ERISA | | Page 2

10 Former NFL Payers Charged With Defrauding NFL Retiree Health Fund

December 13, 2019

Ten former National Football League (NFL) players face prosecution for their alleged roles in a nationwide health care fraud scam that Justice Department prosecutors allegedly defrauded the Gene Upshaw NFL Player Health Reimbursement Account Plan (the “Plan)” by submitting more than $3.9 million in false and fraudulent claims between June 2017 and December 2018.

According to the charges brought in two separated indictments filed December 12, 2019 in the Eastern District of Kentucky, the charged players participated in a nationwide conspiracy that resulted in the submission of more than $3.9 million in false claims to the Plan, for which the Plan paid out over $3.4 million between June 2017 and December 2018. See Buckhalter and Rogers Indictment; McCune et al Indictment. The Plan established pursuant to the 2006 collective bargaining agreement between the NFL and payers provides a health care reimbursement account to reimburse up to a maximum of $350,000 per player of out-of-pocket medical care expenses a former player, his wife or dependents incurs not covered by insurance.

The indictments charge that the scheme to defraud involved the submission of false and fraudulent claims to the Plan for expensive medical equipment – typically between $40,000 and $50,000 for each claim never purchased or received. The expensive medical equipment described on the false and fraudulent claims included hyperbaric oxygen chambers, cryotherapy machines, ultrasound machines designed for use by a doctor’s office to conduct women’s health examinations and electromagnetic therapy devices designed for use on horses. The indictments reflect that no health care providers participated in the scheme. Rather the players submitted these allegedly false charges without any health care provider participation.

Charged in the two separated indictments include the following former NFL players including five former Washington Redskins. Those charged and the charges brought include the following:

Charges of one count of conspiracy to commit wire fraud and health care fraud, nine counts of wire fraud and nine counts of health care fraud brought against former NFL linebacker Robert McCune, McCune’s career included stints with the Washington Redskins, Miami Dolphins, Baltimore Ravens and Cleveland Browns between 2005 and 2009;
Charges of one count of conspiracy to commit wire fraud and health care fraud, two counts of wire fraud and two counts of health care fraud made against:

- Former Washington Redskins cornerback John Eubanks who was draft but only played as a practice squad player with the Washington Redskins in 2006-2017 season before going on to play in the Canadian Football League between 2009 and 20011;
- Tamarick Vanover, a former NFL wide receiver the Kanas City Chiefs, San Diego Chargers and Las Vegas Posse who was the Atlantic Coast Conference Rookie of the Year while playing for Florida State in 1992; and
- Carlos Rogers, a former NFL cornerback drafted by the Washington Redskins, who also played for the San Francisco 49ers and Oakland Raiders;
Charges of one count of conspiracy to commit wire fraud and health care fraud, one count of wire fraud and one count of health care fraud against:
- Clinton Portis, a former NFL running back best known for his years as a starting running back for the Washington Redskins, for seven seasons, who also played with the Denver Broncos during his 10 year NFL career;
- Ceandris “C.C.” Brown, a former safety drafted by the Houston Texans in 2005 who after three seasons with Houston was signed by the New York Giants, Detroit Lions and Jacksonville Jaguars;;
- James Butler, a former NFL safety for the New York Giants from 2005-2008 Seasons and with the St. Louis Rams from 2009-2012; and
- Fredrick Bennett, a grid iron defensive back drafted by the Houston Texans in 2007 before being traded to the San Diego Chargers in 2010, the Cincinnati Bengals in 2010, and the Arizona Cardinals in 2011 before going on to play in the Canadian Football League from 2012 to 2016. Bennett is currently a NFL free agent; and
Charges of one count of conspiracy to commit wire fraud and health care fraud against:
- Correll Buckhalter, a former NFL running back who played with the Philadelphia Eagles from 2001 to 2008 and the Denver Broncos from 2009 to 2010;
- Etric Pruitt, a former NFL special teams and safety who after having little playing time for most of his NFL career played a major role in Super Bowl XII while signed to the Seattle Seahawks. In addition to his Seahawks stink in 2005, Pruitt also was signed with the Atlanta Falcons and Detroit Lions during his NFL career.

In addition to the charges brought Thursday, the Justice Department also has filed notice that it intends to file criminal charges alleging conspiracy to commit health care fraud in the Eastern District of Kentucky against the following individuals:

Joseph “Joe” Horn, a former NFL wide receiver who played with the Kansas City Chiefs, New Orleans Saints, and Atlanta Falcons between 1996 and 2007. Horn made the Pro Bowl team four times and is a member of the New Orleans Saints Hall of Fame. In 2001, Horn made headlines when he and 11 other former NFL plays sued the NFL alleging it failed to properly diagnose and treat head injuries that led to changes in the NFL policies regarding diagnosis and treatment of players for potential brain injuries and the establishment of a traumatic brain injury fund; ;and
Donald “Reche” Caldwell a former NFL wide receiver who during his six seasons in the NFL played with the Sand Diego Chargers, New England Patriots, Washington Redskins and St. Louis Rams.

According to allegations in the indictments, McCune, Eubanks, Vanover, Buckhalter, Rogers and others recruited other players into the scheme by offering to submit or cause the submission of these false and fraudulent claims in exchange for kickbacks and bribes that ranged from a few thousand dollars to $10,000 or more per claim submitted. As part of the scheme, the defendants allegedly fabricated supporting documentation for the claims, including invoices, prescriptions and letters of medical necessity. After the claims were submitted, McCune and Buckhalter allegedly called the telephone number provided by the Plan and impersonated certain other players in order to check on the status of the false and fraudulent claims.

The indictments reflect the Justice Department’s continuing commitment to investigate and prosecute health care fraud, including fraudulent dealings by plan members and others.of private employeer or union sponsored health plans. If convicted, the defendants could face significant prison sentences and probation and fines.

The Justice Department press release concerning the indictments quotes U.S. Attorney for the Eastern District of Kentucky Robert M. Duncan Jr.,the Justice Department has “prioritized the investigation and prosecution of health care fraud in our office.” Meanwhile, FBI Special Agent in Charge of the Miami Field Office George L. Piro is quoted as stating that “This investigation serves as an illustration of the rampant and deliberate scams against health care plans occurring daily throughout the country…” in this case, these fraudsters pocketed money from the Gene Upshaw National Football League Health Reimbursement Account Plan that was intended for former NFL players who are ill or infirm. Over 20 FBI field offices participated in this investigation which demonstrates the level of commitment we have to rooting out this type of fraud.”

In addition to the additional costs that employers can incur to fund health plan liabilities, taking prudent steps to detect, prevent and redress fraudulent health plan claims is considered part of the fiduciary duies of heatlh plan fiduciaries under the Employee Retirement Income Security Act. Fiduciaries found to have failed to take such prudent actions risk personal liability fo rplan losses resulting from fraud committed against their health plans.

The NFL player indictments show taht prosecutions Alone or coupled with the hundreds of other fraud investigations and prosecuations that the Department of Justice and other federal and state agencies pursue each year, send a strong message that the Justice Department and other fedederal agencies stand ready to investigate nad prosecute health care fraud against private employer or union sponsored health plans, as well as fraud against Medicare, Mdicaid and other government programs.

More Information

We hope this update is helpful. For more information about this or other labor and employment developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

Solutions Law Press, Inc. invites you receive future updates and join discussions about these and other human resources, health and other employee benefit and patient empowerment concerns by participating and contributing to the discussions in our Solutions Law Press Health Care Risk Management & Operations Group and registering for updates on our Solutions Law Press Website.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.

A Fellow in the American College of Employee Benefit Counsel, as a primary focus of this work, Ms. Stamer has worked extensively with employer and union sponsored health and other employee benefit plans, insurers, third party administrators, plan fiduciaries and other health and other insured and self insured welfare plan, severance plans, defined contribution and other savings plans, defined benefit and other pension plans, incentive pay and deferred compensation programs and other employee benefit industry clients, employers and other plan sponsors, domestic and international health care providers, and as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.

Author of a multitude of highly regarded publications and programs on health and managed care fraud,and other health care, health plan and other health benefit, health care, employee benefits and other related matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc. disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

Comments Off on 10 Former NFL Payers Charged With Defrauding NFL Retiree Health Fund | Corporate Compliance, ERISA, fiduciary duty, Fiduciary Responsibility, health benefit, Health Benefits, health Care, Health Care Fraud, health insurance, health insurance marketplace, Health IT, health plan, Health Plans, health reform, insurance fraud | Permalink
Posted by Cynthia Marcotte Stamer

2018 US National Health Expenditures Grew Again

December 10, 2019

Total U.S. national healthcare spending in 2018 grew 4.6 percent according to a study conducted by the Office of the Actuary at the Centers for Medicare & Medicaid Services (CMS). CMS reports this growth rate was slower than the 5.4 percent overall economic growth as measured by Gross Domestic Product (GDP). Consequently, the share of the economy devoted to health spending decreased from 17.9 percent in 2017 to 17.7 percent in 2018.

Growth in overall healthcare spending has averaged 4.5 percent for 2016-2018, slower than the 5.5 percent average growth for 2014-2015, that was affected by expanded Medicaid and private insurance coverage and increased spending for prescription drugs, particularly for drugs used to treat hepatitis C.

The growth in total national healthcare expenditures was approximately 0.4 percentage point higher than the rate in 2017 and reached $3.6 trillion in 2018, or $11,172 per person.

According to the report, private health insurance, Medicare, and Medicaid experienced faster growth in 2018. The faster growth for these payers was influenced by the reinstatement of the health insurance tax which was applied to private health insurance, Medicare Advantage, and Medicaid Managed care plans. The health insurance tax was a fee imposed on all health insurance providers beginning in 2014 as a part of the funding for the Affordable Care Act (ACA) and was subsequently amended to institute a one-year moratorium on the fee for 2017.

Private health insurance spending(34 percent of total health care spending) increased 5.8 percent to $1.2 trillion in 2018, which was faster than the 4.9 percent growth in 2017. The acceleration was driven in part by an increase in the net cost of private health insurance, which was a result of the reinstatement of the health insurance tax in 2018 following a one-year moratorium in 2017.
Medicare spending (21 percent of total health care spending) grew 6.4 percent to $750.2 billion in 2018, which was faster than the 4.2 percent growth in 2017. The faster growth in Medicare spending in 2018 was influenced by faster growth in the net cost of insurance of Medicare private health plans (mostly Medicare Advantage plans) due to the reinstatement of the health insurance tax in 2018, faster growth in Medicare spending for medical goods and services, and an increase in government administration spending after a reduction in 2017.
Medicaid spending (16 percent of total health care spending) increased 3.0 percent to $597.4 billion in 2018. This was faster than the rate of growth in 2017 of 2.6 percent. The faster rate of growth in 2018 was driven by faster growth in the net cost of insurance for Medicaid managed care plans, also due in part to the reinstatement of the health insurance tax.
Out-of-pocket spending (10 percent of total health care spending) includes direct consumer payments such as copayments, deductibles, and spending not covered by insurance. Out-of-pocket spending grew 2.8 percent to $375.6 billion in 2018, which was faster than the 2.2 percent growth in 2017. Faster out-of-pocket spending growth for retail prescription drugs, durable medical equipment, and dental services more than offset a slowdown in out-of-pocket spending for hospital care.

Health care spending growth was mixed in 2018 for the three largest goods and service categories – hospital care, physician and clinical services, and retail prescription drugs.

Hospital spending (33 percent of total healthcare spending) increased at about the same rate in 2018 as in 2017, growing 4.5 percent and 4.7 percent, respectively, to reach $1.2 trillion in 2018. The steady growth in 2018 was driven by an acceleration in hospital price growth that was offset by slower growth in the use and intensity of hospital services.
Physician and clinical services spending (20 percent of total healthcare spending) increased 4.1 percent to reach $725.6 billion in 2018. This was slower than the rate of growth in 2017 of 4.7 percent. The deceleration in 2018 was driven by slower growth in the use and intensity of physician and clinical services, as physician and clinical price growth accelerated in 2018.
Retail prescription drug spending(9 percent of total healthcare spending) grew 2.5 percent in 2018 to $335.0 billion following slower growth of 1.4 percent in 2017. This faster rate of growth was driven by non-price factors, such as the use and mix of drugs consumed, which more than offset a decline of 1.0 percent in prices for retail prescription drugs.

Additional highlights from the report include:

Sponsors of Healthcare. In 2018, the federal government’s spending on health care increased 5.6 percent, accelerating from growth of 2.8 percent in 2017, and was driven by faster growth in the federally-funded portions of Medicare and Medicaid expenditures. Private businesses’ health care spending increased 6.2 percent in 2018 due primarily to faster growth in employer-sponsored private health insurance premiums. The federal government and households accounted for the largest shares of spending (28 percent each), followed by private businesses (20 percent), state and local governments (17 percent), and other private revenues (7 percent).

The National Health Expenditure estimates have been revised to reflect the most recent and up-to-date source data that is available (and may not have been available for last year’s vintage of the National Health Expenditure Accounts).

The 2018 National Health Expenditures data and supporting information will appear here.

For More Information

Solutions Law Press, Inc. invites you receive future updates and join discussions about these and other human resources, health and other employee benefit and patient empowerment concerns by participating and contributing to the discussions in our LinkedIn Solutions Law Groups and registering for updates on our Solutions Law Press Website.

About the Author

As a primary focus of this work, Ms. Stamer has worked extensively with domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers, health industry advocacy and other service providers and groups and other health industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.

Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer is noted for her decades-long leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.

Author of leading works on HIPAA and a multitude of other health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc. disclaim, and have no responsibility for the suitability, completeness, accuracy or other content or to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

©2019 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication, please contact the author directly. All other rights reserved.

Comments Off on 2018 US National Health Expenditures Grew Again | ACA, Affordable Care Act, board of directors, Brokers, Claims, Claims Administration, compliance, drug pricing, EBSA, Employee Benefits, Employer, Employers, Employment Tax, ERISA, Excise Tax, Excise Taxes, fiduciary duty, Fringe Benefit, Fringe Benefits, government plan, health benefit, Health Benefits, health Care, Health Care Reform, health care transparency, health insurance, health insurance marketplace, health plan, Health Plans, health reform, Human Resources, Income Tax, insurers, Managed Care, Patient Protection & Affordable Care Act, Patient Protection and Affordabel Care Act, Patient Protection and Affordable Care Act, Payroll Tax, pbms, Physician, Premium Subsidies, prescription drugs, provider contracting, Tax, Tax Credit, third party administrators | Permalink
Posted by Cynthia Marcotte Stamer

ONC Patient Matching for Prescription Drug Monitoring Program Slides Available

December 7, 2019

Slides from the presentations made at Office of the National Coordinator for Health Information Technology (ONC) September 6, 2019 symposium on Patient Matching for Prescription Drug Monitoring Programs (PDMPs) are now available on line. This one-day symposium brought together PDMP administrators, standards development groups, health IT developers, representatives from pharmacies, and a number of other stakeholders to discuss patient matching challenges and opportunities to support the interoperability of prescription data.Access that data here.

For More Information

Solutions Law Press, Inc. invites you receive future updates and join discussions about these and other human resources, health and other employee benefit and patient empowerment concerns by participating and contributing to the discussions in our LinkedIn Solutions Law Groups and registering for updates on our Solutions Law Press Website.

About the Author

IAbout Solutions Law Press, Inc.™

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc. disclaim, and have no responsibility for the suitability, completeness, accuracy or other content or to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Comments Off on ONC Patient Matching for Prescription Drug Monitoring Program Slides Available | Association Health Plan, Claims Administration, drug pricing, Employee Benefits, Employer, ERISA, Health Benefits, health Care, health care transparency, health insurance, health insurance marketplace, Health IT, health plan, Health Plans, health reform, Managed Care, Patient Empowerment, Patient Protection & Affordable Care Act, pbms, Prescription Drugs, prescription drugs, provider contracting | Permalink
Posted by Cynthia Marcotte Stamer

SBA Hosts Employee Benefits Roundtable 11/21

November 18, 2019

The Small Business Administration (“SBA”) Advocacy Office will is host an Employee Benefits Roundtable on Thursday, Nov. 21 from 10:00 AM until 12:00 noon at the SBA Headquarters in Washington, D.C. with the following agenda:

Welcome and Introductions (10:00 am – 10:15 am)

Charles G. Jeane, Assistant Chief Counsel, SBA Office of Advocacy

Discussion of Small Business Use of Cafeteria Plans (10:15 am – 10:45 am)

Gary Kushner, President and CEO of Kushner & Company

Discussion of MEPs and Open MEPs (10:45 am – 11:15 am)

Sandra Turner, President of Retirement Plan Specialists, Inc.

Discussion of Adding Annuities as An Option for Plan Participants (11:15 am – 11:45 am)

Chantel Sheaks, Executive Director, Retirement Policy, U.S. Chamber of Commerce

Open Discussion/Other Small Business Issues (11:45 am – 12:00 pm).

The purpose of these roundtable meetings is to exchange opinions, facts, and information and to obtain the attendees’ individual views and opinions regarding small business concerns. The meetings are not intended to communicate or achieve any consensus positions of the attendees.

Roundtable meetings are open to all interested persons, except the press. Press are excluded in order to facilitate an open and frank discussion about small business-related issues.

About The Author

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation; Former Chair of the RPTE Employee Benefits and Compensation Committee, a current Co-Chair of the Committee, and the former Chair of its Welfare Benefit and its Defined Compensation Plan Committees and former RPTE Joint Committee on Employee Benefits Council (JCEB) Representative, Cynthia Marcotte Stamer is a Martindale-Hubble “AV-Preeminent” practicing attorney and management consultant, author, public policy advocate, author and lecturer repeatedly recognized for her 30 plus years’ of work and pragmatic thought leadership, publications and training on health, pension and other employee benefit, insurance, labor and employment, and health care fiduciary responsibility, payment, investment, contracting and other design, administration and compliance concerns as among the “Top Rated Labor & Employment Lawyers in Texas,” a “Legal Leader,” a “Top Woman Lawyer” and with other awards by LexisNexis® Martindale-Hubbell®; as among the “Best Lawyers In Dallas” for her work in the field of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, in International Who’s Who of Professionals and with numerous other awards and distinctions.

Her experience encompasses leading and supporting the development and defense of innovative new policies, programs, practices and solutions; advising and representing clients on routine plan establishment, plan documentation and contract drafting and review, administration, change and other compliance and operations; crisis prevention and response, compliance and risk management audits and investigations, enforcement actions and other dealings with the US Congress, Departments of Labor, Treasury, Health & Human Services, Federal Trade Commission, Justice, Securities and Exchange Commission, Education and other federal agencies, state legislatures, attorneys general, insurance, labor, worker’s compensation, and other agencies and regulators, and various other foreign and domestic governmental bodies and agencies.

She also provides strategic and other supports clients in defending litigation as lead strategy counsel, special counsel and as an expert witness. Alongside her extensive legal and operational experience, Ms. Stamer also is recognized for her work as a public and regulatory policy advocate and community leader with a gift for finding pragmatic solutions and helping to forge the common ground necessary to build consensus. Best known for her domestic public policy and community leadership on health care and insurance reform, Ms. Stamer’s lifelong public policy and community service involvement includes service as a lead consultant to the Government of Bolivia on its pension privatization project, as well as extensive legislative and regulatory reform, advocacy and input workforce, worker classification, employee benefit, public health and healthcare, social security and other disability and aging in place, education, migration reforms domestically and internationally throughout her adult life.

In addition to her public and regulatory policy involvement, Ms. Stamer also contributes her service and leadership to a professional and civic organizations and efforts including her involvement as the Founder and Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE; Coalition on Patient Empowerment, a founding Board Member and past President of the Alliance for Healthcare Excellence; Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; Vice Chair, Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group; current Fiduciary Responsibility Committee Co-Chair and Membership Committee member of the ABA RPTE Section; former RPTE Employee Benefits and Other Compensation Group Chair, former Chair and Co-Chair of its Welfare Plans Committee, and Defined Contribution Plans Committee; former RPTE Representative to ABA Joint Committee on Employee Benefits Council; former RPTE Representative to the ABA Health Law Coordinating Counsel; former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, former Board Member, Continuing Education Chair and Treasurer of the Southwest Benefits Association; Vice President of the North Texas Healthcare Compliance Professionals Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; past Dallas World Affairs Council Board Member, and in leadership of many other professional, civic and community organizations.

Ms. Stamer also is a highly popular public speaker, symposia chair and author, who publishes and speaks extensively on health and managed care industry, human resources, employment and other privacy, data security and other technology, regulatory and operational risk management for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, the Society of Professional Benefits Administrators, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients, serves on the faculty and planning committee of many workshops, seminars, and symposia, and on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications.

Beyond these involvements, Ms. Stamer also is active in the leadership of a broad range of other public policy advocacy and other professional and civic organizations and involvements. Through these and other involvements, she helps develop and build solutions, build consensus, garner funding and other resources, manage compliance and other operations, and take other actions to identify promote tangible improvements in health care and other policy and operational areas.

Before founding her current law firm, Cynthia Marcotte Stamer, P.C., Ms. Stamer practiced law as a partner with several prominent national and international law firms for more than 10 years before founding Cynthia Marcotte Stamer, P.C. to practice her unique brand of “Solutions law™” and to devote more time to the pragmatic policy and system reform, community education and innovation, and other health system improvement efforts of her PROJECT COPE: the Coalition on Patient Empowerment initiative.

About Solutions Law Press, Inc.™

If you or someone else you know would like to receive future updates about developments on these and other concerns, please provide your current contact information and preferences including your preferred e-mail by creating or updating your profile here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

©2019 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™. For information about republication, please contact the author directly. All other rights reserved.

Comments Off on SBA Hosts Employee Benefits Roundtable 11/21 | 401(k), 4980D, 4980H, 6039D, Brokers, Cafeteria Plans, compensation, defined benefit plan, Defined Benefit Plans, defined contribution plan, Defined Contribution Plans, directors, EBSA, Employee Benefits, Employers, Employment, ERISA, Fringe Benefit, Fringe Benefits, health Care, health care transparency, health insurance, Health Plans, Human Resources, multiple employer plan (Meps), Retirement Plans, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

College Pays $54,000 To Settle DOJ ADA Lawsuit For Paramedic Program’s Termination of TA With MS

November 7, 2019

Lanier Technical College, a unit of the Technical College System of Georgia, will pay $53,000 in back pay and compensatory damages and revise its policies and procedures to settle a Justice Department lawsuit alleging the College violated the Americans with Disabilities Act (ADA) by terminating along-time College employee based on her multiple sclerosis filed in the Northern District Of Georgia on November 4, 2019. In addition to this disability discrimination allegation, the Justice Department complaint also alleges the removed the employee from the teaching schedule for an entire school semester, thus reducing her hours and pay to zero, due to her multiple sclerosis after the employee took three days of sick leave one summer. The lawsuit and its settlement reminds academic health care and other public and private employers about the need to use appropriate care to avoid inappropriate discrimination against individuals with disabilities in employment and other operations.

The College had employed the terminated employee as a part-time emergency medical technician (EMT) lab assistant for over three years before the events prompting the lawsuit took place. The essential functions of her job involved assisting instructors in the classroom and in the lab, and perform “check offs” to authorize and certify that the students mastered particular technical competencies (e.g., properly taking blood pressure, starting a patient’s I.V., assessing a patient’s vital signs). In addition to her employment with the College, the former employee also worked as a paramedic for an unrelated employer. She continued to work as a full-time paramedic for nearly three years after the College terminated her employment as a part-time lab assistant.

Less than a year into her employment at the College, the former employee was diagnosed with multiple sclerosis (MS) in 2010. Shortly after her diagnosis the former employee notified among others, notified the Director of the Lanier Paramedicine Technology (PMT) Department, Sam Stone, of her condition and Mr. Stone subsequently discussed her MS and treatment with her over the course of her employment with the College. According to the Justice Department complaint, the former employee did not require any reasonable accommodations for her disability, remained qualified to perform the essential functions of the part-time lab assistant job, and did so successfully until College discharged her or otherwise altered her compensation, terms, conditions, or privileges of employment.

In 2012, the former employee assisted with classes and labs taught by Instructor Andy Booth. Instructor Booth managed the work schedule for all the part-time EMT lab assistants who assisted with his classes, including that of the former employee. This included the ability to remove lab assistants from any shifts they requested. Director Stone then completed a final review of the semester and approved the schedule and any changes to it.

During the summer of 2012, the former employee had to miss her assigned workdays on two or three occasions due to her MS and its treatment. She also was on disability leave from her paramedic job for a period during that summer, returning to work full-time in early August. Following these absences, Instructor Booth on August 30, 2012 sent an email to lab assistants, including the former employee requesting that lab assistants sign up for open shifts on the work schedule, as he was “still short on help.” The schedule with available shifts was posted for September through December 2012. The former employee signed up for seven or eight four-hour shifts over the course of the fall semester that same day and emailed Instructor Booth the evening of August 30 to inform him of this. In her email, she indicated that she was no longer on disability leave from her other job.

Two weeks later, on September 12, 2012, the College removed the former employee from the work schedule for the entire fall semester schedule on the written instructions of Instructor Booth with the approval of Director Stone. Instructor Booth’s September 12 email instructions to his assistant provided a link to the online work schedule for the lab assistants and stated: “Any day you see [the former employee], just take her off.” Director Stone was copied on this email. That same day, Director Stone replied to Instructor Booth’s email, stating that he had reviewed all of the dates up to December and approved the schedule. The College knew that, by removing the former employee from the schedule, it was terminating her employment with Lanier.

When the former employee realized that someone removed her from the schedule for the entire semester, she contacted Instructor Booth. He told the former employee, by text message, that it was Director Stone’s decision and that Director Stone wanted to give the former employee “some time to heal.” Instructor Booth also stated that Director Stone seemed upset about the former employee missing a few days in the summer due to her MS. Instructor Booth then directed the former employee to speak to Director Stone. He did not offer to reinstate her for any of the days she signed up for or for any future dates.

Thereafter, on September 26, 2012, the former employee contacted Director Stone by email. After telling Director Stone i her email that Instructor Booth said Director Stone was managing the schedule and had wanted to give her “some time to heal,” she reassured him that she appreciated his concern but that she felt she was “OK.” When Director Stone responded on September 23, he confirmed the correctness of Director Stone’s email and also confirmed that he was concerned with the former employee’s health. He offered to discuss these concerns further with her in private. He did not offer to reinstate her for any of the days she signed up for or for any future dates.

Later that day, the former employee called Director Stone. On the call, Director Stone expressed concern about legal and liability issues and whether the former employee was fit to work because of her MS. He said that he, as the Department Director, had to be concerned about her health and medical issues, because a student could challenge a grade on the basis that her MS made her unfit to evaluate students. Director Stone also referenced a couple days that the former employee missed work due to her MS during the summer, and stated that she was less reliable than other lab assistants were at that point. He did not offer to reinstate her for any of the days she signed up for or for any future dates.

Approximately six months later, College removed the former employee from the payroll and changed her payroll status to “terminated.”

On September 26, 2012, the former employee filed a timely charge of discrimination with the United States Equal Employment Opportunity Commission (EEOC), alleging that College terminated her because of her disability in violation of the ADA. The Justice Department filed the lawsuit after the EEOC referred the former employee’s complaint to it.

Title I of the ADA prohibits covered entities including the College from discriminating against a qualified individual on the basis of disability in regard to job application procedures, the hiring, advancement, or discharge of employees, employee compensation, job training, and other terms, conditions, and privileges of employment. 42 U.S.C. § 12112(a); 29 C.F.R. § 1630.4.

The Justice Department complaint against the College charged that the College violated the ADA by discriminating against her on the basis of her disability by:

Removing her from the lab assistant work schedule for a semester and reducing her work hours and compensation to zero; and
Terminating her on the basis of her disability

As a consequence of these discriminatory actions, the complaint charged the former employee suffered lost earnings, benefits and job advancement opportunities, as well as substantial emotional distress, pain and suffering and other nonpecuniary losses. The complaint asked the District Court to redress these injuries by:

Declaring the College in violation of the Title I of the ADA and its accompanying regulation;
Enjoining the College and its agents, employees, successors, and all persons in active concert or participation with it, from engaging in discriminatory employment policies and practices that violate Title I of the ADA;
Requiring the College to modify its policies, practices, and procedures as necessary to bring its employment practices into compliance with Title I of the ADA and its implementing regulation;
Ordering the College to train its supervisors and human resource staff regarding the requirements of Title I of the ADA; and
Awarding the former employee back pay with interest; the value of any lost benefits with interest; and compensatory damages, including damages for emotional distress, for injuries suffered as a result of Defendant’s failure to comply with the requirements of the ADA;

Under the settlement agreement announced November 7, 2019 by the Justice Department, the College must pay the former employee $53,000 in back pay and compensatory damages, revise its policies and training staff on the ADA to ensure compliance with the ADA, train staff on the ADA, and report to the Justice Department on implementation of the settlement agreement.

Reaching this settlement allowed the College to eliminate its exposure to potentially much greater liability. In addition to actual lost compensation and benefit damages, a loss at trial could have resulted in a jury award that also ordered the College to pay attorneys’ fees and other costs, interest and exemplary damages of up to $300,000.

For More Information

We hope this update is helpful. For more information about employment discrimination or other labor and employment, compensation, benefits or other related management and compliance concerns or developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

Solutions Law Press, Inc. invites you receive future updates and join discussions about these and other human resources, health and other employee benefit and patient empowerment concerns by participating and contributing to the discussions in our Solutions Law Press HR & Benefits Update Compliance Update Group and registering for updates on our Solutions Law Press Website..

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of management focused employment, health care, employee benefit and insurance, workforce and other management work, public policy leadership and advocacy, coaching, teachings, and publications including extensive work with businesses on compliance, risk management and defense.

