, the U.S. Congress amended ERISA in 1983 to provide an exception to ERISA’s broad preemption provisions for the regulation of MEWAs under state insurance laws.

While the 1983 ERISA amendments were intended to remove federal preemption as an impediment to state regulation of MEWAs, MEWA promoters and others have continued to create confusion and uncertainty as to the ability of states to regulate MEWAs by claiming ERISA coverage and protection from state regulation under ERISA’s preemption provisions. Obviously, to the extent that such claims have the effect of discouraging or delaying the application and enforcement of state insurance laws, the MEWA promoters benefit and those dependent on the MEWA for their health care coverage bear the risk.

Regulation under the ACA

In 2010, the Patient Protection and Affordable Care Act (ACA) established a multipronged approach to MEWA abuses. Improvements in reporting, together with stronger enforcement tools, are designed to reduce MEWA fraud and abuse. These include expanded reporting and required registration with the Department of Labor (DOL) prior to operating in a state. The additional information provided will enhance the state and federal governments’ joint mission to prevent harm and take enforcement action. The ACA also strengthened enforcement by giving the DOL authority to issue an ex parte cease-and-desist order when a MEWA engages in fraudulent or other abusive conduct and issue a summary seizure order when a MEWA is in a financially hazardous condition.

Current regulation under ERISA

ERISA covers only those plans, funds or arrangements that constitute an “employee welfare benefit plan,” as defined in ERISA Section 3(1), or an “employee pension benefit plan,” as defined in ERISA Section 3(2). By definition, MEWAs do not provide pension benefits; therefore, only those MEWAs that constitute “employee welfare benefit plans” are subject to ERISA’s provisions governing employee benefit plans.

Under current law, a MEWA that constitutes an ERISA-covered plan must comply with the provisions of Title I of ERISA applicable to employee welfare benefit plans, in addition to any state insurance laws that may apply to the MEWA. If a MEWA is determined not to be an ERISA-covered plan, the persons who operate or manage the MEWA may nonetheless be subject to ERISA’s fiduciary responsibility provisions if such persons are responsible for, or exercise control over, the assets of ERISA-covered plans. In both situations, the Department of Labor would have concurrent jurisdiction with the state(s) over the MEWA.

Patient Protection and Affordable Care Act

• The ACA reformed America’s health care by providing numerous rights, benefits, and subsidies designed to make it fairer, easier to understand, and more affordable.
• The ACA requires coverage for pre-existing conditions, free preventive care, an end to “lifetime” and “yearly” coverage limits, holds insurance companies accountable for rate increase, requires minimum expenditures on benefits, prevents cancellation of policies due to accidental application errors, and promotes doctor choice and ER access.
• The ACA’s “mandatory” state Medicaid expansion was deemed unconstitutional, but many states have voluntarily expanded Medicaid to cover more people with low incomes.

The Patient Protection and Affordable Care Act of 2010, also known as health care reform, was enacted on March 23, 2010. A companion bill, the Health Care and Education Affordability Reconciliation Act of 2010, was enacted on March 30, 2010. Together, these laws are referred to as the Affordable Care Act, or ACA.

ACA rights and benefits

The ACA provides numerous rights that make health coverage fairer and easier to understand, along with benefits and subsidies (through “premium tax credits” and “cost-sharing reductions”) to make it more affordable. The ACA also allows states the option to expand Medicaid programs to cover more people with low incomes.

The ACA:

• Requires insurance plans to cover people with pre-existing health conditions, including pregnancy, without charging more.
• Provides free preventive care.
• Gives young adults more coverage options.
• Ends “lifetime” and “yearly” dollar limits on coverage of essential health benefits (EHBs).
• Holds insurance companies accountable for rate increases.
• Makes it illegal for health insurance companies to cancel due to illness or accidental application errors.
• Protects doctor choice and ER access.
• Protects from employer retaliation.

“Lifetime” and “yearly” dollar limits eliminated

Insurance companies cannot set a dollar limit on what they spend on EHBs for care during the entire “lifetime” of enrollment in that plan, or a “yearly” dollar limit on what is spent for coverage.

Note: Protections against lifetime limits on coverage apply to all individual and job-based health plans, including grandfathered plans. Protections against annual limits apply to most health plans, but they don’t apply to grandfathered individual health plans. “Grandfathered plans” are those created or first purchased prior to March 23, 2010, the enactment of the ACA.