Author of numerous highly regarding publications on disability and other discrimination and other employment, employee benefit, compensation, regulatory compliance and internal controls and other management concerns affecting health care, education, insurance, housing and other operations, Ms. Stamer’s clients include health care, insurance and financial services, educational and other employer and services organizations; employer, union, association, government and other insured and self-insured health and other employee benefit plan sponsors, benefit plans, fiduciaries, administrators, and other plan vendors; domestic and international public and private health care, education and other community service and care organizations; managed care organizations; insurers, third-party administrative services organizations and other payer organizations; and other private and government organizations and their management leaders. In addition to her legal and management operations work. Ms. Stamer’s experience includes 30 plus years’ of legislative and regulatory policy advocacy and drafting, design, compliance and enforcement including testifying to the EBSA Advisory Council on Employee Welfare and Pension Benefit Plans in on the effectiveness of employee benefit plan disclosures during 2017 hearings on on reducing the burdens and increasing the effectiveness of ERISA mandated disclosures as well as advice, representation, advocacy and testimony to and before and other work with various foreign governments, Congress, state legislatures, and a multitude of federal, state and local agencies.

Throughout her 30 plus year career, Ms. Stamer has continuously worked with these and other management clients to design, implement, document, administer and defend hiring, performance management, compensation, promotion, demotion, discipline, reduction in force and other workforce, employee benefit, insurance and risk management, health and safety, and other programs, products and solutions, and practices; establish and administer compliance and risk management policies; manage labor-management relations, comply with requirements, investigate and respond to government, accreditation and quality organizations, regulatory and contractual audits, private litigation and other federal and state reviews, investigations and enforcement actions; evaluate and influence legislative and regulatory reforms and other regulatory and public policy advocacy; prepare and present training and discipline; handle workforce and related change management associated with mergers, acquisitions, reductions in force, re-engineering, and other change management; and a host of other workforce related concerns. Ms. Stamer’s experience in these matters includes supporting these organizations and their leaders on both a real-time, “on demand” basis with crisis preparedness, intervention and response as well as consulting and representing clients on ongoing compliance and risk management; plan and program design; vendor and employee credentialing, selection, contracting, performance management and other dealings; strategic planning; policy, program, product and services development and innovation; mergers, acquisitions, bankruptcy and other crisis and change management; management, and other opportunities and challenges arising in the course of workforce and other operations management to improve performance while managing workforce, compensation and benefits and other legal and operational liability and performance.

A Fellow in the American College of Employee Benefit Counsel and Past Chair of both the ABA Managed Care & Insurance Interest Group and it’s RPTE Employee Benefits and Other Compensation Group, Ms. Stamer also has leading edge experience in health benefit, health care, health, financial and other plan, program and process design, administration, documentation, contracting, risk management, compliance and related process and systems development, policy and operations; training; legislative and regulatory affairs, and other legal and operational concerns.

A former lead consultant to the Government of Bolivia on its Pension Privatization Project with extensive domestic and international public policy concerns in pensions, healthcare, workforce, immigration, tax, education and other areas, Ms. Stamer has been extensively involved in U.S. federal, state and local health care and other legislative and regulatory reform impacting these concerns throughout her career. Her public policy and regulatory affairs experience encompasses advising and representing domestic and multinational private sector health, insurance, employee benefit, employer, staffing and other outsourced service providers, and other clients in dealings with Congress, state legislatures, and federal, state and local regulators and government entities, as well as providing advice and input to U.S. and foreign government leaders on these and other policy concerns.

Author of leading works on a multitude of labor and employment, compensation and benefits, internal controls and compliance, and risk management matters and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; an ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her work, services, experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here. We also invite you to join the discussion of these and other human resources, health and other employee benefit and patient empowerment concerns by participating and contributing to the discussions in our Health Plan Compliance Group or COPE: Coalition On Patient Empowerment Groupon LinkedIn or Project COPE: Coalition on Patient Empowerment Facebook Page.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission and its content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion.otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

©2019 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication or the topic of this article, please contact the author directly. All other rights reserved.

Comments Off on College Pays $54,000 To Settle DOJ ADA Lawsuit For Paramedic Program’s Termination of TA With MS | Absenteeism, Academic Medicine, Accommodation, ADA, board of directors, compliance, Corporate Compliance, directors, Disability, Disability, Disability Discrimination, Disability Leave, Education, Educational Privacy, EEOC, EEOC, employee, Employee Benefits, Employer, Employers, Employment, Employment Agreement, Employment Policies, Employment Tax, ERISA, Excise Tax, FICA, health benefit, health Care, health insurance, Income Tax, Labor Management Relations, Management, NLRA, Payroll Tax, Reporting & Disclosure, Retirement Plans, Risk Management, Tax, Tax Fraud, Uncategorized, Unfair Labor Practice, Union, Union elections, Worker Classification | Tagged: ADA, Disability Discrimination, Education, Emergency Medicine, Employees, higher education, MS, news, Paramedic, school, Training | Permalink
Posted by Cynthia Marcotte Stamer

Business Leaders Serve Jail Time For Employment Tax Crimes

November 5, 2019

Business owners and operators and the business’ tax, accounting and other service providers increasingly risk criminal prosecution when involved with a business caught shirking its obligations under the Internal Revenue Code (the “Code”) to report wages and withhold and pay federal income tax and employees’ share of social security and Medicare taxes (collectively known as “FICA taxes”) from employees’ wages and to pay the employer’s share of FICA taxes in addition to the substantial civil tax penalties that the business faces for these actions.

While various Internal Revenue Service (“IRS”) educational and enforcement initiatives across the past decade have expanded awareness among business leaders and their accounting and tax advisors more aware of the the potentially significant civil tax penalties risks aggressive employment tax practices can create for the business, many business owners and operators, and the tax, accounting and payroll service providers often overlook or fail to take seriously their potential personal exposure to civil and increasingly, even criminal liability that can arise from management, consulting or other involvement with businesses engaged in aggressive employment tax practices under the Code. With the Justice Department now increasingly using criminal prosecution of individuals as well as businesses involved in employment tax evasion a key weapon in its effort to combat the “substantial problem” of employment tax fraud, however, business owners, operators, tax counsel, accounting, payroll, staffing and others increasingly must exercise care to avoid subjecting themselves to criminal prosecution and other personal liability when dealing with businesses engaged in aggressive employment tax practices.

Employment Tax Compliance Now High Enforcement Priority

Business noncompliance with their employment tax obligations is a widespread and persistent problem in the United States for a multitude of reasons, not the least of which is budgetary. Employment taxes on employee wages represent nearly 70% of all revenue collected by the IRS and, as of June 30, 2016, more than $59.4 billion of tax reported on Employer’s Quarterly Federal Tax Returns (Forms 941) remained unpaid. When last measured prior to the Justice Department’s kickoff of its current enforcement initiative in 2018, uncollected employment tax violations represented more than $91 billion of the gross Tax Gap and, after collection efforts, $79 billion of the net Tax Gap in the U.S. See Employment Tax Enforcement.

Aside from the budgetary concerns created by the widespread business noncompliance with employment tax responsibilities, the Justice Department considers nonpayment of employment taxes a serious crime. According to its Employment Tax Enforcement page states, “When employers willfully fail to collect, account for and deposit with the IRS employment tax due, they are stealing from their employees and ultimately, the United States Treasury. In addition, employers who willfully fail to comply with their obligations and unlawfully line their own pockets with amounts withheld are gaining an unfair advantage over their honest competitors.”

To stem employment tax violations and encourage greater business compliance with these requirements, the IRS and Justice Department are using a variety of taxpayer outreach, voluntary compliance resolution, and civil and criminal enforcement tools. Along with ongoing educational outreach, for instance, the IRS tries to encourage businesses to voluntarily clean up outstanding employment tax compliance issues by making available various voluntary resolution programs. For instance, the IRS Voluntary Closing Agreement Process – Employment Tax (VCAP – ET) program offers an administrative process businesses not currently under audit may use to “permanently and conclusively” resolve outstanding IRS employment tax liabilities not involving worker classification while its Voluntary Classification Settlement Program (VCSP) for businesses not under audit and Classification Settlement Program for businesses under examination offer options for businesses may use to resolve worker classification associated employment tax liabilities.

Employment Tax Prosecution Rising

Coupled with efforts to obtain greater voluntary compliance through these voluntary resolution programs, however, the IRS and Justice Department Tax Division increasingly partner to investigate and prosecute aggressively businesses and their owners, operators and tax and other service providers for employment tax violations. As the agency responsible for conducting the civil and criminal prosecutions necessary to enforce these rules, the Justice Department brings both civil suits and criminal prosecutions against both businesses and the owners, operators and others that participate or assist businesses to willfully violate the Code’s employment tax rules. While in the past, IRS and Justice Department employment tax enforcement generally focused on high dollar employment tax fraud cases, since making employment tax fraud enforcement a priority in May 2018, the IRS and Justice Department no longer place a dollar threshold on the amount of unpaid employment taxes that could trigger more severe enforcement action. Since this change, Justice Department civil and criminal employment tax fraud prosecutions and convictions have risen significantly, resulting in the Justice Department achieving a long and growing list of civil money judgements to recover unpaid taxes, interest and penalties, permanent injunctions and criminal convictions against businesses and individuals involved in employment tax fraud over the past year.

On the civil front, the Justice Department brings litigation on behalf of the United States to enforce the IRS’ authority to collect unpaid taxes and penalties and pursues permanent injunctions against businesses, payroll and tax advisors and others for violating the Code’s employment tax requirements.

In addition to actions to collect unpaid employment taxes and penalties, the Justice Department also pursues and obtains civil injunctions against employers and their principal officers who willfully fail to truthfully collect, account for and deposit employment which impose various requirements and prohibitions designed to enforce compliance. Injunctions as a Tool to Prevent Pyramiding of Employment Taxes. Among other things, the injunctive relief sought often orders for the businesses and their principal officers to comply with the employment tax rules, provide current notice of each deposit to the IRS, and placing restrictions on their opening or operating new businesses and transfer and dissipation of assets. If a business or individual violates these injunctions, the Justice Department pursues orders of civil or criminal contempt, including incarceration of the principal officer(s), to bring the business into compliance, as well as to recover compensation from the principal officers, the business or both for the damage caused by the contempt. See, e.g., Bailey Chiropractic and Bailey, David (W.D. Pennsylvania – August 21, 2018); Bogart Title INC; Bogart Law Firm; and Bogart, Erik (D. South Carolina – May 25, 2018); Detroit Wholistic Center, Inc and Jesse R. Brown (E.D. Michigan – January 31, 2018); Doctors Hospital 1997 LP and Mohiuddin, Syed Rizwan (S.D. Texas – August 16, 2018); Dr. Robert Lee Beck (Agreed Judgement) (W.D. Texas – May 21, 2018); Easy Method Driving School and Ryan, William (D. Maryland – August 22, 2018); Four State Emergency Equipment LLC; Price, William; Price, Michelle; and West Potomac Fire & Rescue, Inc (D. Maryland – June 15, 2018); Court Permanently Enjoins Baltimore-Area Importer of Stone From Accruing Payroll Tax Liabilities

Criminal Employment Tax Fraud Prosecutions & Convictions Show Justice Department Ready To Nail Businesses & Individuals Cheating On Employment Taxes

While these and other civil enforcement successes are powerful tools in the arsenal of the Justice Department and IRS employment tax enforcement efforts, however, it is the Justice Department’s growing prosecution and success in securing criminal convictions resulting in prison sentences against business owners and operators, tax advisors and others for employment tax fraud that most clearly demonstrates the Justice Department’s announced commitment to employment tax fraud enforcement has real teeth. Over the past year, the Justice Department as racked up an impressive and growing number of federal grand jury criminal tax fraud indictments, convictions and sentences, many of which include prison sentences ordered against business owners, operators, advisors and other individuals convicted of employment tax fraud. See e.g., North Carolina Office Manager Sentenced to Prison for Employment Tax Fraud; see also Recent Criminal Employment Enforcement News.

The criminal employment tax prosecution actions reported by the Justice Department during the just ended month of October 2019 are typical of this prosecutorial trend over the past year. Among others, during October the Justice Department Tax Division announced its employment tax enforcement efforts resulting in it securing separate federal grand jury criminal indictments against staffing business operators in New York and North Carolina.

October Criminal Employment Tax Indictments

On October 24, for instance, the Justice Department announced that a New York grand jury had issued criminal tax indictments against the owner/operator of a Long Island City, New York temporary employment staffing businesses including PTP Staffing Associates Inc. (PTP), and PPS Associates Inc. (PPS). The indictments charge that as the alleged sole owner of PTP and PPS, Heppenheimer was required to collect, account for, and pay to the IRS federal employment taxes withheld from the wages of PTP and PPS employees, but from 2013 through 2017, failed to report more than $270,000 in employment taxes to the IRS. If convicted, Heppenheimer faces a statutory maximum sentence of five years imprisonment for each count charged, plus substantial monetary penalties, supervised release, and restitution. Owner of New York City Temporary Staffing Firms Indicted for Employment Tax Fraud

Mere days later, the Justice Department also announced that a North Carolina federal grand jury had indicted Rebecca Adams and her daughter Elizabeth Wood with conspiring to defraud the United States government by withholding taxes from employees’ paychecks and failing to pay those taxes over to the Internal Revenue Service (IRS). See e.g., Owners of Greensboro Temporary Staffing Firms Indicted for Employment Tax Fraud. The indictment alleges Adams and Wood created Forms W-2 for the staffing business employees but failed to file these forms with the government as required. Instead of paying the taxes withheld from employees, the indictment alleges that Adams and Wood used the funds to pay for personal expenses, such as a personal maid, personal landscaping services, and pet spa services. The staffing business allegedly changed names twice, even though it did not otherwise change its actual business operations. Adams was also charged with tax evasion based on her allegedly evading payment of more than $400,000 in previously assessed employment taxes and penalties to the IRS. If convicted, both defendants face significant punishment. If convicted on these charges both Adam and Woods can expect their punishment will include prison time. Adams and Wood each face a statutory maximum sentence of five years in prison for each charge of conspiracy, employment tax fraud, and tax evasion, plus probation and monetary penalties.

October Criminal Employment Tax Convictions

Along with securing these new criminal tax indictments, the Justice Department also was successful in obtaining new criminal tax convictions against business owners in West Virginia and Florida for employment tax violations.

On October 21, two West Virginian business owners plead guilty today to conspiring to defraud the United States regarding their employment taxes and individual income taxes in a Federal District Court in West Virginia. According to court documents, Russell and Karen Rucker, a married couple, operated Rucker, Billups and Fowler Inc. (RBF), an insurance agency located in Huntington, West Virginia. Russell Rucker was the president of RBF and since approximately late 2013, Karen Rucker served as a financial officer. Between September 2015 and September 2018, the Ruckers withheld approximately $143,226 in payroll taxes from the wages of RBF’s employees, which they did not pay over to the IRS. Instead, the Justice Department charged the Ruckers diverted portions of the withheld funds for their own personal benefit. For instance, from 2014 through 2016 the Ruckers continued to pay themselves over $500,000 in salary. The Justice Department also charges that in response to IRS collection efforts in an attempt to conceal funds from the IRS, the Ruckers deposited money into the bank account of another individual, attempted to evade IRS levies by using a series of bank accounts that they did not disclose to the IRS, and by paying their mortgage and many other bills in cash. The Justice Department also claims the Ruckers also attempted to evade payment of $114,911 of Russell Rucker’s 2001, 2002, and 2005 individual income taxes by disguising paychecks issued to Russell Rucker as non-taxable “note proceeds and failed to file their individual income tax returns and RBF’s corporate returns for 2014 through 2017. The Justice Department valued the intended tax loss caused to the IRS by their conduct is more than $250,000. Currently awaiting sentencing scheduled on January 27, 2020, the Ruckers each face a statutory maximum sentence of five years in prison as well as monetary penalties, a period of supervised release, and restitution. See West Virginian Business Owners Plead Guilty to Failing to Pay Employment Taxes and Individual Income Taxes.

Less than a week later, the Justice Department achieved another prosecutorial success when Miami, Florida business owner Ricardo Betancourt plead guilty on October 29 to causing the multiple parcel delivery businesses he owned and operated in South Florida to fail to pay over employment taxes. According to the Justice Department, Betancourt’s multiple South Florida parcel delivery businesses earned gross revenues of more than $100 million and employed hundreds of employees. Betancourt as the owner and operator of these businesses was responsible for ensuring the businesses collected and paid over to the IRS the employment taxes withheld from employees’ paychecks. The Justice Department charged that Betancourt withheld payroll taxes from his employees, but deliberately failed to pay over those withholdings and other associated taxes to the IRS. The Justice Department claimed that in 2013 and 2014, Betancourt did not pay over approximately 97 percent of the federal employment taxes he withheld from his employees. In 2015 and 2016, Betancourt did not pay over any of the federal employment taxes he withheld from his employees. For the quarter ending December 2016, Betancourt admitted that he failed to truthfully account for and pay over payroll taxes of approximately $727,478. In his sentencing currently scheduled for February 12, 2020, Betancourt faces a statutory maximum sentence of five years in prison as well as a period of supervised release, restitution, and monetary penalties. See Miami Business Owner Pleads Guilty to Employment Tax Fraud.

October Criminal Employment Tax Prison Sentencings

The prison sentences imposed during October against individuals convicted of employment tax fraud also show business owners, operators and others criminally convicted on employment tax related tax evasion and tax fraud charges should expect to serve time in prison. Take the sentencing of Gail Cooper, who was sentenced for the employment tax crimes she committed as owner of a commercial and residential glass installation company, Greenville Architectural Glass (GAG). According to the Justice Department, as the owner of GAG responsible for GAG’s finances, Cooper was legally responsible for ensuring that GAG properly withheld and paid over to the IRS federal income, Social Security and Medicare taxes on the wages GAG paid to its employees during the years 2013 through 2015. Cooper was also required to file quarterly employment tax returns with the IRS. Although Cooper caused GAG to withhold taxes from employees’ wages, the Justice Department shared she neither filed the required quarterly returns for the first quarter of 2013 through the second quarter of 2015, nor paid the withheld amounts over to the IRS. Cooper also failed to pay over to the IRS unemployment taxes. In all, Cooper caused more than $280,000 in payroll taxes not to be paid. Furthermore, the Justice Department also charged Cooper filed false individual income tax returns for 2008, 2009, and 2010, on which she understated GAG’s gross receipts and overstated its expenses. Cooper caused GAG’s bookkeeper to manipulate and delete entries in the company’s accounting records. Specifically, she directed the bookkeeper to delete invoices from the software after GAG received payment from a client to make it appear as if GAG had not received the payment. Cooper also paid personal expenses with business funds, including utility bills for her residence and rental properties, and caused these to be classified as business expenses. After filing fraudulent returns for 2008-2010, Cooper did not file any individual income tax returns for the next several years. In total, the Justice Department charged Cooper’s conduct caused a tax loss of $587,516 to the United States. As punishment for these criminal convictions, U.S. District Judge Thomas M. Rose on October 29^th ordered Cooper to serve 14 months in prison, two years of supervised release and pay restitution to the IRS in the amount of $659,262.39. Ohio Glass Company Owner Sentenced to Prison For Not Paying Employment Taxes.

That same day, Justice Department Tax Division prosecutors also obtained a 24-month prison sentence against a Tulsa, Oklahoma computer software development company owner for his criminal conviction on failing to account for and pay over employment taxes withheld from his employees’ wages. According to documents and information provided to the Court, as the owner and operator of Tulsa-based Zealcon Corporation, Earnest J. Grayson Jr. was responsible for withholding, and paying over to the IRS payroll taxes on the wages paid to Zealcon employees. For the period January 2014 through June of 2016, Justice Department prosecutors showed Grayson caused a tax loss of approximately $1 million by intentionally not paying to the IRS income and social security taxes withheld from Zealcon employees’ wages and the employer portion of social security taxes due from Zealcon on those wages. As punishment for these crimes, Grayson was sentenced to serve a 24 month prison sentence, ordered to pay restitution to the IRS in the amount of $904,091, and to serve three years of supervised release. Owner of Tulsa Software Company Sentenced to Prison for Employment Tax Fraud.

Enforcement Activity Shows Greater Employment Tax Compliance Needed

With the Justice Department promising to continue to pursue ongoing enforcement effort, businesses, individuals with ownership or management authority over the collection and payment of employment taxes, and their tax, accounting, payroll, staffing and other service providers need to use care to avoid exposing themselves to liability when advising, assisting or dealing with a business engaged in aggressively classifying workers as contractors rather than employees, or otherwise failing to properly track, account for, report and pay over income tax and employment taxes properly.

When evaluate these potential risks, businesses and business leaders responsible for income and employment tax withholding, reporting and payment and those negotiating, reviewing or engaging in transactions with them should be particularly careful when participating in arrangements that the IRS might consider employment tax fraud schemes such as:

“Pyramiding” of employment taxes, which the IRS views as a fraudulent practice where a business withholds taxes from its employees but intentionally fails to remit them to the IRS. Businesses involved in pyramiding frequently file for bankruptcy to discharge the liabilities accrued and then start a new business under a different name and begin a new scheme.
Abusive employee leasing arrangements where the business contracts with outside businesses to handle all administrative, personnel, and payroll concerns for employees where the leasing entity fails to properly report wages and withhold and payover income or employment taxes to the IRS. The IRS and other agencies often pursue tax collection and other enforcement actions against businesses that have used leasing or other staffing businesses when the leasing or staffing company fails to properly report, withhold or pay over income and employment taxes to the IRS.
Paying workers in whole or partially, in cash without properly accounting for, withholding and paying income or employment taxes due on a worker’s wages where the facts and circumstances indicated the worker qualified as a common law employee of the business; or
Filing false payroll tax returns understating the amount of wages on which taxes are owed, or failing to file employment tax returns to evade employment or other taxes.

When evaluating the adequacy of employment tax compliance, proper worker classification is a critical starting point. Business owners, operators and others in the scope of employment tax liability risk should scrutinize the defensibility of how a business classifies those performing services or other work as employees versus independent contractors, employees or contractors of another business or in some other status and document the evidence supporting these characterization and other compliance efforts.

When performing these activities, business owners and operators are encouraged to resist the urge to assume that they can rely upon the contractual or labels of workers as contractors or employed by a staffing, leasing or other service provider to avoid characterization and resulting liability for employment and income tax obligations as the employer of workers. Under the Code the defensibility of these characterizations of workers generally is determined based on whether the facts and circumstances reflect that the business in operation possessed the requisite control to qualify as a common law employer with little or no deference to how the parties have labeled the arrangement or the historical duration of the practices within the organization or its respective industry. Rather, the analysis must focus on evaluating these and other potentially suspect arrangements to realistically assess the likelihood that the IRS or Justice Department could challenge the business’ employment tax practices as willful or other violations of the Code’s employment tax requirements. Wise individuals and businesses operating or dealing with businesses involved in arrangements or practices identified as potentially suspect by the IRS and Justice Department also should pursue contractual, audit and other operational safeguards to document their efforts to require, enforce and monitor compliance and to capture and retain records and other evidence that would be helpful to defend the business’ or their own action in the event the IRS or Justice Department audits or initiates enforcement action with respect to the arrangements in the future.

Tax preparers, tax and other attorneys, accountants and others that participating in operations, preparation of returns, transactions or other activities also should be sensitive to special ethical and legal requirements and standards that can attach to advice or involvement in operations, transactions or providing advice or representation potentially involving practices that might raise employment tax fraud or other employment tax withholding and payment, wage reporting, or related employment tax concerns might arise. See, e.g., IRS Circular 230. Along side of the Justice Department’s civil and criminal employment tax enforcement, tax practitioners, tax preparers, and other third parties expose themselves to discipline for failing to properly report, pay and file employment tax or other returns or other violations of professional standards of tax practice when giving advice or other engaging in other activities adhere to professional standards and follow the law.

Additionally, tax and other professionals are reminded that tax return preparer fraud is one of the IRS’ Dirty Dozen Tax Scams. In the past decade, the Tax Division has obtained injunctions against hundreds of unscrupulous tax preparers. Information about these cases is available on the Justice Department website.

Leaders, legal and other advisors, and service providers of businesses involved in these arrangements generally should use care to critically evaluate these should react to the growing enforcement risks and acting to mitigate their own and their organization’s potential exposure to criminal or civil tax or other enforcement. These efforts should start by assessing realistically the likely defensibility of their arrangements and risks of liabily from their own or other associated businesses employment tax or worker classification practices in the event of a challenge based on a realistic assessment of the real acts and circumstances within the scope of attorney-client priviledge as well as seek contractual, audit and other operational safeguards to require and document compliance and to capture and retain records and other evidence that the business might need to defend itself against a future audit or enforcement action associated with these suspect arrangements.

Businesses leaders, advisors and service providers also should keep in mind that aggressive worker classification and employment tax practices generally also extend to a business’ other relationships with workers and service providers such as minimum wage, over time, recordkeeping and other wage and hour; I-9 eligibility to work verification, occupational heath and safety, workers’ compensation, employment discrimination and other worker associated legal obligations also currently subject to heavy worker misclassification and other enforcement. As a consequence, businesses, legal counsel, accounting and other service providers should recognize the need for a holistic review and assessment of risk and planning to manage these risks, as well as the need to use care to safeguard attorney-client privilege and avoid unprotected discussion of sensitive facts and analysis outside the scope of attorney-client privilege with other parties without prior approval of their legal counsel.

For More Information

We hope this update is helpful. For more information about worker classification and employment tax compliance and enforcement or other labor and employment developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

Solutions Law Press, Inc. invites you receive future updates and join discussions about these and other human resources, health and other employee benefit and patient empowerment concerns by participating and contributing to the discussions in our Solutions Law Press HR & Benefits Update Compliance Update Group and registering for updates on our Solutions Law Press Website.

About the Author

Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine.

Author of numerous highly regarding publications on worker classification and other employment, payroll, and employee benefit tax compliance publications, Ms. Stamer’s clients include employers and other workforce management organizations; employer, union, association, government and other insured and self-insured health and other employee benefit plan sponsors, benefit plans, fiduciaries, administrators, and other plan vendors; domestic and international public and private health care, education and other community service and care organizations; managed care organizations; insurers, third-party administrative services organizations and other payer organizations; and other private and government organizations and their management leaders. As part of this work, she has worked extensively on employee benefit communication and other employee benefit plan legislative and regulatory policy, design, compliance and enforcement including testifying to the EBSA Advisory Council on Employee Welfare and Pension Benefit Plans in on the effectiveness of employee benefit plan disclosures during 2017 hearings on on reducing the burdens and increasing the effectiveness of ERISA mandated disclosures.

For more information about Ms. Stamer or herexperience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission and its content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion.otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Comments Off on Business Leaders Serve Jail Time For Employment Tax Crimes | board of directors, compliance, Corporate Compliance, directors, Education, Educational Privacy, employee, Employee Benefits, Employer, Employers, Employment, Employment Agreement, Employment Policies, Employment Tax, ERISA, Excise Tax, FICA, Income Tax, Labor Management Relations, Management, NLRA, Payroll Tax, Reporting & Disclosure, Retirement Plans, Risk Management, Tax, Tax Fraud, Uncategorized, Unfair Labor Practice, Union, Union elections, Worker Classification | Tagged: Collective Bargaining, Education, Employees, higher education, NLRA, NLRB, student worker organization, Union, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

New $2.15M OCR Penalty Shows Health Plans Risks Of HIPAA Violations

October 23, 2019

Health plans and insurers and their service providers should heed as a warning of the potential perils they could face for violating the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security and Breach Notification Rules the just-announced $2.15 million plus civil monetary penalty that Jackson Health System (JHS) paid the Department of Health & Human Services Office of Civil Rights (OCR).

While the HIPAA-covered entity that paid the $2,154,000 civil monetary penalty, JHS, is a Florida-based nonprofit academic medical system, rather than a health plan, the $1,500,000 HIPAA resolution payment OCR previously collected from Blue Cross Blue Shield of Tennessee (BCBST) in 2012 for its breaches of HIPAA make clear that health plans and insurers risk similar penalties for HIPAA violations. Consequently, health plans, health insurers and other health care providers and their business associates should construe the JHS civil monetary penalty as evidence of the need to re-verify and remain constantly vigilant about maintaining compliance with HIPAA’s privacy, security and breach notification rules currently and on an ongoing basis.

JHS HIPAA Breaches Found By OCR

The $2.1 million plus payment was required to satisfy a civil monetary penalty assessment OCR imposed in a Notice of Proposed Determination and Notice of Final Determination made public by OCR on October 23, 2019 in response to findings from a series of investigations of HIPAA breach and compliance concerns raised between 2013 and 2016 raised by various HIPAA-mandated breach reports and media reports that raised concerns about improper access disclosure and use of patient PHI between 2013 and 2016. When JHS did not challenge the findings or determination became final. OCR reports JHS has paid the specified $2.154,000 civil monetary penalty.

JHS operates six major hospitals, a network of urgent care centers, multiple primary care and specialty care centers, long-term care nursing facilities, and corrections health services clinics, provides health services to approximately 650,000 patients annually, and employs about 12,000 individuals.

On August 22, 2013, JHS submitted a breach report to OCR stating that its Health Information Management Department lost paper records containing the protected health information (PHI) of 756 patients in January 2013. JHS’s internal investigation determined that an additional three boxes of patient records also were lost in December 2012; however, JHS did not report the additional loss or the increased number of individuals affected to 1,436, until June 7, 2016.

In July 2015, OCR initiated an investigation following a media report that disclosed the PHI of a JHS patient. A reporter had shared a photograph of a JHS operating room screen containing the patient’s medical information on social media. JHS subsequently determined that two employees had accessed this patient’s electronic medical record without a job-related purpose.

On February 19, 2016, JHS submitted a breach report to OCR reporting that an employee had been selling patient PHI. The employee had accessed inappropriately over 24,000 patients’ records since 2011.

According to OCR Director Roger Severino, “OCR’s investigation revealed a HIPAA compliance program that had been in disarray for a number of years. …This hospital system’s compliance program failed to detect and stop an employee who stole and sold thousands of patient records; lost patient files without notifying OCR as required by law; and failed to properly secure PHI that was leaked to the media.”

These and other findings led to the OCR determination in the Notice of Proposed Determination and Notice of Final Determination that JHS failed to provide timely and accurate breach notification to the Secretary of HHS, conduct enterprise-wide risk analyses, manage identified risks to a reasonable and appropriate level, regularly review information system activity records, and restrict authorization of its workforce members’ access to patient ePHI to the minimum necessary to accomplish their job duties. OCR assessed the $2.1 million civil monetary penalty based on these determinations.

The JHS civil monetary penalty is The latest in a growing series of OCR enforcement and regulatory actions that drive home the perils HIPAA-covered health care providers, health plans and insurers, healthcare clearinghouses and business associates risk by failing to responsibly and effectively manage their HIPAA compliance including the one against mega-health plan and business associate, BCBST, that resulted in its payment of a $1,500,000 resolution payment. For details of the BCBS Resolution Agreement and Settlement payment, see here.

OCR enforcement data documents a steady rise in OCR investigation and enforcement activity. OCR set all-time records for HIPAA Enforcement in 2018. Heavy enforcement activity has continued in 2019. Before its October 23, 2019 announcement of the JHS civil monetary penalties, OCR already had announced:

A $10,000 resolution agreement with a dental practice for improperly disclosing patient PHI on social media at the beginning of October;
Its first HIPAA right of access resolution agreement against a health care provider for violating HIPAA’s right of access rules on September 9, 2019 as part of its recently announced HIPAA access rule enforcement initiative;
A $100,000 resolution payment from an Indiana Medical Records Service resulting from a breach of electronic protected health information at a business associate;
The collection of a $3 million resolution payment collected from a Tennessee diagnostic medical imaging services company to settle HIPAA civil monetary penalty exposures arising from a breach that exposed the protected health information of more than 300,000 patients; and
A multitude of other audits and enforcement activities resolved through corrective action without collection of any resolution payment or civil monetary penalties.

Given these and other previously announced enforcement initiatives and actions, all HIPAA covered entities and their business associates are urged to maintain hypervigilance about their own HIPAA compliance with long standing as well as emerging HIPAA requirements taking into account old, recent, and emerging guidance and enforcement activities of OCR. Of course health plans and other covered entities also need to additionally weigh their exposure under various other state and federal law likely to arise from such breaches and the investigation, mitigation and public and customer trust consequences that almost always accompany and frequently exceed the actual HIPAA liability imposed. Considered together, these and other consequences of HIPAA vioations or other sloppy dealings with protected health inforamtion or ther sensitive health care or financial information make a clear case for investing appropriately in HIPAA and related compliance.

For More Information

Solutions Law Press, Inc. invites you receive future updates and join discussions about these and other human resources, health and other employee benefit and patient empowerment concerns by participating and contributing to the discussions in our Solutions Law Press HR & Benefits Update Compliance Update Group and registering for updates on our Solutions Law Press Website.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of management focused employment, employee benefit and insurance, workforce and other management work, public policy leadership and advocacy, coaching, teachings, and publications.

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include employers and other workforce management organizations; employer, union, association, government and other insured and self-insured health and other employee benefit plan sponsors, benefit plans, fiduciaries, administrators, and other plan vendors; domestic and international public and private health care, education and other community service and care organizations; managed care organizations; insurers, third-party administrative services organizations and other payer organizations; and other private and government organizations and their management leaders. As part of this work, she has worked extensively on employee benefit communication and other employee benefit plan legislative and regulatory policy, design, compliance and enforcement including testifying to the EBSA Advisory Council on Employee Welfare and Pension Benefit Plans in on the effectiveness of employee benefit plan disclosures during 2017 hearings on on reducing the burdens and increasing the effectiveness of ERISA mandated disclosures.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission and its content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion.otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

1 Comment | Association Health Plan, Education, Educational Privacy, employee, Employee Benefits, Employer, Employers, ERISA, health benefit, Health Benefits, health Care, health insurance, health insurance marketplace, Health IT, health plan, Health Plans, HIPAA, HIPAA, Labor Management Relations, NLRA, Protected Health Information, Reporting & Disclosure, Retirement Plans, Uncategorized, Unfair Labor Practice, Union, Union certification, Union elections, Worker Classification | Tagged: Data Breach, Health Plan, HIPAA, Jackson Health System, Medical Privacy, OCR, Office of Civil Rights, PHI, Protected Health Information | Permalink
Posted by Cynthia Marcotte Stamer

Proposed NLRB Employee Definition To Exclude College Study Workers

October 23, 2019

Monday, December 16, 2019 is the new comment deadline for providing feedback to the National Labor Relations Board (NLRB) ion a proposed rule that would exempt undergraduate and graduate students performing services for financial compensation in connection with their studies from the NLRB’s definition of “employee” for purposes of the National Labor Relations Act (NLRA) and other collective bargaining and union organizing and representation laws under the NLRB’s jurisdiction. The extended comment deadline was announced here October 17, 2019.

The original notice of proposed rulemaking published here on September 23, 2019 would exempt ” every student performing teaching, research and any services for compensation, at a private college or university in connection with his or her studies from treatment as an “employee” for purposes of Section 2(3) of the NLRA.

The NLRB says this proposed rulemaking “is intended to bring stability to an area of federal labor law in which the NLRB, through adjudication, has reversed its approach three times since 2000. The NLRB has stated this proposed standard on the exclusion of students from the NLRA definition of employee is consistent with the purposes and policies of the NLRA, which contemplates jurisdiction over economic relationships, not those that are primarily educational in nature.

The proposed regulation is one of several regulatory projects that the now Trump-appointee dominated NLRB has undertaken in the past year in its effort to undue a host of pro-labor changes to NLRB policy changes initiated and enforced during the Obama Administration when President Obama appointees dominated the NLRB and its policies. Another example of these regulatory efforts include the NLRB’s current efforts to reverse a change in interpretation and enforcement of the “joint employer” rules of the NLRA and Fair Labor Standards Act that substantially expanded the imputation of liability for collective bargaining and other labor-management and wage and hour law violations by treating companies as joint employers that received the benefit of work performed even when the recipient company did not control the details of the work or the nominal employer. Employers generally will want to carefully monitor and provide appropriate input on these and other developments.

For More Information

Solutions Law Press, Inc. invites you receive future updates and join discussions about these and other human resources, health and other employee benefit and patient empowerment concerns by participating and contributing to the discussions in our Solutions Law Press HR & Benefits Update Compliance Update Group and registering for updates on our Solutions Law Press Website.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of management focused employment, employee benefit and insurance, workforce and other management work, public policy leadership and advocacy, coaching, teachings, and publications.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission and its content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion.otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Comments Off on Proposed NLRB Employee Definition To Exclude College Study Workers | Education, Educational Privacy, employee, Employee Benefits, Employer, Employers, ERISA, Labor Management Relations, Labor Management Relations, NLRA, Reporting & Disclosure, Retirement Plans, Uncategorized, Unfair Labor Practice, Union, Union, Union certification, Union elections, Worker Classification | Tagged: Collective Bargaining, Education, Employees, higher education, NLRA, NLRB, student worker organization, Union, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

DOL Proposing To Allow Default Website ERISA Retirement Plan Disclosures

October 22, 2019

Employer and other retirement plan sponsors, plan administrators and other service providers desiring to use website or other electronic communications to distribute retirement plan disclosures required by the Employee Retirement Income Security Act (“ERISA”) in lieu of the much more expensive and time consuming process of sending volumes of paper documents through the mail or other ERISA-compliant means should share their recommendations and support for a proposed regulation announced by the . U.S. Department of Labor Employee Benefit Security Administration (“EBSA”) today (October 22, 2019).

Scheduled for official publication in the Federal Register on October 23, 2019, the Proposed Regulation on Default Electronic Disclosure by Employee Pension Benefit Plans under Employee Retirement Income Security Act would loosen current EBSA electronic disclosure rules by creating a“safe harbor” allowing retirement plans and their administrators greater freedom to use electronic disclosures to meet ERISA-mandated retirement plan disclosures.

ERISA requires retirement plan administrators to furnish multiple documents per year to participants and beneficiaries on a variety of topics. Currently, retirement plan disclosures generally are provided through paper documents distributed by first class mail. because existing regulations requiring plan administrators to use delivery methods “reasonably calculated to ensure actual receipt of the documents” make paper distribution safest.

Historically, the general standards for delivery of required disclosures set forth in 29 CFR 2520.104b-1 require retirement plans and their administrators to incur substantial expense to print and deliver the required disclosure communications via mail or hand delivery. Preparing and providing these disclosures in printed form is costly and time consuming. Since many plan participants never read or cannot find copies of these high dollar printed materials, plan sponsors and administrators long have questioned the appropriateness of these expensive mandates.

As internet accessibility and use have expanded, calls to modernize the general delivery rule to allow electronic delivery or access have picked up steam. Employer and other plan sponsors, plan administrators increasingly have urged EBSA to update is regulations to allow electronic delivery to reduce plan costs and administrative burdens as well as to facilitate participant access to these disclosures on demand through the internet.

In an initial effort to respond to these developments and pressures, EBSA amended the general standards for delivery of required disclosures in 2002 by establishing a regulatory safe harbor for the use of electronic media (the “2002 safe harbor”) under 29 CFR 2520.104b-1(c). Unfortunately, the conditions the 2002 safe harbor imposed on electronic distribution hindered use of electronic delivery as the default method of delivery of retirement plan documents. make n administration recently prompted EBSA to reconsider the 2002 safe harbor. In the new proposed regulation, EBSA proposes to allow retirement plans and their administrators greater latitude to use electronic media to provide ERISA required retirement disclosures under the terms set forth in the proposed regulation. EBSA says this rule change would reduce retirement plan communication costs while enhancing the accessibility of communications to plan participants by leveraging internet technology.

Under the proposed regulation’s safe harbor, retirement plans and their plan administrators still would have to provide ERISA retirement plan disclosures, but their options for distributing these disclosures would expand. In addition to distributing paper notifications by mail, hand delivery or other means “reasonably calculated to ensure delivery,” the proposed regulation would provide an option to use website posting as the default means of distribution provided the participant does not elect to continue to receive paper notification. To take advantage of the option to use website posting, however, plan administrators would have to comply with the safe harbor requirements in the proposed regulation including requirements that:

The plan post the required disclosures on a website that meets the requirements of the safe harbor rule, including system checks for invalid electronic addresses;
Retirement plan administrators would satisfy their obligation to furnish ERISA-required disclosures by making the information accessible online and by furnishing to participants and beneficiaries a notice of internet availability of these disclosures.
A notice of internet availability would be sent to the electronic address of the participant, for example to the participant’s email address.
A notice of internet availability must include, among other things, a brief description of the document being posted online, a website address where the document is posted, and instructions for requesting a free paper copy or electing paper delivery in the future.
A notice of internet availability generally must be sent each time a retirement plan disclosure is posted to the internet website.
To prevent “email overload,” the proposal allows a notice of internet availability to incorporate or combine other notices of internet availability in limited circumstances.

The framework in the proposal is similar to the approach the Securities and Exchange Commission takes for certain investor disclosures. EBSA says the proposed regulation safe harbor also is intended to align with Internal Revenue Service rules about delivering retirement plan disclosures electronically while protecting the option for those participants who prefer paper notices to elect to continue to do so.

EBSA projects the adoption of the proposed regulation would substantially reduce the administrative and financial burden of meeting the ERISA disclosure requirements. In fact, EBSA estimates that elimination or reduction of printed materials, printing and mailing costs associated with furnishing printed disclosures allowed through the expanded use of internet technology to furnish covered disclosures to workers allowed by the safe harbor would produce approximately $2.4 billion net cost savings over the next 10 years for ERISA-covered retirement plans. Meanwhile, EBSA says the requirement in the proposed regulation for plans to continue to provide disclosures in paper form to participants that prefer that option would protect the reliability of disclosures to those participants.

EBSA is inviting plan sponsors, administrators and other stakeholders to submit comments on the proposed regulation generally. In addition, the Notice of Proposed Ruling on the proposed regulation also specifically invites stakeholders to assist EBSA to evaluate whether additional changes to the disclosure requirements in the regulations in the future by inviting input on a broad range of disclosure-related questions and topics, including scope, content, design and delivery of ERISA disclosures.

For More Information

Solutions Law Press, Inc. invites you receive future updates and join discussions about these and other human resources, health and other employee benefit and patient empowerment concerns by participating and contributing to the discussions in our Solutions Law Press HR & Benefits Update Compliance Update Group and registering for updates on our Solutions Law Press Website.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of management focused employment, employee benefit and insurance, workforce and other management work, public policy leadership and advocacy, coaching, teachings, and publications.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission and its content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion.otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Comments Off on DOL Proposing To Allow Default Website ERISA Retirement Plan Disclosures | Employee Benefits, Employer, Employers, ERISA, Reporting & Disclosure, Retirement Plans, Uncategorized | Tagged: Disclosures, EBSA, Employee Benefits, Employees, Heath Plans., participants, retirement, Retirement Plans | Permalink
Posted by Cynthia Marcotte Stamer

Health Plans Should Prepare For Plan Fallout Of HHS Rule Requiring Manufacturers Disclose Drug Prices

May 9, 2019

On Wednesday, May 8, 2019, Health and Human Services(“HHS”) Secretary Alex Azar announced the adoption of a Medicare and Medicaid Programs; Regulation to Require Drug Pricing Transparency Final Rule (the “Rule”) by the Centers for Medicare & Medicaid Services (“CMS”) requiring direct-to-consumer television advertisements for prescription pharmaceuticals covered by Medicare or Medicaid to include the list price – the Wholesale Acquisition Cost – if that price is equal to or greater than $35 for a month’s supply or the usual course of therapy.

Part of President Trump’s American Patients First blueprint, the 102 page Rule seeks to increase transparency for patients and bring down overall drug costs both for patients and for the Medicare and Medicaid programs.

Effective 60 days after its official publication in the Federal Register on May 10, 2019, the Rule will require direct-to-consumer television advertisements for prescription drug and biological products covered by Medicare or Medicaid to include the list price – the Wholesale Acquisition Cost – if that price is equal to or greater than $35 for a month’s supply or the usual course of therapy, with the prices updated quarterly.

According to CMS, the 10 most commonly advertised drugs have list prices ranging from $488 to $16,938 per month or usual course of therapy. CMS believes patients should know what a drug costs as they discuss their options with their doctor.

While pharmaceutical drug manufactures generally must obtain approval from the FDA Office of Prescription Drug Promotion (ODPD) for advertising, OPDP does not review price information in prescription drug advertisements. Consequently, HHS says ODPD will not require a manufacturer that simply adds price information to a direct-to-consumer advertisement as required by § 403.1202 of the Rule unless the price information explicitly or implicitly incorporates safety or efficacy information about the drug, or makes express or implied claims about the safety or efficacy of the drug.

In addition to the Rule, HHS continues to review a number of other rules and proposals it hopes to further advance the American Patients First blueprint initiative to improve drug price transparency and inform consumer decision making by fixing opaque systems, changing incentives that drive costs or other undesirable behaviors by pharmaceutical companies, prescription benefit management (“PBM”) companies, health insurers and plans, providers and patients.

Health plan, their employer and other sponsors, insurers, PBM and other vendors and others should anticipate that the new Rule and other elements and initiatives of the Trump Administration American Patients First blueprint will impact plan design and administration both by directly impacting PBM and pharmaceutical costs, products, formularies and arrives and by fueling a host of new discussions by patients and their providers about pharmaceutical drug selection. In addition to impacting existing plan features and their administration, health plans, their fiduciaries, administrators and insurers should prepare for a predictable surge in scrutiny by plan

members about health plan prescription drug formularies that in many cases will fuel new appeals and challenges to the plan denials, formularies and other impacted features. Health plan fiduciaries, administrators, PBMs and other vendors, employer and other sponsors should anticipate and begin preparing both to handle these new health plan demands and ideally, to educate patients and their caregivers to use the new information to

make better health care choices.

If you have questions or would like more information about the new Rule or other developments impacting your health plan design or administration, please contact the author directly.

If you found this article of interest, Solutions Law Press, Inc. invites you to check out other Solutions Law Press, Inc. publications. We also invite you to share your own best practices ideas and resources and join the discussions about these and other human resources, health and other employee benefit and patient empowerment concerns by participating and contributing to the discussions in our Solutions Law Press HR & Benefits Update Group or COPE: Coalition On Patient Empowerment Groupon LinkedIn or Project COPE: Coalition on Patient Empowerment Facebook Page.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of management focused employment, employee benefit and insurance, workforce and other management work, public policy leadership and advocacy, coaching, teachings, and publications.

Throughout her 30 plus year career, Ms. Stamer has continuously worked with these and other management clients to design, implement, document, administer and defend hiring, performance management, compensation, promotion, demotion, discipline, reduction in force and other workforce, employee benefit, insurance and risk management, health and safety, and other programs, products and solutions, and practices; establish and administer compliance and risk management policies; comply with requirements, investigate and respond to government, accreditation and quality organizations, regulatory and contractual audits, private litigation and other federal and state reviews, investigations and enforcement actions; evaluate and influence legislative and regulatory reforms and other regulatory and public policy advocacy; prepare and present training and discipline; handle workforce and related change management associated with mergers, acquisitions, reductions in force, re-engineering, and other change management; and a host of other workforce related concerns. Ms. Stamer’s experience in these matters includes supporting these organizations and their leaders on both a real-time, “on demand” basis with crisis preparedness, intervention and response as well as consulting and representing clients on ongoing compliance and risk management; plan and program design; vendor and employee credentialing, selection, contracting, performance management and other dealings; strategic planning; policy, program, product and services development and innovation; mergers, acquisitions, bankruptcy and other crisis and change management; management, and other opportunities and challenges arising in the course of workforce and other operations management to improve performance while managing workforce, compensation and benefits and other legal and operational liability and performance.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, heavily involved in health benefit, health care, health, financial and other information technology, data and related process and systems development, policy and operations throughout her career, and scribe of the ABA JCEB annual Office of Civil Rights agency meeting, Ms. Stamer also is widely recognized for her extensive work and leadership on leading edge health care and benefit policy and operational issues. She regularly helps employer and other health benefit plan sponsors and vendors, health industry, insurers, health IT, life sciences and other health and insurance industry clients design, document and enforce plans, practices, policies, systems and solutions; manage regulatory, contractual and other legal and operational compliance; vendors and suppliers; deal with Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA, state insurance law and other private payer rules and requirements; contracting; licensing; terms of participation; medical billing, reimbursement, claims administration and coordination, and other provider-payer relations; reporting and disclosure, government investigations and enforcement, privacy and data security; and other compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; HIPAA administrative simplification, meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA, HEDIS and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Health Plans Should Prepare For Plan Fallout Of HHS Rule Requiring Manufacturers Disclose Drug Prices

Congress Moves To Enact Federal Paid Leave Rules

$3 Million OCR Touchstone Settlement Warns Health Plans of Perils of HIPAA Violations

Employer Faces 5 Years Imprisonment For Not Paying Employment & Income Tax Withholding To IRS

Health Plans Must Share PHI To Apps When Members Request, Responsible For Security On Plan-Sponsored Apps

NLRA Not Violated By Employers Termination of Union Dues Withholding In Response To Wisconsin Right To Work Law

Tell Employees, Plan Members About April 27 National Prescription Drug Take Back Day

Proposed FLSA Joint Employer Rule Would Reduce Business’ Joint Employer Wage & Hour Liability

Proposed FLSA Base Pay Rule Clarifies Overtime Treatment Of Perks

Federal Veterans Hiring Benchmark Resets 3/31 To 5.9%; Prepare For Audits & Other Enforcement

Consider Employee Recess In Your Employee Wellness Programs

Use 3/26 Diabetes Alert Day Resources To Jumpstart Your Diabetes Management & Cost Containment Efforts

NLRB Responds To House Democrats About Private Contractor Participation In Joint Employment Rule Comment Processing

Employee Transportation Deduction Rules Changed

2019 Mileage Rates Adjusted; Employee Unreimbursed Mileage & Relocation Mileage Deductions Unavailable In 2018 and 2019

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Comments Off on Health Plans Should Prepare For Plan Fallout Of HHS Rule Requiring Manufacturers Disclose Drug Prices | Claims, Claims Administration, compliance, Consumer Protection, Corporate Compliance, Drug & Alcohol, drug pricing, EBSA, Education, employee, Employee Benefits, Employer, Employers, ERISA, Fiduciary Responsibility, health benefit, Health Benefits, health Care, health care transparency, health insurance, health plan, Health Plans, HR, Human Resources, Insurance, insurers, Leadership, Managed Care, Management, Medicare Part D, Patient Empowerment, pbms, Physician, PPO, Prescription Drugs, prescription drugs, Reporting & Disclosure, third party administrators | Tagged: blueprint, Health Care, Health Plans, pbm, Prescription Drugs, transparency | Permalink
Posted by Cynthia Marcotte Stamer

Health Plans Must Share PHI To Apps When Members Request, Responsible For Security On Plan-Sponsored Apps

April 30, 2019

Health plans must deliver electronic protected health information (“ePHI”) to electronic applications or software (“apps”) used by plan members, and are responsible under the Health Insurance Portability & Accountability Act (“HIPAA”) Privacy and Security Rules for the security of electronic protected health information (“ePHI”) on apps they sponsor or provide, according to new guidance from the Department of Health & Human Services (“HHS”) Office of Civil Rights (“OCR”).

With health plans and their sponsors and insurers increasingly offering or promoting the use of apps to plan members members to access, maintain and use their health information, health plans, health care providers, health care clearinghouses and their business associates (“covered entities”) covered by HIPAA must understand and be prepared meet their HIPAA responsibilities to provide and protect ePHI to and on these apps, but may want to rethink sponsoring or providing a particular app for that purpose.

New HIPAA FAQ guidance (the “FAQs”) from OCR that addresses the implications of HIPAA on covered entities responsibility when asked to share or for ePHI shared or stored on apps or application programming interfaces (“APIs”) systems, covered entities have a legal obligation to disclose ePHI to an app when subjects of the ePHI or their personal representatives request such disclosures. However, the FAQs also state a covered entity or its business associates won’t be responsible for the security of the data shared to the app unless it sponsors or provides it.

pends upon whether the AP or API interface provider is a business associate of the covered entity versus just a third-party provider whose involvement and receipt of the PHI is requested and arranged by the subject of the PHI.

Covered Entities Obligated To Disclose ePHI to Apps Chosen By Individuals

The FAQs make crystal clear that covered entities do not have the option of refusing to share ePHI to an app when requested to do so by the subject of the ePHI or its personal representative. The FAQs states that covered entities cannot refuse to disclose ePHI to an app chosen by an individual because of concerns about how the app will use or disclose the ePHI it receives. In this regard, the FAQs state that the HIPAA Privacy Rule generally prohibits a covered entity from refusing to disclose ePHI to a third-party app designated by the individual if the ePHI is readily producible in the form and format used by the app. See 45 CFR 164.524(a)(1), (c)(2)(ii), (c)(3)(ii).According to the FAQ, the HIPAA Rules do not impose any restrictions on how an individual or the individual’s designee, such as an app, may use the health information that has been disclosed pursuant to the individual’s right of access. For instance, a covered entity is not permitted to deny an individual’s right of access to their ePHI where the individual directs the information to a third-party app because the app will share the individual’s ePHI for research or because the app does not encrypt the individual’s data when at rest.According to the FAQs, the liability a covered entity or business associate bears for sharing ePHI to an App under the HIPAA Privacy, Security, or Breach Notification Rules (HIPAA Rules) depends on the relationship between the covered entity and the app.

Breaches of Health Information Disclosed To An App

If an app that is neither a covered entity nor a business associate of the covered entity under HIPAA receives ePHI at the request of the subject or its personal representative, the FAQ states that the shared ePHI is no longer subject to the protections of the HIPAA Rules. Thus if the individual’s app – chosen by an individual to receive the individual’s requested ePHI – was not provided by or on behalf of the covered entity (and, thus, does not create, receive, transmit, or maintain ePHI on its behalf), the covered entity would not be liable under the HIPAA Rules for any subsequent use or disclosure of the requested ePHI received by the app. For example, the covered entity would have no HIPAA responsibilities or liability if such an app that the individual designated to receive their ePHI later experiences a breach. See also, See also OCR FAQ 2039, “What is the liability of a covered entity in responding to an individual’s access request to send the individual’s PHI to a third party.In contrast, however, the FAQ states that if the app was developed for, or provided by or on behalf of the covered entity – and, thus, creates, receives, maintains, or transmits ePHI on behalf of the covered entity – the covered entity could be liable under the HIPAA Rules for a subsequent impermissible disclosure because of the business associate relationship between the covered entity and the app developer. For example, if the individual selects an app that the covered health care provider uses to provide services to individuals involving ePHI, the FAQs state that the health care provider may be subject to liability under the HIPAA Rules if the app impermissibly discloses the ePHI received.

Transmission of ePHI to App Using Unsecured Method

The FAQs also address the potential exposures of covered entities and their business associates arising from the transmission of ePHI to an App using an unsecure method. According to the FAQs, the access rights HIPAA guarantees to individuals allows an individual to request that a covered entity to direct their ePHI to a third-party app in an unsecure manner or through an unsecure channel. See 45 CFR 164.524(a)(1), (c)(2)(ii), (c)(3)(ii). For instance, an individual may request that their unencrypted ePHI be transmitted to an app as a matter of convenience. The FAQ states that a covered entity that transmits ePHI through an unsecured means under such circumstances would not be responsible for unauthorized access to the individual’s ePHI while in transmission to the app. With respect to such apps, however, the FAQs also suggest that the covered entity may want to consider informing the individual of the potential risks involved the first time that the individual makes the request.

Post Transmission Exposure of Covered Entity’s EHR Systems Developer

The FAQ also discusses the potential exposure of a covered entity’s electronic health record (EHR) system developer under HIPAA after completing the transmission on behalf of a covered entity of ePHI to an app designated by the subject of the ePHI. According to the FAQs, the exposure of the HER system developer depends on the relationship, if any, between the covered entity, the EHR system developer, and the app chosen by the individual to receive the individual’s ePHI. A business associate relationship exists if an entity creates, receives, maintains, or transmits ePHI on behalf of a covered entity (directly or through another business associate) to carry out the covered functions of the covered entity. A business associate relationship exists between an EHR system developer and a covered entity. If the EHR system developer does not own the app, or if it owns the app but does not provide the app to, through, or on behalf of, the covered entity – e.g., if it creates the app and makes it available in an app store as part of a different line of business (and not as part of its business associate relationship with any covered entity) – the EHR system developer would not be liable under the HIPAA Rules for any subsequent use or disclosure of the requested ePHI received by the app.If the EHR system developer owns the app or has a business associate relationship with the app developer, and provides the app to, through or on behalf of, the covered entity (directly or through another business associate), however, the FAQs state the EHR system developer then potentially could face HIPAA liability (as a business associate of a HIPAA covered entity) for any impermissible uses and disclosures of the health information received by the app. For example, if an EHR system developer contracts with the app developer to create the app on behalf of a covered entity and the individual later identifies that app to receive ePHI, then the EHR system developer could be subject to HIPAA liability if the app impermissibly uses or discloses the ePHI received.

Covered Entity’s Duty To Enter Into Business Associate Agreement Depends Upon Relationship

Likewise, the FAQs also state that whether HIPAA requires a a covered entity or its EHR system developer to enter into a business associate agreement with an app designated by the individual in order to transmit ePHI to the app depends upon the relationship between the app developer and the covered entity and/or its EHR system developer. A business associate is a person or entity who creates, receives, maintains or transmits PHI on behalf of (or for the benefit of) a covered entity (directly or through another business associate) to carry out covered functions of the covered entity. An app’s facilitation of access to the individual’s ePHI at the individual’s request alone does not create a business associate relationship. Such facilitation may include API terms of use agreed to by the third-party app (i.e., interoperability arrangements).HIPAA does not require a covered entity or its business associate (e.g., EHR system developer) to enter into a business associate agreement with an app developer that does not create, receive, maintain, or transmit ePHI on behalf of or for the benefit of the covered entity (whether directly or through another business associate). However if the app was developed to create, receive, maintain, or transmit ePHI on behalf of the covered entity, or was provided by or on behalf of the covered entity (directly or through its EHR system developer as the covered entity’s business associate), then a business associate agreement would be required.

Health Plan & Other Covered Entity Take Aways

The new FAQ raises several action items for health plans, their sponsoring employers or unions, fiduciaries, administrators, brokers and insurers as well as other covered entities. Among other things, health plans and other covered entities must recognize and be prepared currently to provide PHI to subjects of that information on the apps of the requesting individual’s preference within the time frames dictated by HIPAA. Health plans and other covered entities need to recognize that the FAQs reflect this is a current, not future responsibility.

Second, health plans, health care providers and others that have or are considering providing apps or other tools to health plan members or patients for use in accessing or using PHI also generally need to recognize that the health plan or health care provider generally will bear responsibility under HIPAA for the adequacy of the security of the apps provided by or on behalf of the health plan or health care provider. Given the general responsibility to provide PHI to any apps designated by a subject of PHI, many health plans and health care providers may wish to reconsider whether providing or endorsing a particular app continues to make sense taking into account the HIPAA data privacy and security responsibilities and risks attendent to maintaining the security of PHI stored and accessed using those tools. Those electing to provide apps or other tools need to take steps to ensure the current and future adequacy of the data security of the app and its associated storage and other components including any future modifications to those tools.

Furthermore, health plans and other covered entities also should consider the advisability of revising existing notices and authorizations in response to the new FAQs. For instance, health plans, health care providers and others supplying PHI to an app designated by the requesting individual may want to consider revising forms to document the direction and consent of the requestor to the electronic delivery of the PHI to the designated app to better position themselves to claim the protection against liability for breaches on these subject designate apps described in the FAQs. Meanwhile, health plans or other covered entities providing apps also may wish to weigh options for supplementing disclosures to mitigate potential risks from use or failure to upgrade apps that might be viewed as covered entity provided or sponsored.