Rate review and 80/20 rule

Insurance companies must now publicly explain any rate increase of 15 percent or more before raising premiums. This does not apply to grandfathered plans.

The 80/20 rule (sometimes called the “medical loss ratio” or MLR) generally requires insurance companies to spend at least 80 percent of the money they take in from premiums on health care costs and quality improvement activities. The other 20 percent can go to administrative, overhead, and marketing costs.

Insurance companies selling to large groups (usually more than 50 employees) must spend at least 85 percent of premiums on care and quality improvement.

If an insurance company doesn’t meet these requirements, the enrollee will get a rebate on part of the premium paid.

Policy cancellations

It’s now illegal for insurance companies to cancel an enrollee’s coverage simply because an enrollee becomes sick or because the applicant made an honest mistake or left out information on an application that has little bearing on health. This protection applies to all health plans, including grandfathered plans, whether the coverage is through an employer plan or not.

Caution: Insurance companies can still cancel coverage if false or incomplete information is “purposely” entered on an insurance application. Cancellation can also occur if premiums are not paid on time.

Doctor choice and ER access

Individuals have the right to choose any doctor from the health plan’s provider network. Out-of-network emergency rooms (ERs) can be used without prior approval and without penalty. No referrals are needed from a primary care provider for obstetrical or gynecological (OB-GYN) services from a specialist.

Note: These doctor choice and ER access rights do not apply to grandfathered health plans.

Retaliation protection from employers

It’s against the law for an employer to fire or retaliate against an employee:

• For getting a premium tax credit when a health plan is purchased in the Marketplace; or
• If an employee reports violations of the ACA’s health insurance reforms to an employer or the government.

Reporting requirements

• Most organizations must file ERISA 5500 with the DOL, EEO-1 with the EEOC, and VETS-100 with the DOL.
• Employers must file certain employee wage and tax forms annually with the SSA and IRS.
• Certain reports must be filed with the DOL by labor unions, union officers and employees, employers, labor relations consultants, and surety companies.

The U.S. government requires that organizations report various types of data to it. The following is a list of some of the most common reports that must be filed, and some of the federal agencies that require organizations to report specific information.

Reports required of most organizations:

• ERISA 5500: The U.S. Department of Labor (DOL), Internal Revenue Service, and the Pension Benefit Guaranty Corporation jointly developed the Form 5500 Series so employee benefit plans could satisfy annual reporting requirements under Title I and Title IV of ERISA and under the Internal Revenue Code. Form 5500 Series is an important compliance, research, and disclosure tool for the DOL, a disclosure document for plan participants and beneficiaries, and a source of information and data for use by other federal agencies, Congress, and the private sector in assessing employee benefit, tax, and economic trends and policies.
• The EEO-1 Component 1 Data Collection: The U.S. Equal Employment Opportunity Commission (EEOC) report is a mandatory annual data collection that requires all private sector employers with 100 or more employees, and federal contractors with 50 or more employees meeting certain criteria, to submit demographic workforce data, including data by race/ethnicity, sex, and job categories. The filing by eligible employers of the EEO-1 Component 1 Report is required under 709(c) of Title VII of the Civil Rights Act of 1964, as amended.
• VETS-100 and 100A data: The DOL Veterans’ Employment and Training Service (VETS) and Office of Federal Contractor Compliance Programs (OFCCP) have supported affirmative actions to employ and advance “covered veterans” in employment since 2008. Contractors and subcontractors who enter or modify a contract or subcontract with the federal government, and whose contract meets certain criteria, are required to report annually on their affirmative action efforts in employing veterans.

Agencies requiring reports:

Social Security Administration (SSA)

Each year, employers must send Copy A of Forms W-2 (Wage and Tax Statement) to the SSA by the last day of February (or last day of March if filing electronically) to report the wages and taxes of employees for the previous calendar year. In addition, employers must give a W-2 to each employee by January 31 (for individual income tax purposes.) W-2s are sent to SSA along with a Form W-3 (Transmittal of Income and Tax Statements).

Internal Revenue Service (IRS)

Employers are responsible for several federal, state, and local employment taxes. At the federal level, these include:

• Income tax
• Social Security and Medicare taxes
• Unemployment taxes

Requirements for employers include withholding, depositing, reporting, and paying employment taxes. There are forms that employers must give to employees, those that employees must give to employers, and those that employers must send to the IRS and SSA.