Certainly, before sponsoring or allowing a business associate to offer or provide an app or other similar solution, health care providers and other covered entities must ensure that the business associate agreement requirements of HIPAA are met from the app developer and others providing services or the app as business associates to the covered entity. Covered entities also should take steps to ensure that the interfaces between the apps and other systems are properly secured at the point of implementation and during any subsequent upgrades keeping in mind that OCR guidance expects covered entities to reconfirm security for any system, software or app upgrades. Meeting this expectation for apps within the possession of patients or plan members can present special challenges requiring careful planning.

Have questions about the new FAQs or other health care regulatory developments or their implications on your organization, contact the author. You also are invited to stay abreast of these and other health care developments by participating in our Solutions Law Press, Inc. Linkedin HR & Benefits Update LinkedIn Group or COPE: Coalition On Patient Empowerment Group or Project COPE: Coalition on Patient Empowerment Facebook Page.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry, health and other benefit and insurance, workforce and other management work, public policy leadership and advocacy, coaching, teachings, and publications.

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include employers and other workforce management organizations; employer, union, association, government and other insured and self-insured health and other employee benefit plan sponsors, benefit plans, fiduciaries, administrators, and other plan vendors; managed care organizations, insurers, self-insured health plans and other payers and their management; public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, health care accreditation, peer review and quality committees and organizations; managed care organizations, insurers, third party administrative services organizations and other payer organizations; billing, utilization management, management services organizations; group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; claims, billing and other health care and insurance technology and data service organizations; other health, employee benefit, insurance and financial services product and solutions consultants, developers and vendors; and other health, employee benefit, insurance, technology, government and other management clients.

A former lead consultant to the Government of Bolivia on its Pension Privatization Project with extensive domestic and international public policy concerns in pensions, healthcare, workforce, immigration, tax, education and other areas, Ms. Stamer has been extensively involved in U.S. federal, state and local health care and other legislative and regulatory reform impacting these concerns throughout her career. Her public policy and regulatory affairs experience encompassess advising and representing domestic and multinational private sector health, insurance, employee benefit, employer, staffing and other outsourced service providers, and other clients in dealings with Congress, state legislatures, and federal, state and local regulators and government entities, as well as providing advice and input to U.S. and foreign government leaders on these and other policy concerns.

Beyond her public policy and regulatory affairs involvement, Ms. Stamer also has extensive experience helping these and other clients to design, implement, document, administer and defend workforce, employee benefit, insurance and risk management, health and safety, and other programs, products and solutions, and practices; establish and administer compliance and risk management policies; comply with requirements, investigate and respond to government; accreditation and quality organizations; private litigation and other federal and state health care industry investigations and enforcement actions; evaluate and influence legislative and regulatory reforms and other regulatory and public policy advocacy; training and discipline; enforcement, and a host of other related concerns. Ms. Stamer’s experience in these matters includes supporting these organizations and their leaders on both a real-time, “on demand” basis with crisis preparedness, intervention and response as well as consulting and representing clients on ongoing compliance and risk management; plan and program design; vendor and employee credentialing, selection, contracting, performance management and other dealings; strategic planning; policy, program, product and services development and innovation; mergers, acquisitions, and change management; workforce and operations management, and other opportunities and challenges arising in the course of their operations.

Ms. Stamer has extensive health care reimbursement and insurance experience advising and defending plan sponsors, administrators, insurance and managed care organizations, health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and employer and association group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions. Scribe for the ABA JCEB annual agency meeting with HHS OCR, she also has worked extensively on health and health benefit coding, billing and claims, meaningful use and EMR, billing and reimbursement, quality measurement and reimbursement, HIPAA, FACTA, PCI, trade secret, physician and other medical, workforce, consumer financial and other data confidentiality and privacy, federal and state data security, data breach and mitigation, and other information privacy and data security concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, privacy and data security, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; a ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Comments Off on Health Plans Must Share PHI To Apps When Members Request, Responsible For Security On Plan-Sponsored Apps | Brokers, Cafeteria Plans, Civil Monetary Penalties, Civil Rights, Claims, COBRA, Consumer Protection, Corporate Compliance, Cybercrime, Data Breach, Data Security, Drug & Alcohol, employee, Employee Benefits, Employer, Employers, Employment, ERISA, health benefit, Health Benefits, health Care, health insurance, health insurance marketplace, Health IT, health plan, Health Plans, HIPAA, HR, Identity Theft, Insurance, Internal Investigations, Managed Care, Mental Health, Mental Health Parity, Privacy, Uncategorized | Tagged: APPs, Data Privacy, Data Security, Health Plan, HIPAA, Inc. publisher/author Cynthia Marcotte Stamer and Society of Professional Benefits Administrators Director of Public Relations & Legal Affairs Elizabeth Leight will lead a conference call discussi, Security | Permalink
Posted by Cynthia Marcotte Stamer

ONC New Emphasis On Health IT Interoperability Promises New Demands & Opportunities

January 8, 2019

Interoperability will be a key priority for the Office of the National Coordinator for Health Information Technology (“ONC”) going forward.

That’s the message in the just released 2018 Report to Congress: Annual Update on the Adoption of a Nationwide System for the Electronic Use and Exchange of Health Information (“Report”).

The planned shift to demand greater interoperability promises to create new demands for employer-sponsored health plans, health insurers and others involved in the healthcare delivery and payment processes. Health plans and their insurers and sponsors should begin preparing for these new demands, as well as to leverage the new opportunities and manage the new risks they will create.

The Report describes barriers, actions taken, and recommendations as well as ONC’s path forward to implement the 21st Century Cures Act.

Under the 21st Century Cures Act, Congress gave HHS authority to enhance innovation, scientific discovery, and expand the access and use of health information through provisions related to:

The development and use of upgraded health IT capabilities;
Transparent expectations for data sharing, including through open application programming interfaces (APIs); and
Improvement of the health IT end user experience, including by reducing administrative burden.

These priorities seek to increase nationwide interoperability of health information and reduce clinician burden..

Current Status

The Report says increases in the adoption of health IT means most Americans receiving health care services now have their health data recorded electronically. However, this information is not always accessible across systems and by all end users—such as patients, health care providers, and payers—in the market in productive ways. For example:

Despite the individual right to access health information about themselves established by the HIPAA Privacy Rule, patients often lack access to their own health information, which hinders their ability to manage their health and shop for medical care at lower prices;

Health care providers often lack access to patient data at the point of care, particularly when multiple health care providers maintain different pieces of data, own different systems, or use health IT solutions purchased from different developers; and

Payers often lack access to clinical data on groups of covered individuals to assess the value of services provided to their customers.

The Report says these limitations create several problems, including:

Patients should be able to easily and securely access their medical data through their smartphones. Currently, patients electronically access their health information through patient portals that prevent them from easily pulling from multiple sources or health care providers. Patient access to their electronic health information also requires repeated use of logins and manual data updates.

For health care providers and payers, interoperable access and exchange of health records is focused on accessing one record at a time.
Payers cannot effectively represent their members if they lack computational visibility into which health care providers offer the highest quality care at the lowest cost. Without the capability to access multiple records across a population of patients, health care providers and payers will not benefit from the value of using modern computing solutions—such as machine learning and artificial intelligence—to inform care decisions and identify trends.
Payers and employer group health plans which purchase health care have little information on health outcomes. Often, health care providers and payers negotiate contracts based on the health care provider’s reputation rather than on the quality of care that health care provider offers to patients. Health care providers should instead compete based on the entire scope of the quality and value of care they provide, not on how exclusively they can craft their networks. Outcome data will allow payers to apply machine learning and artificial intelligence to have better insight into the value of the care they purchase.

Current Barriers

According to the Report, HHS heard from stakeholders over the past year that barriers to interoperable access to health information remain, including technical, financial, trust, and business practice barriers. These barriers impede the movement of health information to where it is needed across the care continuum. In addition, burden arising from quality reporting, documentation, administrative, and billing requirements that prescribe how health IT systems are designed also hamper the innovative usability of health IT.

Current and Upcoming Actions

The Report states HHS has many efforts to help ensure that electronic health information can be shared safely and securely where appropriate to improve the health and care of all Americans.

ONC also reports Federal agencies, states, and industry have taken steps to address technical, trust, and financial challenges to interoperable health information access, exchange, and use for patients, health care providers, and payers (including insurers). HHS aims to build on these successes through the ONC Health IT Certification Program, HHS rulemaking, health IT innovation projects, and health IT coordination.

In accordance with the Cures Act, HHS is actively leading and coordinating a number of key programs and projects. These include continued work to deter and penalize poor business practices and that HHS conducted multiple outreach efforts to engage the clinical community and health IT stakeholders to better understand these barriers, challenges, and health care provider burden.

Recommendations

The Report makes the following overarching recommendations for future actions HHS plans to support through its policies and that the health IT community as a whole can take to accelerate progress:

Focus on improving interoperability and upgrading technical capabilities of health IT, so patients can securely access, aggregate, and move their health information using their smartphones (or other devices) and health care providers can easily send, receive, and analyze patient data.

Increase transparency in data sharing practices and strengthen technical capabilities of health IT so payers can access population-level clinical data to promote economic transparency and operational efficiency to lower the cost of care and administrative costs.

Prioritize improving health IT and reducing documentation burden, time inefficiencies, and hassle for health care providers, so they can focus on their patients rather than their computers.

The Report also says interoperable access underpins HHS’s efforts to pursue a health care system where data are available when and where needed.

ONC intends to particularly focus on promoting open APIs. Open APIs are technology that allow one software program to access the services provided by another software program and can improve access and exchange of health information. ONC says APIs can:

Support patients’ ability to have more access to information electronically through, for example, smartphones and mobile applications. HHS applauds the emergence of patient-facing applications that allow patients to access, aggregate, and act on their health information; and

Allow payers to receive necessary and appropriate information on a group of members without having to access one record at a time.
Increase institutional accountability, support value- based care models, and lead to competitive medical care pricing that benefits patients.

The Report claims patients, health care providers, and payers with appropriate access to health information can use modern computing solutions to generate value from the data. Improved interoperability can strengthen market competition, result in greater quality, safety, and value for the healthcare system, and enable patients, health care providers, and payers to experience the benefits of health IT.

Prepare For Enhanced Operability Requirements

ONC’s plan to achieve greater interoperability presents new business and compliance planning opportunities and challenges for health care providers, health insurers and other payers, health data and information technology (IT) providers and others. Among other things, participants in the healthcare system and their suppliers will need to prepare to comply with new expectations and mandates for interoperability. Meeting these demands will require financial expenditures as well as present technological challenges.The increased availability and access to electronica medical records and information resulting from these changes also a can be expected to drive new challenges and demands. Among other things, businesses relying on control of health information or records to influence or control patience, reimbursement, or other business value need to reevaluate and adjust their business models accordingly.

Improve accessibility and interoperability also is likely to create new expectations and demands by patients, payers, other providers and perhaps most significantly for providers and payers, regulators. Participants in the system will need to understand these applications and prepare to both defend their business performance as well as their compliance taking into account these new demands.

Amid all of this, of course, providers, pears, and their business associates can anticipate continued if not enhanced demands for enhanced data security and privacy protections and accompanying enforcement of these standards.

As ONC move forward on its plans to enhance interoperability, all concerned stakeholders will want to monitor developments and provide thoughtful and timely input. The time to get started is now. ONC and it’s sister agency, the Office of Civil Rights currently are inviting public comments about how to achieve these and other health IT and privacy improvements. Those interested in providing input should make sure their comments are submitted by the applicable deadlines next month.

ONC and it’s sister agency, the Office of Civil Rights currently are inviting public comments about how to achieve these and other health IT and privacy improvements. Read the full Report here and share your input by the specified deadlines.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of managed care and other health industry, health and other benefit and insurance, workforce and other management work, public policy leadership and advocacy, coaching, teachings, and publications.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer has been continuously involved the design, regulation, administration and defense of managed care and other health and employee benefit, health care, human resources and other staffing and workforce arrangements, contracts, systems, and processes. As a continuous component of this work, Ms. Stamer has worked closely with these and other clients on the design, development, administration, defense, and breach and data recovery of health care, workforce, insurance and financial services, trade secret and other information technology, data and related process and systems development, policy and operations throughout her career.

Scribe of the ABA JCEB annual Office of Civil Rights agency meeting, Ms. Stamer also is widely recognized for her extensive work and leadership on leading edge health care and benefit policy and operational issues.

Ms. Stamer’s clients include employers and other workforce management organizations; employer, union, association, government and other insured and self-insured health and other employee benefit plan sponsors, benefit plans, fiduciaries, administrators, and other plan vendors; managed care organizations, insurers, self-insured health plans and other payers and their management; public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long-term care, rehabilitation and other health care providers and facilities; medical staff, health care accreditation, peer review and quality committees and organizations; managed care organizations, insurers, third-party administrative services organizations and other payer organizations; billing, utilization management, management services organizations; group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; claims, billing and other health care and insurance technology and data service organizations; other health, employee benefit, insurance and financial services product and solutions consultants, developers and vendors; and other health, employee benefit, insurance, technology, government and other management clients.

Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending plan sponsors, administrators, insurance and managed care organizations, health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and employer and association group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions. Scribe for the ABA JCEB annual agency meeting with HHS OCR, she also has worked extensively on health and health benefit coding, billing and claims, meaningful use and EMR, billing and reimbursement, quality measurement and reimbursement, HIPAA, FACTA, PCI, trade secret, physician and other medical, workforce, consumer financial and other data confidentiality and privacy, federal and state data security, data breach and mitigation, and other information privacy and data security concerns.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long-term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about contracting, credentialing and quality assurance, compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, privacy and data security, and other risk management and operational matters. Author of works on Payer and Provider Contracting and many other managed care concerns, Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; an ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

©2019. Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication, please contact the author directly. All other rights reserved.

Comments Off on ONC New Emphasis On Health IT Interoperability Promises New Demands & Opportunities | 21st Century Cures Act, Association Health Plan, Civil Monetary Penalties, Civil Rights, Claims Administration, compliance, Consumer Protection, Corporate Compliance, Cybercrime, Data Breach, Data Security, Electronic Medical Record, Employers, EMR, ERISA, fiduciary duty, Fiduciary Responsibility, FINRA, health benefit, Health Benefits, health Care, health insurance, health insurance marketplace, Health IT, health plan, Health Plans, HIPAA, Human Resources, Identity Theft, insurers, Managed Care, ONC, Patient Empowerment, PPO, Privacy, Protected Health Information, Provider, provider contracting, Technology, third party administrators, Trade secret, Uncategorized | Tagged: Corporate Compliance, Employee Benefits, Enron, Health Care, Health Care Reform, Health Insurance, Health IT, Health Plans, HIPAA, Insurance, medical records, ONC, Physicians | Permalink
Posted by Cynthia Marcotte Stamer

Court Ruling Obamacare Unconstitutional Leaves Obamacare Future Uncertain As Annual Enrollment Period Ends

December 15, 2018

A ruling by a Federal District judge on Friday (December 14, 2018) ruled unconstitutional the Patient Protection and Affordable Care Act (ACA) touches off a new wave of uncertainty about the future of the massive healthcare reform law commonly known as Obamacare just as the enrollment period for 2019 health coverage ended. While Federal District Judge Reed O’Connor finds in his ruling released on Friday that amendments passed by Congress last December robbed the ACA of its original constitutionality, only time will tell if the ruling actually will end the ACA reforms or the effect of such ruling on the hotly debated ACA reforms and other statutory and regulatory reforms Congress and the Trump Administration subsequently prospectively or retrospectively. Consequently, health plans, their employer and other sponsors, insurers, administrators, and fiduciaries; health care providers, consumers and others will need to watch developments closely.

Justice O’Connor’s decision was released one day before the last day of the enrollment period for Americans to elect whether and what coverage, if any, to enroll in through the Obamacare exchanges for calendar 2019.

In Texas v. US, Texas Governor Greg Abbott and other Republican governors challenged the constitutionality of the ACA following passage of the Tax Cuts and Jobs Act of 2017 (TCJA). The plaintiffS argued the TCJA rendered the ACA unconstitutional because it repealed the individual mandate of the ACA upon which the Supreme Court previously found the ACA constitutional.

In the 2012 decision in Nat’l Fed’n of Indep. Businesses v. Sebelius (NFIB), 567 U.S. 519, 530–38 (2012) written by Chief Justice Roberts, the Supreme Court ruled that Congress could not rely upon the Commerce Clause for Constitutional authority to enact the ACA. However, the Supreme Court nevertheless found the Individual Mandate provisions of the ACA preserved the constitutionality of the ACA as a constitutional exercise of Congress’ Taxing Power.

In Texas v. US, the plaintiff governors argue that the repeal of the Individual Mandate as part of Congress’ passage of the TCJA last December robbed the ACA of its constitutionality. They say it is no longer fairly readable as an exercise of Congress’s Tax Power and continues to be unsustainable under the Interstate Commerce Clause. They further urge that if they are correct, the balance of the ACA is untenable as inseverable from the Invalid Mandate. Judge O’Connor agreed with the plaintiff’s in his ruling on Friday. Now it remains to be seen if his ruling will face and withstand the appeal and if so, what effect it will have on Obamacare overall and other subsequent statutory and regulatory reforms.

While only time will tell whether the decision stands and its effect, the path to clarity promises to be filled with more drama and uncertainty. Former US Attorney General Jeff Sessions previously had stated that the Justice Department under his leadership would not expend resources to defend the ACA. It remains to be seen how the Justice Department will not respond in light of his recent resignation. Even if the Justice Department does not step up to defend Obamacare, it is likely that states like California that have intervened in support of the ACA in the litigation will attempt to appeal the action. Assuming that an appeal proceeds, a Court of Appeals would hear the appeal before an almost certain appeal by the losing side in that appeal to the United States Supreme Court, where President Trump’s new appointee would hear the action. Along with the possibility that these Courts will uphold the trial court’s ruling, either of these appeals courts could overrule the trial court in whole or in part. Thus, subsequent appeals decisions could:

Reverse Judge O’Connor’s ruling entirely, leaving The ACA intact in its current form; or
Uphold part but not all of the decision, leaving some parts in place but not others.

pending further decisions, it remains unclear if subsidies, prohibitions against preexisting conditions, guaranteed issue, cost regulations, benefit and coverage mandates and other insurance reforms, health care billing and other reforms will survive.

Meanwhile, regardless of the outcome of the appeals, the decision and its fallout almost certainly will touch off more debate in Congress. With health care reform already a hot topic, more Congressional battles were inevitable. However the decision adds a new and significant wrinkle to the politics of the health reform fight.

In January November’s election will cause the leadership of the House of Representatives is set to transfer from Republicans to Democrats while leaving control over the Senate in the hands of Republications. With leadership of the two legislative bodies split, Democrats are unlikely to be able to use their new control of the House to enact legislation that would overrule outright an adverse decision by the courts. Consequently, Democrats will have an uphill battle if the court decision stands unless and until they can regain Senate control. Instead they are likely to be related to the role occupied by the House the past 4 years in which bills to enact the Democrat vision will pass the House only to die a quick death in the Republican controlled Senate or face veto by the Republican President.

On the other hand, Republicans also could not overcome a decision unfavorable to their agenda for the opposite reason: Despite control of the majority in the Senate and having a Republican President opposed to the ACA, Republicans can’t enact legislation without winning a majority of votes in the House.

On the other hand, either party can and almost certainly will use its veto power over the other party’s agenda. The fight likely will spill over into budget, immigration, workforce and other jet legislation that otherwise might and should enjoy bipartisan support in Congress.

As the litigation proceeds, concerned parties will want to keep a close eye of the Courts, the regulation and enforcement actions of the Trump Administration and the Congress.

Meanwhile, it is important to keep in mind that implementation of Judge O’Connor’s decision is stayed pending appeal.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of managed care and other health industry, health and other benefit and insurance, workforce and other management work, public policy leadership and advocacy, coaching, teachings, and publications.

Past Chair of the ABA Managed Care & Insurance Interest Group, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer is nationally recognized as a thoughtleader in health benefits and health care matters domestically and internationally. She has been continuously involved the design, regulation, administration and defense of managed care and other health and employee benefit, health care, human resources and other staffing and workforce arrangements, contracts, systems, and processes. As a continuous component of this work, Ms. Stamer has worked closely with these and other clients on the design, development, administration, defense, and breach and data recovery of health care, workforce, insurance and financial services, trade secret and other information technology, data and related process and systems development, policy and operations throughout her career.

Author of leading works on a multitude of health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative and CLE and Marketing Committee Chair, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer’s health industry clients include public health organizations; public and private hospitals, healthcare systems, clinics and other health care facilities; physicians, physician practices, medical staff, and other provider organizations; skilled nursing, long-term care, assisted living, home health, ambulatory surgery, dialysis, telemedicine, DME, Pharma, clinics, and other health care providers; billing, management and other administrative services organizations; insured, self-insured, association and other health plans; PPOs, HMOs and other managed care organizations, insurance, claims administration, utilization management, and other health care payers; public and private peer review, quality assurance, accreditation and licensing; technology and other outsourcing; healthcare clearinghouse and other data; research; public and private social and community organizations; real estate, technology, clinical pathways, and other developers; investors, banks and financial institutions; audit, accounting, law firm; consulting; document management and recordkeeping, business associates, vendors, and service providers and other professional and other health industry organizations; academic medicine; trade associations; legislative and other law making bodies and others.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; an ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

©2018 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication, please contact the author directly. All other rights reserved.

Comments Off on Court Ruling Obamacare Unconstitutional Leaves Obamacare Future Uncertain As Annual Enrollment Period Ends | 4980D, 4980H, 5000, 6039D, ACA, Affordable Care Act, Association Health Plan, Claims, Claims Administration, compensation, compliance, Consumer Protection, Corporate Compliance, EBSA, Employee Benefits, Employer, Employers, EMR, ERISA, Fiduciary Responsibility, Form 5500, health benefit, Health Benefits, health Care, Health Care Reform, health insurance, health insurance marketplace, health plan, Health Plans, health reform, HIPAA, HR, HSA, Human Resources, Insurance, insurers, Managed Care, Managment, Medicare Part D, Mental Health, Mental Health Parity, MEWA, Obamacare, Patient Empowerment, Patient Protection & Affordable Care Act, Patient Protection and Affordabel Care Act, Patient Protection and Affordable Care Act, Physician, Plan Admistrator, PPO, Premium Subsidies, Prescription Drugs, preventive care, Protected Health Information, Provider, provider contracting, Reporting & Disclosure, Risk Management, SBC, Tax, Tax Credit, Tax Qualification, TCJA Tax Reform, third party administrators, Uncategorized, Wellness Programs, Worker Classification, Workers' Compensation, Workforce, zane benefits | Permalink
Posted by Cynthia Marcotte Stamer

Identity Theft Scan Targets Employee Tax Records

December 7, 2018

The Internal Revenue Service is warning human resources and other business leaders about a growing wave of identity theft and W-2 scams targeting sensitive tax data employers collect on their employees. The warning highlights one of the many growing data breach exposures businesses must manage as identity thieves become ever more sophisticated.

Such data like Form W-2 data – is highly valued by identity thieves. While identity thieves use a variety of tactics to steal this information including hacking into the IRS’ own systems, the IRS this week is warning about one scheme that the IRS says has become one of the more dangerous email scams.

All employers are targets for the W-2 scam, according to the IRS.

Here’s how it works:

These emails appear to be from an executive or organization leader to a payroll or human resources employee.
The message usually starts with a simple greeting, like: “Hey, you in today?”
By the end of the email exchange, all of an organization’s Forms W-2 for their employees may be in the hands of cybercriminals.
Because payroll officials believe they are corresponding with an executive, it may take weeks for someone to realize a data theft has occurred.
Generally, the criminals are trying to quickly take advantage of their theft, sometimes filing fraudulent tax returns a day or two.

The IRS warns this scam is such a threat to taxpayers that a special IRS reporting process has been established. The IRS says employers victimized should:

Email dataloss@irs.gov to notify the IRS of a W-2 data loss and provide contact information. In the subject line, type “W2 Data Loss” so that the email can be routed properly. The business should not attach any employee personally identifiable information data.
Email the Federation of Tax Administrators at StateAlert@taxadmin.org to get information on how to report victim information to the states.
File a complaint with the FBI’s Internet Crime Complaint Center. Businesses and payroll service providers may be asked to file a report with their local law enforcement agency.
Notify employees. The employee may then take steps to protect themselves from identity theft. The Federal Trade Commission’s www.identitytheft.govprovides guidance on general steps employees should take.
Forward the scam email to phishing@irs.gov.

The IRS also recommends the following resources:

Taxes. Security. Together.

Publication 4524

Protect Your Clients; Protect Yourself

Tax Security 101

The IRS alert reminds businesses again about the growing challenges they face guarding sensitive tax, health and other employee benefit plan and other data about employees, customers, business partners and others. Aside from the disruptions businesses incur to organizations and relationships with employees, customers, business partners or others and often tremendous costs of investigation and mitigation, breaches also commonly trigger substantial legal liability under a myriad of federal and state laws and regulations, contracts, and common law tort claims. Businesses generally and Human Resources, tax and other systems and operations should take well documented steps to prevent and prepare for a potential breach.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of management focused employment, employee benefit and insurance, workforce and other management work, public policy leadership and advocacy, coaching, teachings, and publications.

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving and author of “What To Do When Your Employee’s Personal Life Becomes Your Business@ and a multitude of other highly regarded works on data protection and breach, her work includes career-long, leading edge involvement counseling and representing human resources, employee benefit, insurance and financial, tax, healthcare and other businesses about data and other sensitive information privacy and breach.

Throughout her 30 plus year career, Ms. Stamer has continuously worked with these and other management clients to design, implement, document, administer and defend hiring, performance management, compensation, promotion, demotion, discipline, reduction in force and other workforce, employee benefit, insurance and risk management, health and safety, and other programs, products and solutions, and practices; establish and administer compliance and risk management policies; comply with requirements, investigate and respond to government, accreditation and quality organizations, regulatory and contractual audits, private litigation and other federal and state reviews, investigations and enforcement actions; evaluate and influence legislative and regulatory reforms and other regulatory and public policy advocacy; prepare and present training and discipline; handle workforce and related change management associated with mergers, acquisitions, reductions in force, re-engineering, and other change management; and a host of other workforce related concerns. Ms. Stamer’s experience in these matters includes supporting these organizations and their leaders on both a real-time, “on demand” basis with crisis preparedness, intervention and response as well as consulting and representing clients on ongoing compliance and risk management; plan and program design; vendor and employee credentialing, selection, contracting, performance management and other dealings; strategic planning; policy, program, product and services development and innovation; mergers, acquisitions, bankruptcy and other crisis and change management; management, and other opportunities and challenges arising in the course of workforce and other operations management to improve performance while managing workforce, compensation and benefits and other legal and operational liability and performance.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

©2018 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication or the topic of this article, please contact the author directly. All other rights reserved.

Comments Off on Identity Theft Scan Targets Employee Tax Records | ADA, Attorney-Client Privilege, Civil Rights, Claims Administration, Consumer Protection, Corporate Compliance, corporate governance, Cybercrime, Data Breach, Data Security, defined benefit plan, defined contribution plan, directors, Disability, Disability Plans, Discrimination, Educational Privacy, Employee Benefits, Employer, Employers, Employment, Employment Policies, Employment Tax, ERISA, fiduciary duty, Fiduciary Responsibility, Government Contractors, Identity Theft, Insurance, insurers, Non-Compete, Non-compete, Non-Competition Agreement, Protected Health Information, Retail, Tax, third party administrators, Trade secret, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

House W&M Committee To Markup Retirement and Other “Tax Reform 2.0” Bills Thursday

September 12, 2018

On Thursday, August 13, the House Ways & Means Committee will hold hearings on retirement rule reforms intended to change multiemployer plan rules to make it easier for small businesses to offer and their employees and independent contractors to participate in retirement plans and provide retirement plan relief for participants proposed in the Family Savings Act of 2018, H.R. 6757.

Part of recently 3-bill tax package dubbed “Tax Reform 2.0” introduced on Monday, September 10, H.R. 6757 would remove certain regulatory barriers restricting the types of small-business employers who are permitted to band together to offer a retirement plan through a multiple employer plan (MEP).

H.R. 6757 also includes relief for certain plan participants. Among other things, it would:

End required minimum distributions of funds from 401(k) plans and other retirement savings accounts for retirees with balances under $50,000; and
Protect the ability of participants invested in lifetime income options through an employment-based retirement plan against losing these investment guarantees when their employer changes recordkeepers.

Sponsored by Rep. Mike Kelly (R-PA), and cosponsored by Rep. Paul Mitchell (R-MI), House Ways and Means Committee Chairman Kevin Brady (R-TX), and all other Ways and Means Committee Republicans, H.R. 6757, the bill enjoys strong support among House Republicans and President Trump.

House Ways and Means Committee Chair Kevin Brady expressed strong support for its reforms, saying: “We are creating financial security. The Family Savings Act focuses on helping families save more and earlier for the future by making it easier for businesses to offer retirement savings plans while ensuring workers can easily participate in these plans. This will help give our families the financial stability they need for whatever life throws their way.”

The Ways and Means Committee will address the H.R. 6757 proposals during its scheduled Tax Reform 2.0 markup on Thursday, September 13, 2018 at 10:00 a.m. in Room 1100 of the Longworth House Office Building. Use these links to read these bills:

About The Author

Highly valued for her ability to meld her extensive legal and industry knowledge and experience with her talents as an insightful innovator and pragmatic problem solver, Ms. Stamer advises, represents and defends employer, union, multi-employer, association and other employee benefit plan sponsors, insurers and managed care organizations, fiduciaries, plan administrators, technology and other service providers, government and community leaders and others about health and other employee benefit and insurance program and policy design and innovation, funding, documentation, administration, communication, data security and use, contracting, plan, public and regulatory reforms and enforcement, and other risk management, compliance and operations matters. Her experience encompasses leading and supporting the development and defense of innovative new policies, programs, practices and solutions; advising and representing clients on routine plan establishment, plan documentation and contract drafting and review, administration, change and other compliance and operations; crisis prevention and response, compliance and risk management audits and investigations, enforcement actions and other dealings with the US Congress, Departments of Labor, Treasury, Health & Human Services, Federal Trade Commission, Justice, Securities and Exchange Commission, Education and other federal agencies, state legislatures, attorneys general, insurance, labor, worker’s compensation, and other agencies and regulators, and various other foreign and domestic governmental bodies and agencies. She also provides strategic and other supports clients in defending litigation as lead strategy counsel, special counsel and as an expert witness. Alongside her extensive legal and operational experience, Ms. Stamer also is recognized for her work as a public and regulatory policy advocate and community leader with a gift for finding pragmatic solutions and helping to forge the common ground necessary to build consensus. Best known for her domestic public policy and community leadership on health care and insurance reform, Ms. Stamer’s lifelong public policy and community service involvement includes service as a lead consultant to the Government of Bolivia on its pension privatization project, as well as extensive legislative and regulatory reform, advocacy and input workforce, worker classification, employee benefit, public health and healthcare, social security and other disability and aging in place, education, migration reforms domestically and internationally throughout her adult life. In addition to her public and regulatory policy involvement, Ms. Stamer also contributes her service and leadership to a professional and civic organizations and efforts including her involvement as the Founder and Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE; Coalition on Patient Empowerment, a founding Board Member and past President of the Alliance for Healthcare Excellence; Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; Vice Chair, Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group; current Fiduciary Responsibility Committee Co-Chair and Membership Committee member of the ABA RPTE Section; former RPTE Employee Benefits and Other Compensation Group Chair, former Chair and Co-Chair of its Welfare Plans Committee, and Defined Contribution Plans Committee; former RPTE Representative to ABA Joint Committee on Employee Benefits Council; former RPTE Representative to the ABA Health Law Coordinating Counsel; former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, former Board Member, Continuing Education Chair and Treasurer of the Southwest Benefits Association; Vice President of the North Texas Healthcare Compliance Professionals Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; past Dallas World Affairs Council Board Member, and in leadership of many other professional, civic and community organizations. Ms. Stamer also is a highly popular lecturer, symposia chair and author, who publishes and speaks extensively on health and managed care industry, human resources, employment and other privacy, data security and other technology, regulatory and operational risk management for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, the Society of Professional Benefits Administrators, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients, serves on the faculty and planning committee of many workshops, seminars, and symposia, and on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications.

About Solutions Law Press, Inc.™

▪DOL Spending Reports Required As Taxpayer Tool Need Improvement

▪Check & Protect Health & Other Electronic Systems & Data Against New Security Threat

▪April 1 New Deadline To Update Benefit Plan Disability Determination Claims & Appeals Procesures; Hear More on 1/26

▪Arizona Proposal To Ban Sexual Harassment Confidentiality Agreements Sign Of Growing Employer Risks

▪$23M Penalty Small Part of 21st Century’s Data Breach Fallout; Offers Data Breach Lessons For Other Businesses

▪Take Care of Your Good People

▪Read Tax Cuts and Jobs Act Conference Report For Tax Reform From Source

▪Check How IRS 2018 Retirement & Saving Plan Limits and Amounts Cost Of Living Adjustments Impact Your HR & Retirement Plan Administration & Planning

▪IRS Prepares To Nail Employers Under Obamacare Mandate While Giving Some Individual Mandate Relief

▪Hiring & Retaining Workers Growing Business Challenge

Comments Off on House W&M Committee To Markup Retirement and Other “Tax Reform 2.0” Bills Thursday | 401(k), Banking, Brokers, compensation, defined benefit plan, Defined Benefit Plans, defined contribution plan, Defined Contribution Plans, employee, Employee Benefits, Employer, Employers, Employment Policies, Employment Tax, ERISA, ESOP, Fiduciary Responsibility, Human Resources, Income Tax, multiple employer plan (Meps), Retirement Plans, Retirements, Tax, Tax Qualification, TCJA Tax Reform, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Flurry of Reform Activity Sign Employers, Health Plans Should Prepare To Respond To Last Minute Health Reforms This Fall

July 14, 2018

A flurry of activity in the House Ways & Means Committee and other Congressional committees over the past few weeks signals the advisability of keeping a close eye on health care and health benefit reform proposals this Summer in anticipation of both the Fall health benefit enrollment and renewal season and the mid-term November Congressional elections.

Coupled with the Trump Administration’s recent rollout of its long promised association health plan, short-term coverage and other regulatory reforms and promises of more changes to come, the ongoing attention paid by the Administration and Congress to health insurance and health care reform raises a strong possibility that employer, association, and other health plan sponsors, fiduciaries and their vendors that they and their plan members should be on watch for late-breaking developments that may require or warrant last minute changes to health benefit plan designs, communications, contracts or other key decisions.

With President Trump continuing to push for a wide range of health care reforms and health care and health benefit issues recognized as key voter concerns for the upcoming mid-term elections in November, the continued emphasis of the Republican-led Congress and federal regulators talking about their health care reform legislative agenda is not surprising. What may be more surprising to many is the intensity of the ongoing efforts in Congress to try to pass reform over the summer when many members of the House and Senate face tightly contested races in November.

Certainly continued Congressional commitment to pursue reform is evident from the House Ways & Means Committee’s health care heavy agenda of hearings and votes that this week alone resulted in its voting in favor of 11 health care reform bills promising new flexibility for employers about how to design their health plans and American families more health care choices and choice about how to pay for it and what coverage to buy popular with many providers, patients and employer and other health plan sponsors. While it remains to be seen if the House and Senate can agree on any or all of these proposal, the bi-partisan sponsorship of many of these proposals and the intensity of the focus of the Committee and others in Congress reflects a strong interest in health care reform by both parties leading up to November that could impact health benefit and other health care choices for providers, employers and American families in the Fall annual enrollment season.

The legislation passed by the Ways & Means Committee this weeks include bills that would:

Provide relief for employers relief from the Obamacare’s employer mandate and delay for an additional year the effective date of the widely disliked “Cadillac Tax;”
Overrule the “Use it Or Lose It” requirement in current Internal Revenue Regulations for healthcare flexible spending arrangement plans (HFSAs) that currently forces employers sponsoring HFSAs to draft their plans to require employees to forfeit unused salary reduction contributions in their HFSA accounts at the end of the year;
Offer individuals and families eligible for Obamacare created health premium subsidies more choice about where to obtain that coverage using their subsidies; and
Expand expand the availability and usability of HSAs in a multitude of ways.

Furthermore, a review of the Committee’s schedule makes clear that it isn’t finished with health care reform. After holding hearings on health savings account reforms and passing a flurry of health care reform bills intended to give employers relief from two key Obamacare mandates, to allow Obamacare subsidy-eligible Americans the choice to use the subsidies to purchase health care coverage not offered by the Obamacare exchanges, and a host of bills that would expand availability and usability of health savings account (HSA) and health care flexible spending account (HFSA) programs this week, the House Ways and Means Committee will turn its attention to health care fraud oversight and reform next week by holding hearings Tuesday on those health concerns. Health care providers, employer and other health plan sponsors, individual Americans and their families, and others interested in health benefit and health care reform will want to keep a close eye on these and other developments as Congress continues to debate health care reform in the runup to the upcoming 2018 health benefit plan renewal and annual enrollment season and November’s mid-term elections.

Committee Approved 11 Health Care Reform Bills This Week

As a part of its health reform efforts this week, the Committee voted to advance 11 health care reform bills offering new flexibility for employers about how to design their health plans and American families more health care choices and choice about how to pay for it and what coverage to buy popular with many providers, patients and employer and other health plan sponsors.

Among the approved legislation is a bill that would provide key relief for employers from certain key Obamacare mandates that have been widely unpopular with employers. H.R. 4616, the “Employer Relief Act of 2018,” sponsored by Rep. Devin Nunes (R-CA) and Rep. Mike Kelly (R-PA), which would give employers sponsoring health plans for their employees retroactive relief from Obamacare’s onerous employer mandate and delay for an additional year the effective date of another Obamacare requirement that when effective, will forces employers to pay the 40 percent tax on amounts paid for employer sponsored health care coverage that exceeds cost limits specified in the Obamacare legislation commonly known as the “Cadillac Tax.” Relief from the Cadillac Tax is widely perceived as benefiting bother employers and their employees, as its provisions penalize employers for spending more for employee health coverage than limits specified in the Obamacare law. These provisions also are particularly viewed by many as unfair because rising health plan costs since Obamacare’s passage make it likely that many employers will incur the tax penalty simply by sponsoring relatively basic health plans meeting the Obamacare mandates.

In addition to H.R. 4616, the Committee also voted to approve H.R. 6313, the “Responsible Additions and Increases to Sustain Employee Health Benefits Act of 2018,” sponsored by Rep. Steve Stivers (R-OH), which would overrule the “Use it Or Lose It” requirement in current Internal Revenue Regulations for HFSAs. Currently, this rule forces employers sponsoring HFSAs to draft their plans to require employees to forfeit unused salary reduction contributions in their HFSA accounts at the end of the year. The bill would allow employers to eliminate this forfeiture requirement so that employees could carry over any remaining unused balances in their HFSAs at the end of the year to use in a later year.

The Committee also voted to advance legislation to offer individuals and families eligible for Obamacare created health premium subsidies more choice about where to obtain that coverage. H.R. 6311, the “Increasing Access to Lower Premium Plans Act of 2018,” sponsored by Chairman Peter Roskam (R-IL) and Rep. Michael C. Burgess, M.D. (R-TX), would provide individuals receiving subsidies to help purchase health care coverage through the Obamacare-created health insurance exchange the option to use their premium tax credit to purchase health care coverage from qualified plans offered outside of the exchanges. Currently, subsidies may only be used to purchase coverage from health plans offered through the exchange, which often are much more costly and offer substantially fewer coverage options and less provider choice. In addition, the bill would expand access to the lowest-premium plans available for all individuals purchasing coverage in the individual market and allows the premium tax credit to be used to offset the cost of such plans.

Along with these reforms, the Committee also voted to pass a host of bills that would expand the availability and usability of HSAs including:

H.R. 6301, the “Promoting High-Value Health Care Through Flexibility for High Deductible Health Plans Act of 2018,” co-sponsored by Health Subcommittee Chairman Peter Roskam (R-IL) and Rep. Mike Thompson (D-CA), which seeks to expand access and enhance the utility of Health Savings Accounts (HSAs) by offering patients greater flexibility in designing their plan design while still being able to maintain their eligibility for HSA contributions.
H.R. 6305, the “Bipartisan HSA Improvement Act of 2018,” sponsored by Rep. Mike Kelly (R-PA) and Rep. Earl Blumenauer (D-OR), which also would expand HSA access and utility by allowing spouses to also make contributions to HSAs is their spouse has an FSA and lets employers offer certain services to employees through on-site or retail clinics.
H.R. 6317, the “Primary Care Enhancement Act of 2018,” co-sponsored by Rep. Erik Paulsen (R-MN) and Rep. Earl Blumenauer (D-OR), which seeks to protect HSA-eligible individuals who participate in a direct primary care (DPC) arrangement from losing their HSA-eligibility merely because of their participation in a DPC. In addition, it allows DPC provider fees to be covered with HSAs.
H.R. 6312, the “Personal Health Investment Today (PHIT) Act,” sponsored by Rep. Jason Smith (R-MO) and Rep. Ron Kind (D-WI), which seeks to fight obesity and promote wellness by allowing taxpayers to use tax-preferred accounts to pay costs of gym membership or exercise classes, children’s school sports programs and certain other wellness programs and activities.
H.R. 6309, the “Allowing Working Seniors to Keep Their Health Savings Accounts Act of 2018,” sponsored by Rep. Erik Paulsen (R-MN), which would expand HSA eligibility to include Medicare eligible seniors who are still in the workforce.
H.R.6199, the “Restoring Access to Medication Act of 2018,” sponsored by Rep. Lynn Jenkins (R-KS) and Rep. Grace Meng (D-NY), which would reverse Obamacare’s prohibition on using tax-favored health accounts to purchase over-the-counter medical products and would add feminine products to the list of qualified medical expenses for the purposes of these tax-favored health accounts.
H.R. 6306, the “Improve the Rules with Respect to Health Savings Accounts,” sponsored by Rep. Erik Paulsen (R-MN), which would increase the contribution limits for HSAs and further enhances flexibility in plans by allowing both spouses to contribute to make catch-up contributions to the same account and creating a new grace period for medical expenses incurred before the HSA was established.
H.R. 6314, the “Health Savings Act of 2018,” sponsored by Rep. Burgess (R-TX) and Rep. Roskam (R-IL), would expand eligibility and access to HSAs by allowing plans categorized as “catastrophic” and “bronze” in the exchanges to qualify for HSA contributions.

Committee Considers Health Care Fraud Next Week

The Committee next week will turn its attention to health care fraud by holding two hearings on Tuesday.

Tuesday morning, the Ways and Means Committee Oversight Subcommittee plans to hold a Hearing on Combating Fraud in Medicare: A Strategy for Success beginning at 10:00 AM Eastern Time; and
Tuesday afternoon, the Ways and Means Committee Subcommittee plans to hold a Hearing on Modernizing Stark Law to Ensure the Successful Transition from Volume to Value in the Medicare Program beginning at 2:00 PM.

Both hearings are scheduled to take place in Room 1100 Longworth and their proceedings will be live streamed on YouTube.

The Committee’s health care reform focus this week and next are reflective of the continued emphasis of members of Congress in both parties on health care reform legislation as they prepare for the impending mid-term elections in November. As a part of these efforts, the House and Senate already over the past several months have held a wide range of hearings in various committees and key votes on a multitude of reform proposals. Numerous other hearings and votes are planned over the next several months as Congressional leaders from both parties work to advance their health care agendas in anticipation of the upcoming elections.

Key health care and health benefit reform proposals that the Republican Majority has designated for priority consideration include:

Prescription drug costs by checking perceived negative effects of health industry and health plan consolidations involving large health insurers, pharmacy benefit management companies (PBMs), pharmacy companies and other health industry and health insurance organizations on health care costs and patient, plan sponsor and plan sponsor choice and health care quality;
Oversight and reform of existing STARK, anti-kickback and other federal health care rules and exemptions relied upon by PBMs and other health industry organizations;
Efforts to understand and address health care treatment, health care and coverage costs and related social concerns associated with mental health and opioid and other substance abuse conditions and their treatment;
Efforts promote health benefit and health care choice, affordability and coverage; improve patient and employer choice; promote broader health care access and quality; reduce counterproductive regulation; and other health insurance and care improvements through expanded availability of health savings accounts, direct primary care and other consumer directed health care options, association health plan and other program options, streamlining quality reporting and regulation, billing and coding, physician and other health care provider electronic billing and recordkeeping, and other provider, payer, employer, individual and other health insurance mandates and other federal health care and health plan rules; and
More.

Evolving Legislative & Regulatory Warrant Vigilance & Change Readiness

While the recurrent stalling of past reform efforts over the past few years calls into question whether any or all of these proposals can make it through the highly politicized and divided Congress, bi-partisian sponsorship of most of the bills reported out this week at least raises the possibility that some of these proposals enjoy sufficient bi-partisan support to potentially pass before the elections. With both parties viewing health care reform as a key issue in the upcoming elections, voter feedback on these proposals could play a big role in determining the prospects for passage this Summer.

Along with the ongoing Congressional reform efforts, the Trump Administration also continues to move forward on a series of regulatory reforms that also could impact health care and health benefit decisions and responsibilities later this year. Beyond the Administration’s implementation of its long promised and recently finalized and released association health plan, short term coverage and other health benefit rules, the Administration’s continued consideration of changes to essential health benefits and other Obamacare regulations, ongoing mental health, substance abuse, and prescription drug reform projects, and other proposed regulatory and enforcement changes are likely to require health plans, their sponsors, insurers, administrators, members and even providers to adapt to changes in federal health plan rules between now and year end.

Amid this shifting legal landscape, employer and other health plan sponsors, their insurers, vendors, providers and participants will want to remain vigilant and work to preserve the flexibility to respond to new rules or guidance likely to rollout over the next several months.

Staying on top of proposed reforms as the Summer progresses is important:

To provide timely input to Congress on proposed reforms of particular benefit or concern;
To help plan for and deal with rules changes that could impact their options and choices during the upcoming health plan renewal and enrollment season this Fall and going forward; and
To be prepared to make informed choices when voting in the upcoming mid-term Congressional elections in November.

Keeping informed about potential changes is only part of the challenge, however. Employer and other health plan sponsors, fiduciaries and service providers also generally should seek to negotiate vendor contracts that allow them the greatest possible flexibility to respond to changing rules, opportunities and requirements with minimum penalties and disruption when designing, negotiating and implementing vendor contracts, plan designs and plan enrollment and other processes and communications.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry, health and other benefit and insurance, workforce and other management work, public policy leadership and advocacy, coaching, teachings, and publications.

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include employers and other workforce management organizations; employer, union, association, government and other insured and self-insured health and other employee benefit plan sponsors, benefit plans, fiduciaries, administrators, and other plan vendors; managed care organizations, insurers, self-insured health plans and other payers and their management; public and private, domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, health care accreditation, peer review and quality committees and organizations; managed care organizations, insurers, third party administrative services organizations and other payer organizations; billing, utilization management, management services organizations; group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; claims, billing and other health care and insurance technology and data service organizations; other health, employee benefit, insurance and financial services product and solutions consultants, developers and vendors; and other health, employee benefit, insurance, technology, government and other management clients.

A former lead consultant to the Government of Bolivia on its Pension Privatization Project with extensive domestic and international public policy concerns in pensions, healthcare, workforce, immigration, tax, education and other areas, Ms. Stamer has been extensively involved in U.S. federal, state and local health care and other legislative and regulatory reform impacting these concerns throughout her career. Her public policy and regulatory affairs experience encompassess advising and representing domestic and multinational private sector health, insurance, employee benefit, employer, staffing and other outsourced service providers, and other clients in dealings with Congress, state legislatures, and federal, state and local regulators and government entities, as well as providing advice and input to U.S. and foreign government leaders on these and other policy concerns.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Comments Off on Flurry of Reform Activity Sign Employers, Health Plans Should Prepare To Respond To Last Minute Health Reforms This Fall | 105(h), 4980D, 4980H, 6039D, ACA, Affordable Care Act, Appeals, Association Health Plan, board of directors, Brokers, Cafeteria Plans, Claims, Claims Administration, COBRA, compensation, compliance, Contraception, Corporate Compliance, Electronic Medical Record, employee, Employee Benefits, Employer, Employers, Employment, Employment Tax, EMR, ERISA, Excise Tax, Excise Taxes, Fiduciary Responsibility, health benefit, Health Benefits, health Care, health insurance, health insurance marketplace, health plan, Health Plans, health reform, HR, Human Resources, Insurance, insurers, Internal Controls, Internal Revenue Code, Mental Health, Mental Health Parity, MEWA, Obamacare, Patient Empowerment, Patient Protection & Affordable Care Act, Pay, Payroll Tax, Plan Admistrator, Prescription Drugs, preventive care, Professional Liability, Risk Management, Technology, Uncategorized, Union, Wellness, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

OCR HIPAA Resolution Agreement Against Bankrupt Business Associate Signals Growing Exposures, Need for Tighter HIPAA Compliance By Health Plans & Business Associates

February 15, 2018

Health plans and insurers, their service providers that act as business associates within the meaning of the Health Insurance Portability & Accountability Act (HIPAA) and employer and other health plan sponsors, fiduciaries, and other management leaders should heed the warnings contained in the new Resolution Agreement (FileFax Resolution Agreement) with former HIPAA business associate FileFax, Inc. announced by the Department of Health & Human Services (HHS) Office of Civil Rights (OCR) about their own need to ensure that they and their business associates comply with HIPAA’s business associate and other Privacy, Security, Breach Notification rules as well as the advisability of tightening up their risk management and oversight of business associates that handle protected health information (PHI).

Significant for business associates as what appears to be the first announced resolution agreement with a business associate directly charged by OCR with violating HIPAA and the second resolution agreement pursued and reached with a HIPAA-regulated entity in bankruptcy, the FileFax, Inc. Resolution Agreement OCR announced February 13, 2018 also contains critical lessons for Covered Entities about their dealings with their own business associates when read in conjunction with the April, 2017 resolution agreement the Center for Children’s Digestive Health (CCDH) agreed to resolve OCR charges CCDC, as a Covered Entity, violated HIPAA by allowing FileFax, Inc. to act as its business associate without adequately complying with HIPAA’s business associate requirements.

With widespread media coverage over large scale breaches of health care and other sensitive information placing further pressure upon OCR and other governmental agencies to act to protect Americans’ privacy and data fueling even greater demands for OCR and other agencies to take meaningful action to enforce HIPAA and other privacy and data security requirements, health plans, health care providers, health care clearinghouses (Covered Entities) and their business associates can expect OCR and other agencies to continue to turn up the heat on investigation and enforcement of HIPAA compliance.

In the face of these developments, Covered Entities, their business associates and those responsible for their leadership and operations need to recognize and take the necessary steps both effectively to manage their own HIPAA compliance and risk management as well as to anticipate and make provision to deal with the likelihood that they may face HIPAA responsibilities, exposures and other fallout from their own or another business partner’s breach of PHI or other sensitive data or other HIPAA violations, bankruptcy or other business distress, or other compliance or business event.

HIPAA Privacy, Security & Breach Notification Rule Responsibilities & Risks

The Privacy Rule requires that health plans, health care providers, health care clearinghouses (Covered Entities) and their vendors that qualify as “business associates” under HIPAA comply with detailed requirements concerning the protection, use, access, destruction and disclosure of protected health information. As part of these requirements, Covered Entities and their business associates must adopt, administer and enforce detailed policies and practices, assess, monitor and maintain the security of electronic protected health information (ePHI) and other protected health information, provide notices of privacy practices and breaches of “unsecured” ePHI, afford individuals that are the subject of protected health information certain rights and comply with other requirements as specified by the Privacy, Security and Breach Notification Rules. In addition, Covered Entities and business associates also must enter into a written and signed business associate agreement that contains the elements specified in Privacy Rule § 164.504(e) before the business associate creates, uses, accesses or discloses PHI of the Covered Entity. Furthermore, the Privacy Rule includes extensive documentation and keeping requirements require that Covered Entities and BAs maintain copies of these BAAs for a minimum of six years and to provide that documentation to OCR upon demand.

Violations of the Privacy Rule can carry stiff civil monetary penalties or even criminal penalties. Pursuant to amendments to HIPAA enacted as part of the HITECH Act, civil penalties typically do not apply to violations punished under the criminal penalty rules of HIPAA set forth in Social Security Act , 42 U.S.C § 1320d-6 (Section 1177).

Resolution Agreements the just announced FileFax Resolution Agreement allow Covered Entities and business associates to resolve potentially substantially larger civil monetary penalty liabilities that OCR can impose under the civil enforcement provisions of HIPAA for HIPAA violations through a negotiated settlement process. As amended by the HITECH Act, the civil enforcement provisions of HIPAA empower OCR to impose Civil Monetary Penalties on both Covered Entities and BAs for violations of any of the requirements of the Privacy or Security Rules. The penalty ranges for civil violations depends upon the circumstances associated with the violations and are subject to upward adjustment for inflation. As most recently adjusted here effective September 6, 2016, the following currently are the progressively increasing Civil Monetary Penalty tiers:

A minimum penalty of $100 and a maximum penalty of $50,000 per violation, for violations which the CE or BA “did not know, and by exercising reasonable diligence would not have known” about using “the business care and prudence expected from a person seeking to satisfy a legal requirement under similar circumstances;”
A minimum penalty of $1,000 and a maximum penalty of $50,000 per violation, for violations for “reasonable cause” which do not rise to the level of “willful neglect” where “reasonable cause” means the “circumstances that would make it unreasonable for the Covered Entity, despite the exercise of ordinary business care and prudence, to comply with the violated Privacy Rule requirement;”
A minimum penalty of $10,000 and a maximum penalty of $50,000 per violation, for violations attributed to “willful neglect,” defined as “the conscious, intentional failure or reckless indifference to the obligation to comply” with the requirement or prohibition; and
A minimum penalty of $50,000 and a maximum penalty of $1.5 million per violation, for violations attributed to “willful neglect” not remedied within 30 days of the date that the Covered Entity or BA knew or should have known of the violation.

For continuing violations such as failing to implement a required BAA, OCR can treat each day of noncompliance as a separate violation. However, sanctions under each of these tiers generally are subject to a maximum penalty of $1,500,000 for violations of identical requirements or prohibitions during a calendar year. For violations such as the failure to implement and maintain a required BAA where more than one Covered Entity bears responsibility for the violation, OCR an impose Civil Monetary Penalties against each culpable party. OCR considers a variety of mitigating and aggravating facts and circumstances when arriving at the amount of the penalty within each of these applicable tiers to impose.

In addition to these potential civil liability exposures, Covered Entities, their business associates and other individuals or organizations that wrongfully use, access or disclose electronic or other protected health information also can face civil liability under various circumstances. The criminal enforcement provisions of HIPAA authorize the Justice Department to prosecute a person who knowingly in violation of the Privacy Rule (1) uses or causes to be used a unique health identifier; (2) obtains individually identifiable health information relating to an individual; or (3) discloses individually identifiable health information to another person, punishable by the following criminal sanctions and penalties:

A fine of up to $50,000, imprisoned not more than 1 year, or both;
If the offense is committed under false pretenses, a fine of up to $100,000, imprisonment of not more than 5 years, or both; and
If the offense is committed with intent to sell, transfer, or use individually identifiable health information for commercial advantage, personal gain, or malicious harm, a fine of up to $250,000, imprisoned not more than 10 years, or both.

Because HIPAA Privacy Rule criminal violations are Class A Misdemeanors or felonies, Covered Entities and business associates should include HIPAA compliance in their Federal Sentencing Guideline Compliance Programs and practices and need to be concerned both about criminal exposure for their own direct violations, as well as imputed organizational liability for violations committed by their employees or agents under the Federal Sentencing Guidelines, particularly where their failure to implement or administer these required compliance policies and practices or failure to properly investigate or redress potential violations enables, perpetuates or covers up the criminal breach.

FileFax, Inc. Breach & Resolution Agreement

While Congress amended the Civil Monetary Penalty provisions of HIPAA enforced by OCR to make many of the requirements and Civil Monetary Penalty sanctions of HIPAA directly enforceable by OCR against business associates as part of the Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the American Recovery and Reinvestment Act of 2009, the FileFax Resolution Agreement appears to be the first HIPAA resolution agreement with a business associate announced by OCR.

Indeed, OCR’s enforcement action that resulted in the FileFax Resolution Agreement would never have occurred had FileFax, Inc. not become involved in handling medical records containing PHI in the capacity of a business associate for Covered Entities.

Before filing for bankruptcy in 2016, FileFax, Inc. advertised it provided HIPAA-compliant storage, maintenance, and delivery of medical records for HIPAA Covered Entities including Illinois based health care provider CCDC, which entered into a resolution agreement with OCR in April, 2017 to resolve OCR charges that it violated HIPAA by allowing FileFax, Inc. to handle PHI without fulfilling HIPAA’s business associate agreement requirements.

Like the CCDC Resolution Agreement, the FileFax, Inc. Resolution Agreement resulted from an investigation of FileFax, Inc. that OCR began in response to a February 10, 2015 anonymous complaint filed with OCR about FileFax, Inc. about deficiencies in its delivery of these HIPAA services in its capacity as a business associate to Covered Entities. The complaint to OCR alleged that FileFax, Inc. violated these requirements because an individual transported medical records obtained from FileFax, Inc. to a shredding and recycling facility to sell on February 6 and 9, 2015.

OCR’s investigation of the complaint against FileFax, Inc. confirmed that an individual had left medical records of approximately 2,150 patients at the shredding and recycling facility, and that these medical records contained patients’ PHI. OCR’s investigation additionally found that between January 28, 2015, and February 14, 2015, FileFax, Inc. impermissibly disclosed the PHI of 2,150 individuals by leaving the PHI in an unlocked truck in the FileFax, Inc. parking lot, or by granting permission to an unauthorized person to remove the PHI from FileFax, Inc. and leaving the PHI unsecured outside the FileFax, Inc. facility.

After OCR commenced its investigation of the complaint, FileFax, Inc. was placed into bankruptcy and a receiver was appointed to liquidate FileFax, Inc.’s assets for distribution to creditors and others in 2016. Despite the bankruptcy, OCR continued to pursue enforcement against FileFax, Inc. for the HIPAA violations it found through its investigation. On February 13, 2018, OCR announced that that the receiver on behalf of FileFax, Inc. had agreed in the FileFax Resolution Agreement to pay a $100,000 monetary settlement out of the bankruptcy estate and to arrange to properly store and dispose of remaining medical records found at FileFax, Inc.’s facility in compliance with HIPAA to resolve OCR’s HIPAA charges against FileFax, Inc.

OCR Previously Sanctioned Covered Entity For Involvement With FileFax, Inc.

Beyond affirming the exposure business associates to OCR civil monetary penalties or other enforcement for violating HIPAA, the FileFax Resolution Agreement in conjunction with OCR’s previously announced April 20, 2017 resolution agreement (CCDC Resolution Agreement) with CCDC also demonstrates the need for Covered Entities to recognize that their organizations are likely to face HIPAA investigations or enforcement from HIPAA violations by or OCR audits or investigations of the conduct of their business associates.

In fact, this is exactly what happened to CCDC. A small, Illinois based Covered Entity, CCDC used FileFax, Inc. to store and dispose of medical records. As a consequence of the FileFax, Inc. investigation, OCR conducted a compliance review of CCDC. OCR reports that its compliance review revealed that while CCDC had disclosed to and allowed FileFax, Inc. to store records containing PHI for CCDC since in 2003, neither party could produce a signed business associate agreement (BAA) prior to October 12, 2015. As a consequence, OCR charged CCDC with violating HIPAA by disclosing PHI to FileFax, Inc. in violation of HIPAA’s business associate requirements.