Employment Standards Administration, Office of Labor-Management Standards

The Labor-Management Reporting and Disclosure Act of 1959, as amended (LMRDA), and the Civil Service Reform Act of 1978 (CSRA) require certain reports to be filed with the U.S. Department of Labor (DOL) by labor unions, union officers and employees, employers, labor relations consultants, and surety companies.

The LMRDA applies to labor organizations which represent private sector employees and U.S. Postal Service employees while the CSRA applies to labor organizations which represent employees in most agencies of the executive branch of the Federal Government. The regulations implementing the standards of conduct provisions of the CSRA incorporate many LMRDA provisions, including those related to labor organization reporting requirements. (Federal sector labor organizations subject to the Foreign Service Act or the Congressional Accountability Act are also required to file the union reports.)

All reports must be filed with the DOL, Employment Standards Administration, Office of Labor-Management Standards (OLMS).

Request for proposal

• An RFP is a solicitation for proposals for the development of a product or service by an agency or company.
• The RFP is usually used when the product or service requires some special expertise or does not exist yet and requires research and development.
• Numerous detailed elements should be required in the RFP so that proposals can be properly evaluated, and the best proposal accepted.

A request for proposal (RFP) is a document that solicits a proposal by an agency or company interested in the procurement of a product or service.

An RFP is often used where the request requires technical expertise, specialized capability, or where the product or service being requested does not yet exist. As such, the proposal may require new research and development to create whatever is being requested.

The RFP is either sent to a list of potential suppliers or is publicly announced for open submission of proposals.

Elements usually contained in the FRP include:

• A general introductory statement describing the company, the project, and what will be required.
• All necessary details and background information on the project to assist potential bidders to ascertain their interest and expertise.
• The specific “deliverables” that will be required of a successful bidder.
• Detailed requirements to be contained in any formal bid submission.
• Deadlines for the submission of a bid.
• Bid selection criteria, such as:
  • team qualifications,
  • specialized experience,
  • record of implementation ability,
  • prior experience,
  • performance history,
  • knowledge of key planning issues, and
  • flexibility and creativity.
• The point of contact for the project.
• The budget allocated for the project.
• A description of:
  • the proposal review process,
  • the interview process, and
  • the selection process.

Adherence to these details will ensure fairness in the process and prevent challenges by disappointed submitters.

HIPPA privacy rules

• Employers are subject to the HIPPA privacy rule when they self-insure or have entered into an insurance agreement, but receive, manage, or disclose PHI as a group health plan.
• Employers that are not self-insured but that perform certain record-keeping functions, such as transmitting individuals’ health records to a group plan, are also subject to the HIPPA privacy rule.
• Individuals may authorize disclosure of PHI and covered entities must provide notice of patient’s privacy rights and privacy practices to affected individuals.

Employers are covered by the HIPAA privacy rule when they self-insure or when they have entered an insurance agreement, but receive, manage, or disclose protected health information (PHI) as a group health plan. An employer that is not self-insured but that performs certain record-keeping functions, such as transmitting individuals’ health records to a group plan, is also subject to the rule.

In general, privacy is about who has the right to access information that identifies an individual, the individual’s physical or mental health condition, the health care that the individual has received, or payments for such care. PHI does not include summary health information which excludes the individual’s name or other identifying information. The privacy rule covers all PHI in the hands of covered entities or their business associates, regardless of whether it is or has been in electronic form.

HIPPA privacy standards

Generally, the privacy standards:

• Limit the non-consensual use and release of PHI;
• Give patients’ rights to access their medical records and know who has accessed them;
• Restrict most disclosure of health information to the minimum needed for the intended purpose;
• Establish new criminal and civil sanctions for improper use or disclosure; and
• Establish new requirements for access to records by researchers and others.

Employer requirements

As representatives of the plan, employers should evaluate and take the following steps (this list is not exhaustive):

• Be aware of the rule and its requirements;
• Review any group health plan documents and amend the plan(s), as necessary, to deal with the transmission of PHI from the plan to the employer;
• Develop the appropriate notices (discussed below);
• Review vendor (business associate) contracts to address the transmission of PHI outside the plan for administrative purposes and to ensure the business associate and any subcontractors take the appropriate steps to also safeguard PHI;
• Train key managers, supervisors, and officers how to deal with PHI to the extent their job duties require contact;
• Develop appropriate policies, with measures taken for violators;
• Appoint a privacy officer; and
• Develop procedures for obtaining authorization for the disclosure of PHI and responses to any inappropriate disclosure of PHI.