To resolve its exposure to potentially much greater civil monetary penalties associated with this charge, CCDC agreed under the CCDC Resolution Agreement to pay OCR a $31,000 resolution payment and take a variety of corrective actions. Beyond requiring CCDC to implement and maintain written business associate agreements before allowing business associates to possess or access PHI, the corrective action plan imposed as part of the CCDC Resolution Agreement also expressly requires CCDC to promptly investigate information of a possible violation of its HIPAA policies and procedures by a “workforce member,” which the Privacy Rule defines to include a business associate, and if the investigation reveals a violation, to report the violation and corrective action taken to OCR.

OCR Enforces HIPAA Against Covered Entities & Business Associates In Bankruptcy

OCR’s announcement of the FileFax Resolution Agreement also is significant in its reaffirmation of OCR to its commitment to HIPAA enforcement, even if the HIPAA-violating Covered Entity or business associate goes bankruptcy.

OCR’s enforcement action against FileFax, Inc. despite its bankruptcy and its successful negotiation of the FileFax Resolution Agreement within the bankruptcy should alert Covered Entities and business associates that OCR does not consider the bankruptcy of a Covered Entity or business associate as an obstacle to OCR enforcement against Covered Entities or business associates that violate HIPAA. The seriousness of OCR’s commitment to enforcement, even in the face of bankruptcy is driven home by its announcement of the FileFax Resolution Agreement on the heels of its December, 2017 announcement of its first OCR HIPAA resolution agreement secured with the formal approval of a bankruptcy court, a resolution agreement (21CO Resolution Agreement) against bankrupt health care provider, 21CO.

Secured with bankruptcy court approval, the 21CO Resolution Agreement resolved potentially much larger civil monetary penalties that the Fort Myers, Florida based provider of cancer care services and radiation oncology could have faced for alleged HIPAA breaches OCR charged it committed in connection with its failure to adequately act to prevent and respond to hacking and misappropriation of records containing sensitive electronic protected health information (ePHI) of up to 2,213597 individuals.

The OCR charges against 21CO arose from an OCR investigation commenced after the Federal Bureau of Investigation (FBI) notified 21CO on November 13, 2015 and a second time on December 13, 2015 than unauthorized third party illegally obtained 21CO sensitive patient information and produced 21CO patient files purchased by a FBI informant. As part of its internal investigation, 21CO hired a third party forensic auditing firm in November 2015. 21CO determined that the attacker may have accessed 21CO’s network SQL database as early as October 3, 2015, through Remote Desktop Protocol from an Exchange Server within 21CO’s network. 21CO determined that it is possible that 2,213,597 individuals may have been affected by the impermissible access to their names, social security numbers, physicians’ names, diagnoses, treatment and insurance information.

Although it knew of the breaches in November and December, 2015, 21CO waited more than three months after the FBI notified it of the breaches before it sent HIPAA or other breach notifications about the data breach to patients or notified investors in March, 2016. Its March 4, 2016 Securities and Exchange Commission 8-K on Data Security Incident (Breach 8-K) states 21CO delayed notification at the request of the FBI to avoid interfering in the criminal investigation of the breach.

When announcing the breach, 21CO provided all individuals affected by the breach with a free one-year subscription to the Experian ProtectMyID fraud protection service. At that time, 21CO said it had no evidence that any patient information actually had been misused. However some victims of the breach subsequently have claimed being victimized by a variety of scams since the breach in news reports and lawsuits about the breach.

At the time of the breach and its March 4, 2016 announcement of the breach, 21CO already was working to resolve other compliance issues. On December 16, 2015, 21CO announced that a 21CO subsidiary had agreed to pay $19.75 million to the United States and $528,000 in attorneys’ fees and costs and comply with a corporate integrity agreement related to a qui tam action in which it was accused of making false claims to Medicare and other federal health programs. See 21CO 8-K Re: Entry into a Material Definitive Agreement (December 22, 2015). Among other things, the corporate integrity agreement required by that settlement required 21CO to appoint a compliance officer and take other steps to maintain compliance with federal health care laws. In addition, five days after releasing the March 4, 2017 Breach 8-K, 21CO notified investors that its subsidiary, 21st Century Oncology, Inc. (“21C”), had agreed to pay $37.4 million to settle health care fraud law charges relating to billing and other protocols of certain staff in the utilization of state-of-the-art radiation dose calculation system used by radiation oncologists called GAMMA. See 21CO 8-K Re: GAMMA Settlement March 9, 2016 ; See also United States Settles False Claims Act Allegations Against 21st Century Oncology for $34.7 Million.

Based on OCR’s subsequent investigation into these breaches, OCR found:

21CO impermissibly disclosed certain PHI of 2,213,597 of its patients in violation of 45 C.F.R. § 164.502(a);
21CO failed to conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of the electronic protected health information (ePHI) held by 21CO in violation of 45 C.F.R. § 164.308(a)(1)(ii)(A);
21CO failed to implement certain security measures sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level to comply with 45 C.F.R. § 164.306(A) in violation of 45 C.F.R. § 164.308(a)(1)(ii)(B);
21CO failed to implement procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports as required by 45 C.F.R. §164.308(a)(1)(ii)(D);
21CO disclosed protected health information to a third party vendors, acting as its business associates, without obtaining satisfactory assurances in the form of a written business associate agreement in violation of HIPAA’s business associate rule requirements under 45 C.F.R. §§ 164.502(e) and 164.308(b)(3).

In return for OCR’s agreement not to further pursue charges or penalties relating to the breach investigation, the Resolution Agreement entered into with the approval of the Bankruptcy Court requires that 21CO pay OCR a $2.3 million Resolution Amount and implement to OCR’s satisfaction a corrective action plan that among other things requires that 21CO complete a detailed series of corrective actions to the satisfaction of OCR.

In addition to the OCR investigation that lead to the 21CO Resolution Agreement announced by OCR on December 28, 2017, 21CO experienced other fallout following its March 4, 2016 public disclosure of the breach. Not surprisingly, the breach notification led to a multitude of class-action civil lawsuits by breach victims and shareholders. See, e.g., 16 Data Breach Class Action Lawsuits Filed Against 21st Century Oncology Consolidated; 21st Century Oncology data breach prompts multiple lawsuits. Reports of spoofing and other misleading contacts made to 21CO patients following the breach prompted the Federal Trade Commission (FTC) to issue a specific notice alerting victims about potential false breach notifications and other misleading contacts. See April 4, 2016 FTC Announcement Re: 21st Century Oncology breach exposes patients’ info.

These and other developments also had significant consequences on 21CO’s financial status and leadership. By March 31, 2015, 21CO notified the SEC and investors that it needed added time to complete its financial statements. Subsequent SEC filings document its restatement of financial statements, the departure of board members and other leaders, default on credit terms, and ultimately its filing for Chapter 11 bankruptcy protection in the United States Bankruptcy Court for the Southern District of New York on May 25, 2017.

Because 21CO sought bankruptcy court protection from the fallout of its HIPAA breaches and other compliance and business issues, the 21CO Resolution Agreement required bankruptcy court approval. Funds for payment of the required $2.3 million resolution payment and other charges associated with the investigation apparently are being provided in part from breach liability insurance coverage provided under a policy issued by Beazley Insurance, as the Bankruptcy Court order directs Beazley Breach Response Policy No. W140E2150301 to make immediate payment to the OCR of the resolution amount and the payment of fees incurred by 21CO in connection with regulatory defense issues.

HIPAA & Data Breach Enforcement A Growing Health Plan Risk

Health plans and other Covered Entities, plan sponsors and plan fiduciaries, their business associates and other consultants and service providers and members of their workforce need to recognize that the FileFax, CCDC, 21CO and other resolution agreements are part of a growing trend, rather than isolated incidents of enforcement and that their exposure to investigation and enforcement is likely to continue to rise in the face of growing public and Congressional concern about privacy and data security.

While civil monetary penalty enforcement remains much more common than criminal prosecution, Covered Entities, their business associates and members of their workforce must understand that HIPAA enforcement and resulting liability is growing and that this trend is likely to continue if not increase.

While Department of Justice federal criminal prosecutions and convictions under HIPAA remain relatively rare, they occur and are growing. See e.g., Former Hospital Employee Sentenced for HIPAA Violations (Texas man sentenced to 18 months in federal prison for obtaining protected health information with the intent to use it for personal gain); Three Life Sentences Imposed On Man Following Convictions For Drug Trafficking, Kidnapping, Using Firearms and HIPAA Violations (drug king pin gets multiple 10 year consecutive prison terms for unauthorized access to private health information in violation of HIPAA; his health care worker friend sentenced for accessing electronic medical files and reporting information to him); Former Therapist Charged In HIPAA Case; Hefty Prison Sentence in ID Theft Case (former assisted living facility worker gets 37 months in prison after pleading guilty to wrongful disclosure of HIPAA protected information and other charges); Hefty Prison Sentence in ID Theft Case (former medical supply company owner sentenced to 12 years for HIPAA violations and fraud). While the harshest sentences tend to be associated with health care fraud or other criminal conduct, lighter criminal sentences are imposed against defendants in other cases as well. See e.g., Sentencing In S.C. Medicaid Breach Case (former South Carolina state employee sentenced to three years’ probation, plus community service, for sending personal information about more than 228,000 Medicaid recipients to his personal e-mail account.); HIPAA Violation Leads To Prison Term (former UCLA Healthcare System surgeon gets four months in prison after admitting he illegally read private electronic medical records of celebrities and others.)

While criminal enforcement of HIPAA remains relatively rare and OCR to date only actually has assessed HIPAA civil monetary penalties against certain Covered Entities for violating HIPAA in a couple isolated instances, the growing list of multi-million dollar resolution payments against Covered Entities and with the FileFax Resolution Agreement announcement, now also business associates for violating HIPAA make clear that HIPAA enforcement is both meaningful and growing. See e.g., Learn From Children’s New $3.2M+ HIPAA CMP For “Knowing” Violation of HIPAA Security Rules ($3.2 million Children’s Medical Center HIPAA Civil Monetary Penalty); 1st HIPAA Privacy Civil Penalty of $4.3 Million Signals CMS Serious About HIPAA Enforcement; $400K HIPAA Settlement Shows Need To Conduct Timely & Appropriate Risk Assessments; $5.5M Memorial HIPAA Resolution Agreement Shows Need To Audit. For more examples, also see here.

The experiences of FileFax, Inc., CCDC, 21CO and these other OCR HIPAA Resolution Agreements provide strong evidence that that health plans and other Covered Entities and their business associates can anticipate that OCR will continue to zealously investigate HIPAA breaches and other HIPAA violations. Aside from OCR’s recurrent affirmations of its commitment to HIPAA enforcement, Covered Entities, their business associates and their leaders must recognize that public and Congressional privacy and data security concerns fueled by the ever growing stream of massive data breaches at Alteryx, eBay, Paypal owner TIO Networks, Uber, Equifax and a long list of other previously trusted prominent businesses are creating additional pressure upon OCR and other agencies to pursue even stronger and more aggressive HIPAA oversight and enforcement. Amid this growing concern, OCR, the FTC and other federal and state agencies with regulatory or enforcement authority over HIPAA or other data security and privacy concerns face increasing scrutiny and pressure to take meaningful action to regulate and enforce HIPAA and other laws intended to protect sensitive data even as private litigants enjoy increasing success in obtaining civil judgments from damages resulting from breaches of their PHI or other sensitive personal information using an expanding arsenal of legal theories of recovery. In the face of these growing concerns about privacy and data security, OCR can be expected to continue, if not increase its HIPAA compliance enforcement and oversight by OCR.

Furthermore, the experiences of FileFax, Inc., 21CO, CCDC and other Covered Entities and business associates that already have become the subject of OCR investigation or enforcement also reflect that HIPAA resolution payments or penalties paid to OCR and other costs and expenses associated with the defense and resolution of OCR’s investigations and enforcement actions typically only a portion of the financial and other business consequences that Covered Entities or business associates might expect to incur as a consequence of a breach of PHI or other substantial HIPAA violation or charge.

Beyond their potential HIPAA enforcement exposures following a HIPAA covered data breach or other violation, health care or other Covered Entities and members of their workforce experiencing breaches of ePHI or other PHI often also face FTC or other government investigations and enforcement relating their data breaches under the Fair and Accurate Credit Transactions Act (FACTA) and other federal or state identity theft, data privacy and security, electronic crimes and other laws. They or members of their workforce may face licensing board, credentialing, accreditation, contractual or other investigations or sanctions. Victims, business partners, investors and others often bring civil litigation to address losses or other injures associated with the breach or other misconduct. In addition, losses and disruptions in patients, plan member, vendor, investor, employee, management and other business relationships, and other business disruptions also are common.

Where the breach of other HIPAA violation involves a health plan, health plans, their fiduciaries and sponsors also need to give due consideration to the implications and exposures that might arise under the fiduciary responsibility rules of the Employee Retirement Income Security Act (ERISA). Beyond the direct exposure of their health plan to HIPAA and other compliance liabilities, health plan fiduciaries generally will want to consider whether their fiduciary responsibility under ERISA requires that prudent or other steps be taken to safeguard health plan information and maintain and administer their health plan in accordance with HIPAA and other laws. As a consequence, fiduciaries generally will want to ensure that they take and document prudent steps to evaluate, monitor and address HIPAA and other privacy and data security safeguards to minimize not only the liability exposures of their health plans, but also to help mitigate their own potential personal liability exposures that could arise or be asserted in response to a HIPAA breach or other HIPAA violation involving their health plans.

In the face of these growing risks and liabilities, Covered Entities and their business leaders face a strong imperative to clean up and maintain their HIPAA compliance and other data security to minimize their exposure to similar consequences. In addition to reaffirming the need for Covered Entities and their business associates to take the necessary steps to maintain and effectively demonstrate the adequacy of their own HIPAA compliance, the CCDC and FileFax Resolution Agreements alert Covered Entities and business associates of the advisability of greater oversight and risk management of their dealings and relationships with the other Covered Entities and business associates with access to or involvement with their PHI or other critical functions.

In light of these rises, leaders, investors, insurers, lenders and others involved with Covered Entities and their business associates should take steps to verify that the Covered Entities and their business associates not only maintain compliance with HIPAA and its business associate and other privacy, data security and breach notification and response requirements, but also maintain appropriate practices, insurance and other safeguards to prevent, respond to and mitigate exposures in the event of a breach of protected health information or other sensitive data. The bankruptcies and other financial and business fallout of HIPAA or other data breaches experienced by FileFax, Inc. 21CO and other HIPAA-covered and non-HIPAA regulated entities also makes clear that Covered Entities and business associates should anticipate that their own fallout from a breach or other HIPAA event and resulting responsibilities and consequences could be impacted by their own or a business associate’s financial distress or bankruptcy. Beyond the risk that their own or another entity’s breach, compliance issues, or other financial or business issues could trigger breach investigation, notice or other responsibilities for their own organizations, Covered Entities, business associates and their leaders also should evaluate and revise their HIPAA risk assessments and security plans to address foreseeable threats to the availability, access, retention and security of PHI and associated records and systems.

The Bankruptcy Court’s order to 21CO’s cyber liability insurer to pay the resolution payment required under the 21CO Resolution Agreement and other costs of investigation and defense also strongly suggests that the purchase of insurance and other arrangements for funding costs of defense or settlement should be included in these evaluations.

As part of these efforts, Covered Entities and their business associates should ensure that they have conducted, and maintain and are ready to produce appropriate policies and procedures backed up by a well-documented, up-to-date industry wide risk assessment of their organization’s susceptibility to breaches or other misuse of electronic or other protected health information. The starting point of these efforts should be to adopt and enforce updated written policies, procedures, technical and physical safeguards, processes and training to prevent the improper use, access, destruction or disclosure of patient PHI. Processes also should create, retain and be designed to cost effectively track, capture, and retain both all protected health information, its use, access, protection, destruction and disclosure, and the requisite supportive documentation supporting the appropriateness of those action to position the organization cost-effectively and quickly to fulfill required accounting, reporting and other needs in the event of a data breach, audit, participant inquiry or other event.

As part of this process, Covered Entities and business associates should maintain strong and ongoing processes for assessing and monitoring the adequacy of their policies and practices. In addition to ensuring that their organization has a comprehensive risk management and compliance assessment, Covered Entities and business associates need to conduct documented periodic audits and spot HIPAA audits and assessments. In doing so, they must use care to look outside the four corners of their Privacy Policies and core operating systems to ensure that their policies, practices, oversight and training address all protected health information within their operations on an entity wide basis. This entity-wide assessment should include communications and requests for information normally addressed to the Privacy Officer as well as requests and communications that could arise in the course of media or other public relations, practice transition, workforce communication and other operations not typically under the direct oversight and management of the Privacy Officer.

In connection with these efforts, the enforcement actions make clear that Covered Entities and business associates should adopt, implement and monitor PHI privacy, and security on an entity wide basis. These efforts should include general policies, practices and procedures as well as specifically tailored policies, processes and training to protect PHI and preserve HIPAA compliance throughout their organization. Testing and analysis should be conducted on a regular basis. Documented reassessments and testing should be performed in response to software, hardware or other changes or events that could impact security or other operations. Beyond security, attention also should cover business or system interruption including losses that might occur from the bankruptcy, termination of business or other disruptions of business associates or other parties. Attention should be paid both to protecting access and use of PHI and ePHI in the course of business as well as the transmission, transport, storage and destruction of records or systems containing such information.

Careful attention should be devoted to ensuring that business associate agreements as well and other processes provide for HIPAA compliance with respect to all PHI created, used, accessed or disclosed to business associates or others not part of their direct workforce or operating outside the core boundaries of their facilities.

Covered entities and their business associates also must recognize and design their compliance efforts and documentation recognizing that HIPAA compliance is a living process, which require both constant diligence about changes in systems or other events that may require reevaluation or adjustments, whether from changes in software, systems or processes or external threats.

Because the cost of responding to and investigating breaches or other compliance concern can be quite burdensome, Covered Entities and their business associates also generally will want to pursue options to plan for and minimize potential expenses in the design and administration of their programs as well as to minimize and cover the potentially extraordinary costs of breach or other compliance investigation and results that commonly arise following a breach or other compliance event. As a part of this planning, Covered Entities and their business associates also generally will want to add consideration of changes to federal tax rules on the deductibility of compliance penalty and other related compliance expenditures.

While the Internal Revenue Code traditionally has prohibited businesses and individuals from deducting penalties, fines and other expenditures arising from violations of federal or state laws under Section 162(f) of the Internal Revenue Code, Section 13306 of the Tax Cuts and Jobs Creation Act creates a new exception for amounts (other than amounts paid or incurred any amount paid or incurred as reimbursement to the government or entity for the costs of any investigation or litigation) that a taxpayer establishes meet the following requirements:

Constitute restitution (including remediation of property) for damage or harm which was or may be caused by the violation of any law or the potential violation of any law, or
Are paid to come into compliance with any law which was violated or otherwise involved in the investigation or inquiry into a violation or potential violation of any law;
Are identified as restitution or as an amount paid to come into compliance with such law, as the case may be, in the court order or settlement agreement, and
In the case of any amount of restitution for failure to pay any tax imposed under this title in the same manner as if such amount were such tax, would have been allowed as a deduction under this chapter if it had been timely paid.

Because the true effect of these modifications will be impacted by implementing regulations and a number of other special conditions and rules may impact the deductibility of these payments and the reporting obligations attached to their payment, Covered Entities will want to consult with legal counsel about these rules and monitor their implementation to understand their potential implications on compliance expenditures and penalties.

About The Author

Repeatedly recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, a Fellow in the American College of Employee Benefit Council, the American Bar Foundation and the Texas Bar Foundation and board certified in labor and employment law by the Texas Board of Legal Specialization, Cynthia Marcotte Stamer is a practicing attorney, management consultant, author, public policy advocate and lecturer widely known for health and managed care, employee benefits, insurance and financial services, data and technology and other management work, public policy leadership and advocacy, coaching, teachings, and publications. Nationally recognized for her work, experience, leadership and publications on HIPAA and other medical privacy and data use and security, FACTA, GLB, trade secrets and other privacy and data security concerns, Ms. Stamer has worked extensively with clients and the government on cybersecurity, technology and processes and other issues involved in the use and management of medical, insurance and other financial, workforce, trade secrets and other sensitive data and information throughout her career. Scribe or co-scribe of the ABA Joint Committee on Employee Benefits Agency meeting with OCR since 2011 and author of a multitude of highly regarded publications on HIPAA and other health care, insurance, financial and other privacy and data security, Ms. Stamer is widely known for her extensive and leading edge experience, advising, representing, training and coaching health care providers, health plans, healthcare clearinghouses, business associates, their information technology and other solutions providers and vendors, and others on HIPAA and other privacy, data security and cybersecurity design, documentation, administration, audit and oversight, business associate and other data and technology contracting, breach investigation and response, and other related concerns including extensive involvement representing clients in dealings with OCR and other Health & Human Services, Federal Trade Commission, Department of Labor, Department of Treasury, state health, insurance and attorneys’ general, Congress and state legislators and other federal officials.

Ms. Stamer also has an extensive contributes her leadership and insights with other professionals, industry leaders and lawmakers. Her insights on HIPAA risk management and compliance often appear in medical privacy related publications of a broad range of health care, health plan and other industry publications Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, SHRM, HIMMS, the American Bar Association, the Health Care Compliance Association, a multitude of health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others. You can get more information about her HIPAA and other experience here. For additional information about Ms. Stamer, see here, e-mail her here or telephone Ms. Stamer at (214) 452-8297.

About Solutions Law Press, Inc.™

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Comments Off on OCR HIPAA Resolution Agreement Against Bankrupt Business Associate Signals Growing Exposures, Need for Tighter HIPAA Compliance By Health Plans & Business Associates | Association Health Plan, board of directors, Brokers, church plan, Civil Monetary Penalties, Civil Rights, Claims Administration, Corporate Compliance, corporate governance, Cybercrime, Data Breach, Data Security, EBSA, employee, Employee Benefits, Employer, Employers, Employment, ERISA, FACTA, Fair Credit Reporting Act, fiduciary duty, Fiduciary Responsibility, GINA, health benefit, Health Benefits, health Care, health insurance, health insurance marketplace, health plan, Health Plans, HIPAA, HR, Human Resources, Identity Theft, Insurance, insurers, Internal Controls, Internal Investigations, Technology, third party administrators, Trade secret, Uncategorized | Tagged: Health Plans, HIPAA, Technology | Permalink
Posted by Cynthia Marcotte Stamer

$3.5M HIPAA Settlement Highlights Need To Prioritize Health Plan HIPAA Compliance in 2018

February 2, 2018

The $3.5 million payment that Fresenius Medical Care North America (FMCNA) is paying to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) to settle potential liability for potentially much higher Civil Monetary Penalties (CMPs) to OCR for Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules violation charges under a voluntary resolution agreement illustrates the need for group health plans and their employer and other sponsors, fiduciaries, and vendors to make HIPAA compliance a key priority for 2018.

Widespread publicity and fallout from data breaches involving Equifax, Blue Cross, the Internal Revenue Service and many other giant organizations have ramped up public awareness and government concern about health care and other data security. The resulting pressure is adding additional fuel to the already substantial concern of OCR and other agencies about compliance with HIPAA and other data security and breach laws. Like the $2.3 million HIPAA resolution agreement OCR announced with now bankrupt radiation oncology and cancer care provider 21st Century Oncology, Inc. (21CO) earlier this year, see, e.g., $23M Penalty Small Part of 21st Century’s Data Breach Fallout; Offers Data Breach Lessons For Other Businesses, the growing list of OCR resolution agreements and other enforcement actions against FMCNA, 21CO and other covered entities and other legal and market fallout that covered entities and other organizations experience following the announcement of breaches or other security deficiencies make the case for why HIPAA-covered health care providers, health plans, health care clearinghouses and their business associates (covered entities) must prioritize HIPAA compliance and other medical and other data security protection, privacy and risk management a top priority in 2018.

When weighing the importance of HIPAA compliance and risk management for their health plans, health plans, their employer or other sponsors, fiduciaries, insurers, administrators and their business associates should resist the temptation to underestimate the exposure because providers, rather than health plans, have been the most common target of the majority of the announced OCR enforcement actions resulting in substantial civil monetary penalties or resolution payments.

Rather, they should take note of resolution agreements and other enforcement actions against health plans such as the $2.2 million settlement payment APFRE Life Insurance Company of Puerto Rico (MAPFRE) paid under a 2017 resolution agreement to resolve HIPAA violation charges OCR brought based on its investigation of a September 29, 2011 breach report MCPFRE made to OCR. The breach report indicated that a USB data storage device (described as a “pen drive”) containing ePHI was stolen from its IT department, where the device was left without safeguards overnight. According to the report, the USB data storage device included complete names, dates of birth and Social Security numbers. The report noted that the breach affected 2,209 individuals. MAPFRE informed OCR that it was able to identify the breached ePHI by reconstituting the data on the computer on which the USB data storage device was attached. OCR’s investigation revealed MAPFRE’s noncompliance with the HIPAA Rules, specifically a failure to conduct its risk analysis and implement risk management plans, contrary to its prior representations, and a failure to deploy encryption or an equivalent alternative measure on its laptops and removable storage media until September 1, 2014. MAPFRE also failed to implement or delayed implementing other corrective measures it informed OCR it would undertake.

HIPAA Privacy, Security & Breach Notification Rule Responsibilities & Risks

The Privacy Rule requires that health plans, health care providers, health care clearinghouses (covered entities) and their vendors that qualify as “business associates” under HIPAA comply with detailed requirements concerning the protection, use, access, destruction and disclosure of protected health information. As part of these requirements, covered entities and their business associates must adopt, administer and enforce detailed policies and practices, assess, monitor and maintain the security of electronic protected health information (ePHI) and other protected health information, provide notices of privacy practices and breaches of “unsecured” ePHI, afford individuals that are the subject of protected health information certain rights and comply with other requirements as specified by the Privacy, Security and Breach Notification Rules. In addition, covered entities and business associates also must enter into a written and signed business associate agreement that contains the elements specified in Privacy Rule § 164.504(e) before the business associate creates, uses, accesses or discloses PHI of the covered entity. Furthermore, the Privacy Rule includes extensive documentation and keeping requirements require that covered entities and BAs maintain copies of these BAAs for a minimum of six years and to provide that documentation to OCR upon demand.

Resolution Agreements like the $3.2 million FMCNA resolution agreement allow covered entities and business associates to resolve potentially substantially larger civil monetary penalty liabilities that OCR can impose under the civil enforcement provisions of HIPAA. As amended by the HITECH Act, the civil enforcement provisions of HIPAA empower OCR to impose Civil Monetary Penalties on both covered entities and BAs for violations of any of the requirements of the Privacy or Security Rules. The penalty ranges for civil violations depends upon the circumstances associated with the violations and are subject to upward adjustment for inflation. As most recently adjusted here effective September 6, 2016, the following currently are the progressively increasing Civil Monetary Penalty tiers:

A minimum penalty of $100 and a maximum penalty of $50,000 per violation, for violations which the CE or BA “did not know, and by exercising reasonable diligence would not have known” about using “the business care and prudence expected from a person seeking to satisfy a legal requirement under similar circumstances;”
A minimum penalty of $1,000 and a maximum penalty of $50,000 per violation, for violations for “reasonable cause” which do not rise to the level of “willful neglect” where “reasonable cause” means the “circumstances that would make it unreasonable for the covered entity, despite the exercise of ordinary business care and prudence, to comply with the violated Privacy Rule requirement;”
A minimum penalty of $10,000 and a maximum penalty of $50,000 per violation, for violations attributed to “willful neglect,” defined as “the conscious, intentional failure or reckless indifference to the obligation to comply” with the requirement or prohibition; and
A minimum penalty of $50,000 and a maximum penalty of $1.5 million per violation, for violations attributed to “willful neglect” not remedied within 30 days of the date that the covered entity or BA knew or should have known of the violation.

For continuing violations such as failing to implement a required BAA, OCR can treat each day of noncompliance as a separate violation. However, sanctions under each of these tiers generally are subject to a maximum penalty of $1,500,000 for violations of identical requirements or prohibitions during a calendar year. For violations such as the failure to implement and maintain a required BAA where more than one covered entity bears responsibility for the violation, OCR an impose Civil Monetary Penalties against each culpable party. OCR considers a variety of mitigating and aggravating facts and circumstances when arriving at the amount of the penalty within each of these applicable tiers to impose.

In addition to these potential civil liability exposures, covered entities, their business associates and other individuals or organizations that wrongfully use, access or disclose electronic or other protected health information also can face civil liability under various circumstances. The criminal enforcement provisions of HIPAA authorize the Justice Department to prosecute a person who knowingly in violation of the Privacy Rule (1) uses or causes to be used a unique health identifier; (2) obtains individually identifiable health information relating to an individual; or (3) discloses individually identifiable health information to another person, punishable by the following criminal sanctions and penalties:

A fine of up to $50,000, imprisoned not more than 1 year, or both;
If the offense is committed under false pretenses, a fine of up to $100,000, imprisonment of not more than 5 years, or both; and
If the offense is committed with intent to sell, transfer, or use individually identifiable health information for commercial advantage, personal gain, or malicious harm, a fine of up to $250,000, imprisoned not more than 10 years, or both.

Fresenius Breach, Charges & Settlement Agreement Illustrate Civil Exposures

The FMCNA resolution agreement is another example of a growing list of resolution agreements various HIPAA covered entities have entered into to resolve their exposure to potentially greater liability should OCR assess civil monetary penalties under HIPAA’s civil sanction scheme.

The breach reports filed on January 21, 2017 reported five separate breach incidents occurring between February 23, 2012 and July 18, 2012 implicating the electronic protected health information (ePHI) of five separate FMCNA owned covered entities (FMCNA covered entities): Bio-Medical Applications of Florida, Inc. d/b/a Fresenius Medical Care Duval Facility in Jacksonville, Florida (FMC Duval Facility); Bio-Medical Applications of Alabama, Inc. d/b/a Fresenius Medical Care Magnolia Grove in Semmes, Alabama (FMC Magnolia Grove Facility); Renal Dimensions, LLC d/b/a Fresenius Medical Care Ak-Chin in Maricopa, Arizona (FMC Ak-Chin Facility); Fresenius Vascular Care Augusta, LLC (FVC Augusta); and WSKC Dialysis Services, Inc. d/b/a Fresenius Medical Care Blue Island Dialysis (FMC Blue Island Facility).

OCR concluded its investigation showed the breaches resulted because FMCNA failed to conduct an accurate and thorough risk analysis of potential risks and vulnerabilities to the confidentiality, integrity, and availability of all of its ePHI. OCR also concluded:

The FMCNA covered entities impermissibly disclosed the ePHI of patients by providing unauthorized access for a purpose not permitted by the Privacy Rule.
FMC Ak-Chin failed to implement policies and procedures to address security incidents.
FMC Magnolia Grove failed to implement policies and procedures that govern the receipt and removal of hardware and electronic media that contain ePHI into and out of a facility; and the movement of these items within the facility.
FMC Duval and FMC Blue Island failed to implement policies and procedures to safeguard their facilities and equipment therein from unauthorized access, tampering, and theft, when it was reasonable and appropriate to do so under the circumstances.
FMC Magnolia Grove and FVC Augusta failed to implement a mechanism to encrypt and decrypt ePHI, when it was reasonable and appropriate to do so under the circumstances.

In addition to a $3.5 million monetary settlement, a corrective action plan requires the FMCNA covered entities to complete a risk analysis and risk management plan, revise policies and procedures on device and media controls as well as facility access controls, develop an encryption report, and educate its workforce on policies and procedures.

HIPAA & Data Breach Enforcement A Growing Health Plan Risk

Health plans and other covered entities, plan sponsors and plan fiduciaries, their business associates and other consultants and service providers and members of their workforce need to recognize that the FMCNA and other resolution agreements are part of a growing trend, rather than isolated incidents of enforcement.

While civil monetary penalty enforcement remains much more common than criminal prosecution, covered entities, their business associates and members of their workforce must understand that HIPAA enforcement and resulting liability is growing.

While Department of Justice federal criminal prosecutions and convictions under HIPAA remain relatively rare, they occur and are growing. See e.g., Former Hospital Employee Sentenced for HIPAA Violations (Texas man sentenced to 18 months in federal prison for obtaining protected health information with the intent to use it for personal gain); Three Life Sentences Imposed On Man Following Convictions For Drug Trafficking, Kidnapping, Using Firearms and HIPAA Violations (drug king pin gets multiple 10 year consecutive prison terms for unauthorized access to private health information in violation of HIPAA; his health care worker friend sentenced for accessing electronic medical files and reporting information to him); Former Therapist Charged In HIPAA Case; Hefty Prison Sentence in ID Theft Case (former assisted living facility worker gets 37 months in prison after pleading guilty to wrongful disclosure of HIPAA protected information and other charges); Hefty Prison Sentence in ID Theft Case (former medical supply company owner sentenced to 12 years for HIPAA violations and fraud). While the harshest sentences tend to be associated with health care fraud or other criminal conduct, lighter criminal sentences are imposed against defendants in other cases as well. See e.g., Sentencing In S.C. Medicaid Breach Case (former South Carolina state employee sentenced to three years’ probation, plus community service, for sending personal information about more than 228,000 Medicaid recipients to his personal e-mail account.); HIPAA Violation Leads To Prison Term (former UCLA Healthcare System surgeon gets four months in prison after admitting he illegally read private electronic medical records of celebrities and others.)

While criminal enforcement of HIPAA remains relatively rare and OCR to date only actually has assessed HIPAA civil monetary penalties against certain Covered Entities for violating HIPAA in a couple isolated instances, the growing list of multi-million dollar resolution payments that FMCNA and other covered entities caught violating HIPAA make clear that HIPAA enforcement is both meaningful and growing. See e.g., Learn From Children’s New $3.2M+ HIPAA CMP For “Knowing” Violation of HIPAA Security Rules ($3.2 million Children’s Medical Center HIPAA Civil Monetary Penalty); 1st HIPAA Privacy Civil Penalty of $4.3 Million Signals CMS Serious About HIPAA Enforcement; $400K HIPAA Settlement Shows Need To Conduct Timely & Appropriate Risk Assessments; $5.5M Memorial HIPAA Resolution Agreement Shows Need To Audit. For more examples, also see here.

Beyond the direct exposure of their health plan to HIPAA and other compliance liabilities, health plan fiduciaries also should note that their fiduciary responsibility under the Employee Retirement Income Security Act (ERISA) likely includes taking prudent steps to safeguard health plan information and maintain and administer their health plan in accordance with HIPAA. As a consequence, fiduciaries generally will want to ensure that they take and document prudent steps to evaluate, monitor and address HIPAA and other privacy and data security safeguards to minimize not only the liability exposures of their health plans, but also to help mitigate their own potential personal liability exposures that could arise or be asserted in response to a HIPAA breach or other HIPAA violation involving their health plans.

Coming on the heels of an already lengthy and growing list of OCR high dollar HIPAA enforcement actions, the FMCNA and other resolution agreements and civil monetary penalties these and other announced enforcement actions clearly reflect that OCR takes HIPAA compliance seriously and stands ready to impose substantial penalties when it finds violations in connection with breach notice investigations. Viewed in the context of these and other enforcement actions, the FMCNA Resolution Agreement and others clearly reflect the time for complacency in HIPAA compliance and leniency in HIPAA HIPAA enforcement are passed. Rather, these and other enforcement actions make clear why health care providers, health plans, healthcare clearinghouses and their business associates must make HIPAA compliance a priority now.

Covered entities and business associates also should recognize their potential responsibilities and risks for breaches or other improper conduct concerning patient or other sensitive personal financial information, trade secrets or other data under a wide range of laws beyond HIPAA and its state law equivalents. As documented by the media coverage of the legal and business woes of Alteryx, eBay, Paypal owner TIO Networks, Uber, Equifax and a long list of other previously trusted prominent businesses have and continue to incur from data breaches within their organizations, health care or other covered entities experiencing breaches often also face FTC or other government investigations and enforcement under the Fair and Accurate Credit Transactions Act (FACTA) and other federal or state identity theft, data privacy and security, electronic crimes and other rules as well as business losses and disruptions; civil litigation from breach victims, shareholders and investors, and business partners as well as OCR, FTC, and state data security regulation enforcement. Amid this growing concern, OCR has indicated that it intends to continue to diligently both seek to support and encourage voluntary compliance by covered entities and their business associates and investigate and enforce HIPAA against HIPAA covered entities and their business associates that fail to adequately safeguard PHI and ePHI in accordance with HIPAA. In the face of these growing risks and liabilities, covered entities and their business leaders face a strong imperative to clean up and maintain their HIPAA compliance and other data security to minimize their exposure to similar consequences.

In light of these rises, leaders, investors, insurers, lenders and others involved with covered entities and their business associates should take steps to verify that the covered entities and their business associates not only maintain compliance with HIPAA, but also comply with data security, privacy and other information protection requirements arising under other laws, regulations, and contracts, as well as the practical business risks that typically follow the announcement of a breach. Considering these risks, covered entities and their business associates must recognize and take meaningful, documented action to verify their existing compliance and ongoing oversight to ensure their organizations can demonstrate appropriate action to maintain appropriate practices, insurance and other safeguards to prevent, respond to and mitigate exposures in the event of a breach of protected health information or other sensitive data.

In response to these growing risks and concerns, covered entities and their business associates should ensure that they have conducted, and maintain and are ready to produce appropriate policies and procedures backed up by a well documented, up-to-date industry wide risk assessment of their organization’s susceptibility to breaches or other misuse of electronic or other protected health information. The starting point of these efforts should be to adopt and enforce updated written policies, procedures, technical and physical safeguards, processes and training to prevent the improper use, access, destruction or disclosure of patient PHI. Processes also should create, retain and be designed to cost effectively track, capture, and retain both all protected health information, its use, access, protection, destruction and disclosure, and the requisite supportive documentation supporting the appropriateness of those action to position the organization cost-effectively and quickly to fulfill required accounting, reporting and other needs in the event of a data breach, audit, participant inquiry or other event.

As part of this process, covered entities and business associates should start by reviewing and updating their policies, HIPAA audits and assessments and other documentation and processes. In doing so, they must use care to look outside the four corners of their Privacy Policies and core operating systems to ensure that their policies, practices, oversight and training address all protected health information within their operations on an entity wide basis. This entity-wide assessment should include both communications and requests for information normally addressed to the Privacy Officer as well as requests and communications that could arise in the course of media or other public relations, practice transition, workforce communication and other operations not typically under the direct oversight and management of the Privacy Officer.

Because the cost of responding to and investigating breaches or other compliance concern can be quite burdensome, covered entities and their business associates also generally will want to pursue options to plan for and minimize potential expenses in the design and administration of their programs as well as to minimize and cover the potentially extraordinary costs of breach or other compliance investigation and results that commonly arise following a breach or other compliance event. As a part of this planning, covered entities and their business associates also generally will want to add consideration of changes to federal tax rules on the deductibility of compliance penalty and other related compliance expenditures.

Constitute restitution (including remediation of property) for damage or harm which was or may be caused by the violation of any law or the potential violation of any law, or
Are paid to come into compliance with any law which was violated or otherwise involved in the investigation or inquiry into a violation or potential violation of any law;
Are identified as restitution or as an amount paid to come into compliance with such law, as the case may be, in the court order or settlement agreement, and
In the case of any amount of restitution for failure to pay any tax imposed under this title in the same manner as if such amount were such tax, would have been allowed as a deduction under this chapter if it had been timely paid.

Because the true effect of these modifications will be impacted by implementing regulations and a number of other special conditions and rules may impact the deductibility of these payments and the reporting obligations attached to their payment, covered entities will want to consult with legal counsel about these rules and monitor their implementation to understand their potential implications on compliance expenditures and penalties.

About The Author

Ms. Stamer also has an extensive contributes her leadership and insights with other professionals, industry leaders and lawmakers. Her insights on HIPAA risk management and compliance often appear in medical privacy related publications of a broad range of health care, health plan and other industry publications Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, SHRM, HIMMS, the American Bar Association, the Health Care Compliance Association, a multitude of health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others. You can get more information about her HIPAA and other experience here. For additional information about Ms. Stamer, see here, e-mail her here or telephone Ms. Stamer at (214) 452-8297.

About Solutions Law Press, Inc.™

Comments Off on $3.5M HIPAA Settlement Highlights Need To Prioritize Health Plan HIPAA Compliance in 2018 | Association Health Plan, board of directors, Brokers, church plan, Civil Monetary Penalties, Civil Rights, Claims Administration, Corporate Compliance, corporate governance, Cybercrime, Data Breach, Data Security, EBSA, employee, Employee Benefits, Employer, Employers, Employment, ERISA, FACTA, Fair Credit Reporting Act, fiduciary duty, Fiduciary Responsibility, GINA, health benefit, Health Benefits, health Care, health insurance, health insurance marketplace, health plan, Health Plans, HIPAA, HR, Human Resources, Identity Theft, Insurance, insurers, Internal Controls, Internal Investigations, Technology, third party administrators, Trade secret, Uncategorized | Tagged: Health Plans, HIPAA, Technology | Permalink
Posted by Cynthia Marcotte Stamer

DOL Spending Reports Required As Taxpayer Tool Need Improvement

January 24, 2018

Department of Labor (DOL) and other agencies’ spending reports posted at USASpending.gov to comply withthe Digital Accountability and Transparency Act of 2014 (DATA Act) are intended to help taxpayers, government leaders and others monitor and evaluate agency spending. However a new report from the DOL Office of Inspector General (OIG) found data reporting and other issues have compromised the reliability of the data reported in DOL reports posed on USASpending.gov.

The Data Act requires federal agencies to report spending data in accordance with new government-wide data standards developed by the Office of Management and Budget (OMB) and the Department of Treasury (Treasury). The data reports are posted on so taxpayers and policy makers understand how the Department is spending its funds. The Act requires federal agencies to report spending data in accordance with new government-wide data standards developed by the Office of Management and Budget (OMB) and the Department of Treasury (Treasury). The Act also requires the Inspectors General of each federal agency to conduct a review of the agency’s DATA Act compliance every two years and report on the completeness, timeliness, accuracy, and quality of the agency’s data.

The new report reports OIG’s findings from a performance audit OIG performed to assess: (1) the completeness, timeliness, accuracy, and quality of data submitted by the Department; and (2) the Department’s implementation and use of the Government-wide data standards established by OMB and Treasury for the Fiscal Year 2017 second quarter. While OIG found DOL effectively implemented and used the Government-wide data standards established by OMB and Treasury to prepare the reports and timely submitted the DATA Act required reports, it found numerous issues with the overall quality of the spending data it submitted for publication on USAspending.gov. Among other things, OIG reports that DOL:

Did not report all the required data elements for 19 percent of the transactions sampled. OIG found 77% of these errors occurred because the Department did not include Unique Record Identifiers for transactions when it was required to. This could cause issues when linking financial data with grant data on USAspending.gov.
74% of the transactions sampled contained an error in one or more data elements. OIG reports many of these errors resulted from issues in the Treasury’s DATA Act broker data extraction process.
Excluding those errors, 52% of the transactions sampled contained inaccurate information.
In addition to errors uncovered from OIG’s sampling audit, DOL also reported inaccurate program activity and object class codes for 5 and 7 percent of transactions, respectively, in its File B submission.

OIG attributes these errors in accuracy and completeness occurred because of data entry mistakes, data extraction issues, and weak data validation processes and concluded that these control deficiencies will have a negative impact on the quality of the data DOL reports until corrected.

Based on these findings, OIG has made eight recommendations to DOL’s Principal Deputy Chief Financial Officer to improve the quality of the data the DOL reports to USAspending.gov in the future and to strengthen internal controls over its data management processes.

While OIG reports DOL has concurred with these recommendations and has stated it has implemented additional controls, resulting in fewer errors with each submission, taxpayers and others using past reports need to consider the reported deficiencies in their evaluation and use of the data as well as assess the validity of future reported data for possible issues for future assessments. Even considering these issues, however, taxpayers and government leaders should consider consulting the data when investigating or evaluating DOL or other program activities or expenditures for policy, enforcement priority or other purposes.

About The Author

Before founding her current law firm, Cynthia Marcotte Stamer, P.C., Ms. Stamer practiced law as a partner with several prominent national and international law firms for more than 10 years before founding Cynthia Marcotte Stamer, P.C. to practice her unique brand of “Solutions law™” and to devote more time to the pragmatic policy and system reform, community education and innovation, and other health system improvement efforts of her PROJECT COPE: the Coalition on Patient Empowerment initiative.

About Solutions Law Press, Inc.™

Comments Off on DOL Spending Reports Required As Taxpayer Tool Need Improvement | 401(k), Civil Rights, Claims Administration, COBRA, compensation, compliance, Corporate Compliance, corporate governance, Defined Benefit Plans, Defined Contribution Plans, Discrimination, Disease Management, Drug & Alcohol, EBSA, EEOC, employee, Employee Benefits, Employer, Employers, Employment, Employment Discrimination, Employment Policies, enforcement, ERISA, Executive Compensation, Fair Labor Standards Act, family leave, fiduciary duty, Fiduciary Responsibility, FLSA, Government Accountability, Government Contractors, h-2A Visa, Health Benefits, health insurance, health insurance marketplace, health plan, Health Plans, HR, Human Resources, Insurance, insurers, Internal Controls, Labor Management Relations, LEP, LGBT, Management, medical leave, Mental Health, MEWA, Military Leave, mine safety, MSHA, NLRA, Obamacare, occupational safety, officers, OSHA, Overtime, Patient Empowerment, Pay, pension plan, Plan Admistrator, Prescription Drugs, Public Policy, Reporting & Disclosure, Retirement Plans, Retirements, Sexual Harassment, Unfair Labor Practice, Union, VEVRAA, Wellness Programs | Permalink
Posted by Cynthia Marcotte Stamer

Check & Protect Health & Other Electronic Systems & Data Against New Security Threat

January 17, 2018

Health plans, their employer, union, insurer or other sponsors, fiduciaries, administrative or other service providers and their vendors and advisors should act immediately to investigate if any action is needed to protect electronic protected health information or other sensitive data and systems in response to the following cyber risk alert from the Department Of Health and Human Services Office of Civil Rights.

TLP: WHITE: ASPR/CIP HPH Cyber Notice: Meltdown and Spectre Vulnerability Guidance UPDATE #1

January 17, 2018

DISCLAIMER: This product is provided “as is” for informational purposes only. The Department of Health and Human Services (HHS) does not provide warranties of any kind regarding any information contained within. HHS does not endorse any commercial product or service referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header.

TLP: WHITE information may be distributed without restriction (subject to standard copyright rules).

Healthcare and Public Health Sector partners-

The attached report is a technical update to the previously distributed HPH Cyber Notice covering chip vulnerabilities named Meltdown and Spectre. Both Meltdown and Spectre are vulnerabilities in how computer chips handle data that have the potential to expose sensitive information, such as protected health information (PHI), being processed on the chip. As this information is protected from disclosure under HIPAA, Healthcare and Public Health (HPH) entities should employ risk management processes to address these vulnerabilities and ensure the security of medical records and other PHI.

Major concerns for the HPH sector include but are not limited to:

• Challenges identifying vulnerable medical devices and accessory medical equipment and ensuring patches are validated to prevent impacts to the intended use.

• Cloud Computing: Potential PHI or Personally Identifiable Information (PII) data leakage in shared computing environments

• Web browsers: Possible PHI/PII data leakage

• Patches: Potential for service degradation and/or interruption from patches

The detailed report can be found here: Technical Report on Widespread Processor Vulnerabilities

Comments Off on Check & Protect Health & Other Electronic Systems & Data Against New Security Threat | 4980D, ADA, Association Health Plan, board of directors, Brokers, Civil Rights, compliance, Corporate Compliance, Cybercrime, Data Breach, Data Security, directors, Disease Management, Electronic Medical Record, Employee Benefits, Employer, Employers, ERISA, exchange, Fiduciary Responsibility, GINA, health benefit, Health Benefits, health Care, health insurance, health insurance marketplace, health plan, Health Plans, HIPAA, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

April 1 New Deadline To Update Benefit Plan Disability Determination Claims & Appeals Procesures; Hear More on 1/26

January 10, 2018

Employer and sponsors, fiduciaries, administrators and insurers of employee benefitplansof any type covered by the Employee Retirement Income Security Act (ERISA) making any disability based determinations now have until April 1, 2018 to bring their plans’ claims and appeals procedures for disability-based decisions and related notices and communications into compliance with substantially more complicated requirements in new Department of Labor Employee Benefit Security Administration (EBSA) regulations.

The EBSA announced on January 5, 2018 the extension of the effective date of new requirements for benefit plan processing and providing notification about claims or appeals involving disability determinations from their originally scheduled effective date of January 1, 2018 to April 1, 2018.

While the extension gives employer and other sponsors, fiduciaries, administrators and insurers of employee benefit plans making disability-based benefit determinations a few extra months to review and update their plan documents, summary plan descriptions, procedures, processes and claims and appeals notices to meet tightened new federal rules on disability-based benefit determinations applicable to all post December 31, 2017 claims under the restated Final Rule on Claims Procedure for Plans Providing Disability Benefits (“Disability Claims Rule”), the nature and scope of these new requirements will require updates to virtually all ERISA-covered benefit plans with any disability dependent provisions. These updates are likely to include changes to plan documents, summary plan descriptions, notices, contracts, processes and procedures for a broad range of plans. Consequently, employer and other plan sponsors, fiduciaries, administrators, insurers and others responsible for any benefit plan not already reviewed and updated to comply should get moving to complete the necessary review and update to meet the April 1, 2018 deadline.

Cynthia Marcotte Stamer and others will lead a free telephone study group discussion of “Claims Regulations and Other Developments Affecting Plan Fiduciaries” on January 26, 2018 beginning at 1 PM (Eastern), Noon (Central), 11 AM (Mountain), and 10 AM (Pacific). For more details about the Study Group, see here.

New Disability Claims Rule Overview

Originally published in final form by the EBSA on December 16, 2016, the Disability Claims Rule generally require all ERISA-covered employee benefit plans making any disability benefit or other determination conditioned upon a finding of disability to comply with the new Disability Claims Rule for any claim received after March 31, 2018.

Based on EBSA’s previously adopted Patient Protection and Affordable Care Act (“ACA”) group health plan claims and appeals rules, the new Final Disability Claims Rule will apply to all disability determinations made under any ERISA-covered plan after March 31, 2018, regardless of how the plan characterizes the benefit or whether the plan is a health or other welfare, pension, 401(k) plan or other savings plan.

The new Disability Claims Rule will apply to a broad range of plans, most of which historically have not followed the detailed claims and appeals notification, independent and impartial decision-making, rescission, deemed exhaustion, “culturally and linguistically appropriate” and other procedural protections and safeguards that the Disability Claims Rule extends from the current group health plan rules to all ERISA-covered plans making benefit determinations based on disability. Consequently covered plans making disability-based benefit or other covered determinations are likely to require updates to plan documents, insurance or administrative services contracts, summary plan descriptions and other plan communications, claims and appeals notices, and other related processes, procedures and documentation to meet these new requirements. Since certain requirements of the Disability Claims Rules like the summary plan description advance disclosure requirements are required to be provided before the claim is received, plans and their sponsors, fiduciaries, insurers and administrators risk being accused of violating these requirements by waiting to update plans, their processes and materials until after claim involving a disability based determination arises.

Ensuring that impacted plans are updated before the April 1, 2018 deadline is important because the Disability Claims Rule, like the group health plan claims and appeals rules upon which it is based, also states that noncompliance with any of its requirements empowers a participant to immediately sue the plan for enforcement if his rights without further complying the the plan’s administrative procedures. Moreover, failing to comply with summary plan disclosure or claims or appeal adverse benefit determination notification requirements also may subject the plan administrator to administrative penalties under ERISA section 514(c); fiduciaries to ERISA fiduciary liability, and compromise the ability to defend otherwise defensible decisions. Consequently, employers and other plan sponsors, fiduciaries, administrators and insurers will want to act quickly to ensure that their plans, their summary plan descriptions and other communications, notices, processes, contracts and procedures are updated appropriately before April 1, 218.

About The Author

About Solutions Law Press, Inc.™

Comments Off on April 1 New Deadline To Update Benefit Plan Disability Determination Claims & Appeals Procesures; Hear More on 1/26 | 401(k), ACA, Accommodation, Civil Rights, Claims Administration, COBRA, compensation, compliance, Corporate Compliance, defined benefit plan, Defined Benefit Plans, defined contribution plan, Defined Contribution Plans, Disability, Disability Plans, Disease Management, Drug & Alcohol, EBSA, Employee Benefits, Employer, Employers, Employment, Employment Policies, ERISA, Executive Compensation, family leave, fiduciary duty, Fiduciary Responsibility, Health Benefits, health insurance, health plan, Health Plans, HR, Human Resources, Insurance, insurers, Internal Controls, Labor Management Relations, medical leave, Mental Health, Patient Empowerment, pension plan, Prescription Drugs, Reporting & Disclosure, Retirement Plans, Retirements, Uncategorized, Union, Wellness Programs | Permalink
Posted by Cynthia Marcotte Stamer

Arizona Proposal To Ban Sexual Harassment Confidentiality Agreements Sign Of Growing Employer Risks

January 7, 2018

Arizona legislators are considering adopting legislation banning and rendering unenforceable agreements by employers or others to keep confidential or otherwise restrict the disclosure of allegations or other information about sexual harassment or sexual assault. If enacted as proposed, the proposed legislation could significantly impact employers, sexual harassment and sexual assault victims and witnesses, persons accused of sexual assault or harassment and others’ ability to negotiate, enforce or comply with provisions in new or preexisting employment policies, and settlement, severance and other agreements requiring confidentiality of or restricting disclosure of information about findings or allegations of sexual harassment or assault and related factual information.

As currently proposed, Arizona House Bill 2020 (HB 2020) would amend Section 1. Title 12, chapter 6, article 12, Arizona Revised Statutes, to include add a new section 12-720 that would read as follows

12-720. Confidentiality agreements; disclosure of information relating to sexual assault or sexual harassment; applicability

A. A CONFIDENTIALITY AGREEMENT THAT RESTRICTS THE DISCLOSURE OF FACTUAL INFORMATION THAT IS RELATED TO A SEXUAL ASSAULT OR SEXUAL HARASSMENT, INCLUDING FACTUAL INFORMATION THAT IS RELATED TO AN ALLEGATION OF OR ATTEMPTED SEXUAL ASSAULT OR SEXUAL HARASSMENT, IS AGAINST THIS STATE’S PUBLIC SAFETY AND POLICY AND IS VOID AND UNENFORCEABLE.

B. A PERSON MAY NOT ENTER INTO A CONFIDENTIALITY AGREEMENT THAT RESTRICTS THE DISCLOSURE OF FACTUAL INFORMATION THAT IS RELATED TO AN ALLEGATION OF OR ATTEMPTED SEXUAL ASSAULT OR SEXUAL HARASSMENT BY AN ELECTED OFFICIAL.

C. THIS SECTION DOES NOT APPLY TO THE DISCLOSURE OF A MINOR CRIME VICTIM’S MEDICAL OR PERSONAL IDENTIFYING INFORMATION OR TO OTHER INFORMATION THAT IS SPECIFICALLY PROTECTED FROM DISCLOSURE BY LAW.

Based on this currently proposed language, enactment of HB 2020’s sexual harassment and assault confidentiality restrictions almost certainly will dramatically impact both the financial, reputation and legal liability exposures of individuals accused of sexual harassment or assault and their employers or others potentially responsible for the investigation, management or liability for the alleged harasser’s behavior, behavior, as well as the privacy, retaliation and other concerns of sexual harassment or assault victims and witnesses. Certainly, HB 2020 would preclude or limit the ability of executives or other individuals accused of sexual harassment or assault from hiding their isolated or recurrent actual or alleged misconduct behind confidentiality or nondisclosure provisions in settlement or other contracts, handbooks, investigation, compliance or other policies. Likewise, HB 2020’s prohibitions against agreements requiring the maintenance of confidentiality of information about alleged or actual sexual harassment or assaults also can be expected to make it more difficult for employers to defend or mitigate their exposure to liability for alleged sexual harassment or assaults by making it much easier for alleged victims, their attorneys and the Equal Employment Opportunity Commission and other government agencies to investigate and obtain evidence about the conduct of the accused and the actions of his or her employer to other events or charges of sexual harassment or assault. Among other things, more free availability of this information is likely to make it easier for sexual harassment or assault victims, their plaintiff’s lawyers and the EEOC or other agencies and advocates to uncover, pursue enforcement and recover damages from employers through individual, class action or serial sexual harassment investigations and lawsuits as well as to rebut efforts of employers and those accused to mitigate damages and other liability.

While many might celebrate these expected effects of HB 2020 in helping to hold harassers and their employers more accountable for misconduct and to safeguard others from becoming future victims, HB 2020 also carries the risk of a number of potentially undesirable side effects for sexual harassment and assault victims and witnesses, employer and other investigators and those wrongfully accused. Because victims and witnesses to sexual harassment often fear embarrassment, retaliation or other adverse consequences from their report or involvement in a charge or investigation, sexual harassment and other policies and the employers and others responsible for administering and enforcing sexual harassment policies typically offer assurances of confidentiality and other nondisclosure to encourage and reassure victims and witnesses to report concerning behavior and to help prevent retaliation against victims and witnesses reporting or cooperating in sexual harassment and assault investigations. While HB 2020 includes a provision that appears intended to preserve the confidentiality of the identity and medical information of victims, the technical concealment of names and medical information as a practical matter generally provides an inadequate shield for victims or witnesses when other information otherwise remains discoverable. Consequently, confidentiality restrictions like those proposed in HB 2020 could backfire against these victims and witnesses and employers legitimately working to protect them by enhancing victim and witness reluctance to report or cooperate in sexual harassment investigations as well as inflict substantial and irreversible injury upon the personal and professional reputations of individuals wrongfully accused. The confidentiality prohibitions of HB 2020 are likely to undermine the ability of employers, victims and witnesses to use confidentiality requirements legitimately to prevent unjustified retaliation, loss of privacy and other adverse consequences to victims, witnesses and those wrongfully accused. Likewise, restrictions on confidentiality also can be expected to undermine the ability of victims to secure compensation from guilty parties and their employers without litigation as accused parties and their employer as the inability to enforce confidentiality will undermine the settlement value of questionable charges by enhancing the potential need to dispute and defend such charges to avoid becoming targeted by other accusations concurrently or in the future.

Obviously, these and other potential implications of HB 2020 make it highly advisable that businesses, management, individuals, insurers and others potentially subject to HB 2020 will want to carefully assess the implications of HB 2020 and provide input to the Arizona legislature. Given the wave of recent publicity triggered over the past year from widespread reporting of sexual harassment and related charges and resulting resignations and lawsuits and settlements involving sexual harassment charges levied against high profile entertainers, business leaders and others, employers, management and business leaders, victims, witnesses, insurers and other operating outside the jurisdiction of Arizona law can anticipate that they also may face similar legislative, regulatory or other challenges to confidentiality and nondisclosure policies and agreements concerning sexual harassment and assault allegations, investigations and settlements. Because of these and other concerns, employers, victims, witnesses, investigators, insurers and others with responsibility for or involvement with sexual harassment and assault concerns across the nation should both carefully monitor these developments as well as the reliability and effectiveness of their past and existing sexual harassment, investigations, anti-retaliation, confidentiality and other related policies, confidentiality and nondisclosure provisions in settlement agreements, and other potentially impacted agreements, policies and practices. Employers and other individuals or organizations in the scope of potential liability for sexual harassment or assault charges also may wish to consider strengthening existing anti-harassment policies, investigation practices, insurance coverage and other prevention and risk management arrangements to mitigate their sexual harassment risks.

About The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for management work, coaching, teachings, and publications.

Ms. Stamer works with businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of human resources and workforce, internal controls and regulatory compliance, change management and other performance and operations management and compliance. Her day-to-day work encompasses both labor and employment issues, as well as independent contractor, outsourcing, employee leasing, management services and other nontraditional service relationships. She supports her clients both on a real-time, “on demand” basis and with longer term basis to deal with all aspects for workforce and human resources management, including, recruitment, hiring, firing, compensation and benefits, promotion, discipline, compliance, trade secret and confidentiality, noncompetition, privacy and data security, safety, daily performance and operations management, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.