Authorized disclosure of PHI

Individuals may authorize the disclosure of their PHI. Authorizations are an individual’s signed permission to allow a covered entity to use or disclose the individual’s PHI that is described in the authorization for the purpose(s) and the recipient(s) stated use in the authorization. Authorizations allow additional, specific uses of health information beyond treatment, payment, and health care operations to be released.

Notice of privacy rights

Covered entities must provide notice of patient’s privacy rights and the privacy practices to affected individuals. The notice must explain how PHI may be used and disclosed. The notice also needs to contain the individuals’ rights with respect to the PHI, how the individuals may exercise their rights, the covered entity’s legal duties with respect to PHI, and who individuals can contact for further information. The notice must also have an effective date.

HIPPA security rules

• Health plans that engage in electronic health care transactions, and/or maintain EPHI need to ensure reasonable security from unauthorized access, alteration, deletion, and transmission of PHI.
• A covered entity that discovers a breach must provide notice to the affected individual as soon as it can, but no later than 60 days after the breach is discovered, and must notify HHS of the breach, and, in some cases, the media.
• The breach notification must include a brief description of what happened, the types of PHI involved, steps that individuals should take, what the covered entity is doing to investigate the breach and mitigate loss, and contact procedures to obtain additional information.

Security is an important part of the privacy provision. The health care industry has been moving away from paper processes and relying more heavily on the use of computers to pay claims, answer eligibility questions, provide health information, and conduct a host of administrative functions. Under HIPAA, health plans that engage in electronic health care transactions, and/or maintain electronic PHI (EPHI) need to ensure their systems provide reasonable security from unauthorized access, alteration, deletion, and transmission of PHI.

The security rule provides for ensuring that the confidentiality, integrity, and availability of EPHI created, received, maintained, used, or transmitted is protected. The security rule gets more technical than the privacy rule, as it involves information technology.

Breaches of PHI

The Health Information Technology for Economic and Clinical Health Act (HITECH) included requirements addressing breaches of PHI. In general, a breach is the unauthorized acquisition, access, or use or disclosure of “unsecured PHI” which compromises the privacy or security of the information.

A covered entity that discovers a breach must provide notice to the affected individual as soon as it can, but no later than 60 days after the breach is discovered. In addition, the covered entity is required to notify the Department of Health and Human Services of the breach, and, in some cases, the media.

Notification of a breach

There are a few methods available to notify individuals of the breach:

• In writing using first-class mail at the last known address or by email if the individual prefers. The notification may be provided in one or more mailings as information becomes available.
• If the covered entity does not have adequate contact information for providing written notice, it may comply with the requirement through a phone call (if fewer than 10 people are affected) or provide a conspicuous posting on its website (where 10 or more people are affected). This posting must include a toll-free phone number to call to determine if an individual’s PHI is included in the breach.
• A covered entity may also use post the notice in major print or broadcast media in geographic areas where the individuals affected by the breach likely reside. This would also need to include a toll-free number to obtain more information.
• In urgent situations (imminent misuse of PHI), a covered entity may call individuals in addition to providing notices as above.

If the breach involves more than 500 residents of a state or jurisdiction, the covered entity needs to provide notice to prominent media outlets service the state or jurisdiction.

If the breach involved more than 500 individuals, a covered entity must immediately notify the U.S. Department of Health and Human Services (HHS).

If it involved fewer than 500 individuals, a covered entity must maintain a log of the breach and annually submit the log to the HHS.

The HHS will post a list on its website of covered entities involved in breaches involving 500 or more individuals.

Content of notification

Breach notices need to include the following information:

• A brief description of what happened, including the date of the breach and the date of the discovery of the breach, if known.
• A description of the types of unsecured PHI that were involved in the breach (such as full name, SSN, date of birth, home address, account number, or disability code).
• The steps individuals should take to protect themselves from potential harm resulting from the breach.
• A brief description of what the covered entity is doing to investigate the breach, to mitigate losses, and to protect against any further breaches.
• Contact procedures for individuals to ask questions or learn additional information, which must include a toll-free telephone number, an e-mail address, website, or postal address.