Well-known for her extensive work with health, insurance, financial services, technology, energy, manufacturing, retail, hospitality, governmental and other highly regulated employers, her nearly 30 years’ of experience encompasses domestic and international businesses of all types and sizes including extensive involvement for more than providing training for management and others and helping management, liability insurers and others to develop, administer, enforce, defend and mitigate sexual harassment and other related employment risks.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service as a management consultant, business coach and consultant and policy strategist as well through her leadership participation in professional and civic organizations such her involvement as the Vice Chair of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; a member and policy adviser to the National Physicians’ Council for Healthcare Policy; current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; ABA Real Property Probate and Trust (RPTE) Section former Employee Benefits Group Chair, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative, and Defined Contribution Committee Co-Chair, past Welfare Benefit Committee Chair and current Employee Benefits Group Fiduciary Responsibility Committee Co-Chair, Substantive and Group Committee member, Membership Committee member and RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association and others.

Ms. Stamer also is a widely published author, highly popular lecturer, and serial symposia chair, who publishes and speaks extensively on sexual harassment and other human resources, labor and employment, employee benefits, compensation, occupational safety and health, and other leadership, performance, regulatory and operational risk management, public policy and community service concerns, who has received high praise for workshops and training programs she conducts on “What To Do When Your Employee’s Personal Life Becomes Your Business,” “Sex, Drugs & Rock ‘N Role in the Workplace,” and other sexual harassment, investigations, privacy and related programs for SHRM, the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications.

Want to know more? See here for details about the author of this update, attorney Cynthia Marcotte Stamer, e-mail her here or telephone Ms. Stamer at (469) 767-8872.

About Solutions Law Press, Inc.™

©2018 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication, please contact the author. directly. All other rights reserved

Comments Off on Arizona Proposal To Ban Sexual Harassment Confidentiality Agreements Sign Of Growing Employer Risks | directors, EEOC, Employee Handbook, Employer, Employers, Employment, Employment Agreement, Employment Discrimination, Employment Policies, ERISA, Excise Taxes, Executive Compensation, Exempt, Human Resources, OFCCP, Rehabilitation Act, Retaliation, Safety, Sexual Harassment, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

$23M Penalty Small Part of 21st Century’s Data Breach Fallout; Offers Data Breach Lessons For Other Businesses

January 5, 2018

Continuing Fallout of 2015 Data Breach Provides Many Lessons For Other Businesses & Their Health Plans

Read the rest of this entry »

Comments Off on $23M Penalty Small Part of 21st Century’s Data Breach Fallout; Offers Data Breach Lessons For Other Businesses | ADA, Association Health Plan, Banking, Bankruptcy, board of directors, Brokers, Cafeteria Plans, Civil Monetary Penalties, Claims Administration, compensation, compliance, Consumer Protection, Corporate Compliance, corporate governance, Cybercrime, Data Breach, Data Security, defined benefit plan, Defined Benefit Plans, defined contribution plan, Defined Contribution Plans, Disability, EBSA, employee, Employee Benefits, Employer, Employers, Employment, Employment Policies, ERISA, Excise Taxes, FACTA, Fiduciary Responsibility, Form 5500, health benefit, Health Benefits, health Care, health insurance, health insurance marketplace, health plan, Health Plans, HIPAA, HR, Human Resources, Identity Theft, Internal Revenue Code, IRC, Labor Management Relations, Management, Mental Health, Pay, pension plan, Reporting & Disclosure, retirement plan, Retirement Plans, Retirements, Salaried, Tax, Uncategorized | Tagged: Cyber Security, Cybercrime, Data Breach, HIPAA, Identity Theft, Privacy, Technology | Permalink
Posted by Cynthia Marcotte Stamer

Check How IRS 2018 Retirement & Saving Plan Limits and Amounts Cost Of Living Adjustments Impact Your HR & Retirement Plan Administration & Planning

December 18, 2017

Employers, employee benefit plan sponsors and administrators, vendors and their advisors and service providers should re-evaluate their existing payroll and other settings and elections, planning, testing and related strategies and assumptions in light of the 2018 annual cost-of-living adjustments (COLAs) to the dollar limitations applicable to the Internal Revenue Code Section 415 qualified retirement plans benefit and contribution limits announced by the Internal Revenue Service (IRS) in Notice 2017-64, IRB 2017-45 on November 6, 2017.

H.R. 1, Tax Cuts and Jobs Act (Tax Refirm Bill) reported out of the Conference Committee last week and scheduled for a vote before Congress tomorrow leaves these limits substantially unchanged.

Notice 2017-64 adjusts the dollar limitations applicable to the Internal Revenue Code Section 415 qualified retirement plans benefit and contribution limits. The Section 415 limitations COLAs are made and published annually to comply with Section 415(d)’s requirement that the Treasury Security annually adjust these limits for cost-of-living increases. Other limitations applicable to deferred compensation plans are also affected by these adjustments under § 415. Under § 415(d), the adjustments are to be made under adjustment procedures similar to those used to adjust benefit amounts under § 215(i)(2)(A) of the Social Security Act.

In addition to impacting contribution limits permitted to defined benefit, 401(k) and other defined contribution and other plans, the changes can impact the definition of highly compensated employees, discrimination testing, plan funding and a broad range of employee benefit, compensation, tax, payroll, union or other contracting and other concerns for employers, employee benefit plan sponsors, fiduciaries, administrators, payroll, plan and other vendors, participants and beneficiaries and others.

The following is a chart of the adjusted limits compared to the currently applicable 2017 limitations. (Download chart)

2018 IRC Retirement Plan COLAs chart only

Employers, employee benefit plan sponsors, fiduciaries, administrators and other vendors, participants and beneficiaries and others working with employee benefit plans or compensation contributed to these arrangements should review these new 2018 COLA limitations to assess their potential impact and make appropriate adjustments to avoid compliance challenges or other unfortunate surprises in 2018. If they already have not already done so, reviewing the 2018 Social Security Act COLAs also would be wise. See 2018 Social Security COLAs Set.

About The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for management work, coaching, teachings, and publications.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service as a management consultant, business coach and consultant and policy strategist as well through her leadership participation in professional and civic organizations such her involvement as the Vice Chair of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; a member and policy adviser to the National Physicians’ Council for Healthcare Policy; current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; ABA Real Property Probate and Trust (RPTE) Section former Employee Benefits Group Chair, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative, and Defined Contribution Committee Co-Chair, past Welfare Benefit Committee Chair and current Employee Benefits Group Fiduciary Responsibility Committee Co-Chair, Substantive and Group Committee member, Membership Committee member and RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association and others.

Ms. Stamer also is a widely published author, highly popular lecturer, and serial symposia chair, who publishes and speaks extensively on human resources, labor and employment, employee benefits, compensation, occupational safety and health, and other leadership, performance, regulatory and operational risk management, public policy and community service concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications.

Want to know more? See here for details about the author of this update, attorney Cynthia Marcotte Stamer, e-mail her here or telephone Ms. Stamer at (469) 767-8872.

About Solutions Law Press, Inc.™

Comments Off on Check How IRS 2018 Retirement & Saving Plan Limits and Amounts Cost Of Living Adjustments Impact Your HR & Retirement Plan Administration & Planning | 401(k), Association Health Plan, Brokers, compensation, compliance, defined benefit plan, Defined Benefit Plans, defined contribution plan, Defined Contribution Plans, Disability, Disability Plans, employee, Employee Benefits, Employer, Employers, Employment, Employment Policies, Employment Tax, ERISA, ESOP, Excise Taxes, Form 5500, Health Plans, HR, Human Resources, Internal Revenue Code, IRC, Labor Management Relations, Management, Pay, pension plan, Reporting & Disclosure, retirement plan, Retirement Plans, Retirements, Salaried, Tax, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Confirm Your Benefit Plans Ready For New Disability Determination Rules on 1/1/18

December 14, 2017

Employer and other sponsors, fiduciaries, administrators and insurers of the Employee Retirement Income Security Act (ERISA)-covered employee benefit plans making disability-based benefit determinations should confirm that their plan documents, summary plan descriptions, procedures and claims and appeals notices are updated and ready to meet tightened new federal rules on disability-based benefit determinations applicable to all post December 31, 2017 claims under the restated Final Rule on Claims Procedure for Plans Providing Disability Benefits (“Disability Claims Rule”). Given the nature and scope of these new requirements, most covered plans will require specific action be taken before the new rules take effect to update plan documents, summary plan descriptions, notices, contracts, processes and procedures to meet the January 1, 2018 deadline.

The Disability Claims Rule published by the Department of Labor Employee Benefit Security Administration (“EBSA”) on December 19, 2016 generally require all ERISA-covered employee benefit plans making any disability benefit or other determination conditioned upon a finding of disability to comply with the new Disability Claims Rule for any claim received after December 31, 2017.

The new Final Disability Claims Rule will apply to all disability determinations made under any ERISA-covered plan after December 31, 2017, regardless of how the plan characterizes the benefit or whether the plan is a health or other welfare, pension, 401(k) plan or other savings plan.

Significant affirmative action is likely required to prepare covered plans to meet these requirements since most plans historically have not followed the detailed claims and appeals notification, independent and impartial decision-making, rescission, deemed exhaustion, “culturally and linguistically appropriate” and other procedural protections and safeguards based on EBSA’s previously adopted Patient Protection and Affordable Care Act (“ACA”) group health plan claims and appeals rules, which the Disability Claims Rules extend and make applicable to all ERISA-covered plans making benefit determinations based on disability. Covered plans making disability-based benefit or other covered determinations are likely to require updates to plan documents, insurance or administrative services contracts, summary plan descriptions and other plan communications, claims and appeals notices, and other related processes, procedures and documentation to meet these new requirements. Since certain requirements of the Disability Claims Rules like the summary plan description advance disclosure requirements are required to be provided before the claim is received, plans and their sponsors risk being accused of violating these requirements by waiting to update plans, their processes and materials until after claim involving a disability based determination arises.

Ensuring that impacted plans are updated before the January 1, 2018 deadline is important because the Disability Claims Rule, like the group health plan claims and appeals rules upon which it is based, also states that noncompliance with any of its requirements empowers a participant to immediately sue the plan for enforcement if his rights without further complying the the plan’s administrative procedures. Moreover, failing to comply with summary plan disclosure or claims or appeal adverse benefit determination notification requirements also may subject the plan administrator to administrative penalties under ERISA section 514(c). Consequently, employers and other plan sponsors, fiduciaries, administrators and insurers will want to act quickly to ensure that their plans, their summary plan descriptions and other communications, notices, processes, contracts and procedures are updated appropriately before January 1, 2018.

About The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for management work, coaching, teachings, and publications.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service as a management consultant, business coach and consultant and policy strategist as well through her leadership participation in professional and civic organizations such her involvement as the Vice Chair of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; a member and policy adviser to the National Physicians’ Council for Healthcare Policy; current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; ABA Real Property Probate and Trust (RPTE) Section former Employee Benefits Group Chair, immediatepast RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative, and Defined Contribution Committee Co-Chair, past Welfare Benefit Committee Chair and current Employee Benefits Group Fiduciary Responsibility Committee Co-Chair, Substantive and Group Committee member, Membership Committee member and RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association and others.

Ms. Stamer also is a widely published author, highly popular lecturer, and serial symposia chair, who publishes and speaks extensively on human resources, labor and employment, employee benefits, compensation, occupational safety and health, and other leadership, performance, regulatory and operational risk management, public policy and community service concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, BenefitsMagazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications.

Want to know more? See here for details about the author of this update, attorney Cynthia Marcotte Stamer, e-mail her here or telephone Ms. Stamer at (469) 767-8872.

About Solutions Law Press, Inc.™

Comments Off on Confirm Your Benefit Plans Ready For New Disability Determination Rules on 1/1/18 | 401(k), ACA, ADA, Affordable Care Act, Appeals, board of directors, Brokers, Cafeteria Plans, Claims, Claims Administration, compensation, compliance, Construction, Corporate Compliance, defined benefit plan, Defined Benefit Plans, defined contribution plan, Defined Contribution Plans, directors, Disability, Disability, Disability Plans, Drug & Alcohol, EBSA, employee, Employee Benefits, Employee Handbook, Employer, Employers, Employment, Employment Policies, ERISA, Executive Compensation, family leave, Fiduciary Responsibility, health benefit, Health Benefits, health insurance, Leave, Management, medical leave, Mental Health, Mental Health Parity, Obamacare, Patient Protection & Affordable Care Act, Pay, pension plan, Plan Admistrator, Professional Liability, third party administrators, Uncategorized, Union, Worker | Tagged: Appeals, Claims, defined benefit plan, Disability, Disability Insurance, Disability Plan, EBSA, Employee Retirement Income Security act, ERISA, Fiduciary Responsibility, pension plan | Permalink
Posted by Cynthia Marcotte Stamer

IRS Prepares To Nail Employers Under Obamacare Mandate While Giving Some Individual Mandate Relief

December 12, 2017

The Internal Revenue Service (“IRS”) is acting to help Patient Protection and Affordable Care Act (“Obamacare”) health subsidy-eligible individuals living in regions where exchange insurers do not offer bronze (lowest cost) coverage even as it moves ahead to nail employers failing to comply with Obamacare’s employer shared responsibility rules (commonly referred to as the “employer mandate”). The move comes as House and Senate Conferees are preparing to conference to work out differences in the tax bill which could repeal the Obamacare individual mandate penalty for failing to maintain coverage while leaving intact penalties against employers violating the employer mandate by failing to offer affordable minimum essential coverage as well as other Obamacare penalties on plans and their employers.

IRS New Individual Obamacare Relief

Notice 2017-74 will provide that Individuals who are not eligible for coverage under an eligible employer-sponsored plan and who lack access to affordable coverage should not be denied the use of the affordability exemption under § 5000A(e)(1) of the Code and § 1.5000A-3(e) of the Regulations merely because they reside in an area served by a Marketplace that does not offer a bronze-level plan. Consequently, for purposes of the affordability exemption under § 5000A(e)(1) and § 1.5000A-3(e), if an individual resides in a rating area served by a Marketplace that does not offer a bronze plan, the individual generally should use as his or her applicable plan the lowest cost metal-level plan available in the Marketplace serving the rating area in which the individual resides.

Notice 2017-74 will be in IRB 2017-51, dated December 18, 2017.

Employer’s Still Face Obamacare Penalties

While the IRS has issued limited relief for individuals from the ACA’s individual mandate penalties, so far it has remained steadfast in its refusal to grant employers corresponding relief from the ACA employer shared responsibility penalties or other ACA penalties. Instead, IRS officials continue to make clear that the IRS intends to enforce the ACA employer shared responsibility rules against employers with 50 or more full-time employees (including full-time equivalent employees) (“covered employers”).

Under the Obamacare employer mandate rules, covered employers face significant Federal tax penalties for (1) failing to offer minimal essential coverage to substantially all full-time employees and their dependents (the “A Penalty”), or (2) offering coverage that is either “unaffordable” or does not provide “minimum value” (the “B Penalty”) (referred to collectively as the “ACA Penalties”) if a full-time employee enrolls in the Health Insurance Marketplace (the “Exchange”) and receives a Premium Tax Credit.

While many employers assumed President Trump’s January 20, 2017 Executive Order Executive Order Minimizing the Economic Burden of the Patient Protection and Affordable Care Act Pending Repeal would insulate them against enforcement of the employer mandate and other Obamacare penalties, the IRS doesn’t see the Executive Order as barring its enforcement of Obamacare against sponsoring employers or their group health plans. An April 14, 2017 IRS Chief Counsel letter, for instance, the IRS announced it does not interpret its discretionary authority under Obamacare to allow waiver of the employer mandate tax imposed under Internal Revenue Code Section 4980H against covered employers that fail to provide the affordable minimum essential coverage required by the employer mandate. In keeping with this interpretation, the IRS has announced that it will begin enforcement of the employer mandate tax liability for plan years after 2015 against covered employers that failed to meet the employer mandate.

Of course, the employer mandate is not the only Obama care provision that employers and their health plans need to worry about. In addition to the employer mandate, Obamacare imposed a host of patient protection and other federal mandates upon employer-sponsored plans, most of which apply to plans covering two or more employees. In addition to any benefit and other administrative penalties that otherwise arise under the Employee Retirement Income Security Act and/or the Social Security Act for violating these mandates, employers sponsoring plans that violate any of 40 listed mandates imposed by Obamacare or certain other federal laws also become liable under Internal Revenue Code Section 6039D to self-identify, self-assess, report on Form 8928 and pay an excise tax equal to $100 per person per uncorrected violation. The IRS, Department Of Labor and Department Of Health and Human Services have taken the position the January 20 Executive Order also does not bar enforcement of those Obamacare penalties. Accordingly, employers and their group health plans continue to face potentially substantial liability if their group health plan does not comply with Obamacare.

In the face of these exposures, employers and their group health plan administrators, fiduciaries and advisors should carefully review their plans and their administration for compliance before the end of the plan year so as to be able to take appropriate and timely corrective action before penalties attach and while stop loss or other insurance is available to help mitigate the cost of these corrections. Employers preparing for upcoming health plan renewals also should review their group contracts and conduct due diligence to verify their group health plan terms and operations meet the mandates as they initiate new plan years. Employers also generally will want to review their compliance and take action to address any deficiencies against any vendors or advisers who may have culpability in the defective health plan design or administration. Prompt action against vendors who may be culpable for the design or administration defects is necessary to preserve potential claims for contractual, deceptive trade practices or other causes of action that an employer might have under state contract, tort or other law. Employers and health plan fiduciaries should consider engaging experienced legal counsel to conduct this review on behalf of the employer other plan sponsor within the scope of attorney-client privilege so as to assess and address these potential risks on a timely basis and explore options within the scope of privilege. Brokers, advisors, consultants and insurers whose employer clients also may want to assess compliance risks and/or urge their clients to do so to help minimize their exposure to malfeasance or other claims from clients angry about penalties and other unexpected costs of noncompliance.

About The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for management work, coaching, teachings, and publications.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service as a management consultant, business coach and consultant and policy strategist as well through her leadership participation in professional and civic organizations such her involvement as the Vice Chair of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; a member and policy adviser to the National Physicians’ Council for Healthcare Policy; current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; ABA Real Property Probate and Trust (RPTE) Section former Employee Benefits Group Chair, immediatepast RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative, and Defined Contribution Committee Co-Chair, past Welfare Benefit Committee Chair and current Employee Benefits Group Fiduciary Responsibility Committee Co-Chair, Substantive and Group Committee member, Membership Committee member and RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association and others.

Ms. Stamer also is a widely published author, highly popular lecturer, and serial symposia chair, who publishes and speaks extensively on human resources, labor and employment, employee benefits, compensation, occupational safety and health, and other leadership, performance, regulatory and operational risk management, public policy and community service concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, BenefitsMagazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications.

Want to know more? See here for details about the author of this update, attorney Cynthia Marcotte Stamer, e-mail her here or telephone Ms. Stamer at (469) 767-8872.

About Solutions Law Press, Inc.™

Comments Off on IRS Prepares To Nail Employers Under Obamacare Mandate While Giving Some Individual Mandate Relief | 105(h), 5000, ACA, compliance, Employee Benefits, Employer, Employers, Employment, Employment Policies, Employment Tax, ERISA, Excise Taxes, health benefit, Health Benefits, health Care, health insurance, health insurance marketplace, health plan, Health Plans, health reform, Human Resources, Premium Subsidies, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Consider Internal Investigation & Defense Costs When Administering Compliance Programs

December 5, 2017

The Justice Department’s report Tuesday that the Justice Department spent $3.2 million on Special counsel Robert Mueller’s Russia probe its first four-and-a-half months highlights the importance for leaders accountable for their organizations’s Federal Sentencing Guideline, sexual harassment and other corporate compliance programs to appropriately plan and budget for potential investigation and defense costs as part of their compliance and risk management planning.

Conducting an internal investigation or defending a government or other allegation of wrongdoing often proves surprisingly expensive. While how much an internal investigation costs can vary widely depending on the issue, its potential civil and criminal liability and public relations implications on the organization and its management, it’s timing, the adequacy of the pre-event compliance management and record keeping relating to the issue, and a host of other concerns, investigation and defense costs often become largely irrelevant when an organization is required to investigate or defend against charges of legal or other business misconduct that expose the organization or its leadership to potentially devastating legal or business consequences. When these events happen, organizations and their leaders often see little option to spend whatever is necessary to defend their organization and its reputation.

Compared to the reported internal investigation and defense expenditures of private sector organizations that have faced these these make or break investigations, the Justice Department’s reported expenditures to date on the Russian probe look small.

For instance, Twenty-First Century Fox in March, 2017 Securities and Exchange Commission (SEC) filings disclosed spending $45 million tied to litigation related to harassment allegations in the 9 first three quarters of 2017 and $10 million “related to settlements of pending and potential litigations” during its fiscal third quarter as well as having received investigative inquiries and stockholder demands to inspect the books and records of the company which could lead to future litigation in the aftermath of sexual harassment allegations at Fox News.

In contrast, Avon Products spent nearly $500 million conducting its internal investigation before paying a $135m fine to the US government to settle charges it violated the Foreign Corrupt Practices Act by giving Chinese authorities $8 million in gifts and cash while it sought to obtain the first “direct sell” license in China.

These and other publicly disclosed expenditures make clear that corporate officers and directors need to reassess their investment in compliance both to strengthen the effectiveness of their efforts and to plan to deal with the financial, legal, operational and other costs of investigating and defending potential charges.

Aboaut The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for management work, coaching, teachings, and publications.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service as a management consultant, business coach and consultant and policy strategist as well through her leadership participation in professional and civic organizations such her involvement as the Vice Chair of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; a member and policy adviser to the National Physicians’ Council for Healthcare Policy; current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; ABA Real Property Probate and Trust (RPTE) Section former Employee Benefits Group Chair, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative, and Defined Contribution Committee Co-Chair, past Welfare Benefit Committee Chair and current Employee Benefits Group Fiduciary Responsibility Committee Co-Chair, Substantive and Group Committee member, Membership Committee member and RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association and others.

Want to know more? See here for details about the author of this update, attorney Cynthia Marcotte Stamer, e-mail her here or telephone Ms. Stamer at (469) 767-8872.

About Solutions Law Press, Inc.™

DOL Announces $40M in Hurricane Unemployment Help

Employers Should Manage Potential Unfair Labor Practice Risks From Recording, Acceptable Use, Fighting, Integrity & Other Employment Policies.

Comments Off on Consider Internal Investigation & Defense Costs When Administering Compliance Programs | ADA, Affirmative Action, board of directors, Brokers, Child Labor, Civil Monetary Penalties, Civil Rights, Claims Administration, compliance, conflict of interest, Corporate Compliance, corporate governance, Data Breach, Data Security, directors, E-Verify, EEOC, Employers, Employment, Employment Discrimination, Employment Policies, Employment Tax, English As A Second Language, ERISA, Executive Compensation, Fair Credit Reporting Act, Fair Labor Standards Act, FICA, fiduciary duty, Fiduciary Responsibility, Financial Security, FINRA, FLSA, GINA, Government Contractors, h-2A Visa, health benefit, health plan, HIPAA, Human Resources, I-9, Identity Theft, Insurance, insurers, Internal Controls, Internal Investigations, Labor Management Relations, Leadership, LEP, LGBT, Management, Managment, Military Leave, Non-Compete, Nonresident aliens, occupational safety, OFCCP, officers, OSHA, Overtime, Pay, Plan Admistrator, Privacy, Professional Liability, Rehabilitation Act, Retaliation, Safety, Uncategorized, USERRA, VEVRRA, visas, Wage & Hour, Whistleblower, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

Jennifer A. Abruzzo Named NLRB Acting General Counsel

November 1, 2017

The National Labor Relations Board (NLRB) announced today the appointment of Jennifer A. Abruzzo to serve as NLRB’s Acting General Counsel.

Although Ms. Abruzzo original began her legal career as a civil litigation attorney in the medical malpractice division of a South Florida firm, she has spent almost twenty-three years working for the NLRB in various capacities, including as Field Attorney, Supervisory Field Attorney and Deputy Regional Attorney in the Miami, Florida office, as well as Deputy Assistant General Counsel in the Division of Operations-Management in Washington, DC, where she oversaw Regional operations in the Northeast and Midwest.

Prior to becoming Deputy General Counsel, Ms. Abruzzo served as the Executive Assistant to Acting General Counsel Lafe E. Solomon, and detailed in that role for General Counsel Ronald E. Meisburg. In 2011 her involvement at the NLRB drew public attention when an e-mail sent to her by then NLRB Deputy Assistant General Counsel Joseph Baniszewski forwarding a political cartoon mocking the state of South Carolina with regard to Boeing Corporation’s decision to locate its manufacturing facility to South Carolina was made public.

During her career with NLRB, she has participated in the litigation of numerous high profile cases.

About The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for management work, coaching, teachings, and publications.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service as a management consultant, business coach and consultant and policy strategist as well through her leadership participation in professional and civic organizations such her involvement as the Vice Chair of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; a member and policy adviser to the National Physicians’ Council for Healthcare Policy; current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; ABA Real Property Probate and Trust (RPTE) Section former Employee Benefits Group Chair, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative, and Defined Contribution Committee Co-Chair, past Welfare Benefit Committee Chair and current Employee Benefits Group Fiduciary Responsibility Committee Co-Chair, Substantive and Group Committee member, Membership Committee member and RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association and others.

Want to know more? See here for details about the author of this update, attorney Cynthia Marcotte Stamer, e-mail her here or telephone Ms. Stamer at (469) 767-8872.

About Solutions Law Press, Inc.™

1 Comment | board of directors, compliance, directors, employee, Employee Handbook, Employer, Employers, Employment, Employment Agreement, Employment Policies, ERISA, health plan, Human Resources, Internal Controls, Internal Investigations, Loyalty, Management, Managment, NLRA, Non-Compete, Non-Competition Agreement, Uncategorized, Unfair Labor Practice, Union, Workforce | Tagged: Economy, Employer, Hiring, HR, Job Growth, Labor, Labor Management Relations, Labor Pool, Labor Statistics, Management, Recruiting, Workforce | Permalink
Posted by Cynthia Marcotte Stamer

2018 Social Security COLAs Set

October 14, 2017

Monthly Social Security and Supplemental Security Income (SSI) benefits for more than 66 million Americans will increase 2.0 percent in 2018.

The Social Security Administration announced the 2.0 cost of living adjustment (COLA) Friday announced a 2% increase in benefits for 2018.

The largest COLA increase since 2012 will increase the benefits payable to more than 61 million Social Security beneficiaries in January 2018. Increased payments to more than 8 million SSI beneficiaries will begin on December 29, 2017. The Social Security Administration deducts $1 from benefits for each $3 earned over $45,360 until the month the worker turns age 66.)

There is no limit on earnings for workers who are “full” retirement age or older for the entire year.

The slight increase in benefits also may result in a corresponding decrease in disability benefits under plans that integrate or otherwise offset plan benefits with Social Security.

Information about Medicare COLAs for 2018, when announced, will be available at www.Medicare.gov.

About The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for management work, coaching, teachings, and publications.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service as a management consultant, business coach and consultant and policy strategist as well through her leadership participation in professional and civic organizations such her involvement as the Vice Chair of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; a member and policy adviser to the National Physicians’ Council for Healthcare Policy; current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; ABA Real Property Probate and Trust (RPTE) Section former Employee Benefits Group Chair, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative, and Defined Contribution Committee Co-Chair, past Welfare Benefit Committee Chair and current Employee Benefits Group Fiduciary Responsibility Committee Co-Chair, Substantive and Group Committee member, Membership Committee member and RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association and others.

Want to know more? See here for details about the author of this update, attorney Cynthia Marcotte Stamer, e-mail her here or telephone Ms. Stamer at (469) 767-8872.

About Solutions Law Press, Inc.™

▪ RAISE Act Immigration Reforms Touted As “Giving Americans A Raise”

▪ Health Clinic At Houston Convention Center, Other HHS Help For Hurricane Harvey Victims

▪ IRS Updates Amounts Used To Calculate 2017 Obamacare Individual Individual Shares Responsibility Tax Penalties

▪ DB Plan Sponsors Check Out New Bifurcated Distribution Model Amendmentsy

▪ U.S. News Names 2017-2018 “Best” Hospitals; Patient Usefulness Starts With Metholodogy Understanding

▪ Use Lessons Of Past Mistakes or Injustice To Build Better Future

▪ Prepare For Turnover, Other Challenges From Rising Workforce Competition

▪ Employers, Health Plans Should Brace For Tightened Federal Mental Health Coverage Mandate Disclosure And Enforcement

▪ Withholding Calculator Tool Helps Workers Figure Withholding

▪ Better Preparing U.S. Workers To Fill Your Jobs

▪ SCOTUS Ruling Bars Many State Arbitration Agreement Restrictions

▪ $2.4M HIPAA Settlement Message Warns Health Plans & Providers Against Sharing Medical Info With Media, Others

Comments Off on 2018 Social Security COLAs Set | Claims Administration, defined benefit plan, Defined Benefit Plans, Disability, Disability Plans, Employee Benefits, Employer, Employers, Employment, ERISA, HR, Human Resources, pension plan, retirement plan, Retirement Plans, Retirements, Social Security, Uncategorized | Tagged: Social Security, SSI | Permalink
Posted by Cynthia Marcotte Stamer

IRS Updates Defined Benefit Plan Guidance

October 13, 2017

Qualified profit-sharing and pension plan sponsors, fiduciaries, administrators and service providers should check of this recent guidance on various qualified pension and profit sharing plan qualification:

Procedures for automatic approval for certain changes in funding method – For single-employer defined benefit plans subject to the minimum funding requirements of Internal Revenue Code (IRC) Section 430 (Revenue Procedure 2017-56).
Updated procedures for obtaining IRS approval for a change in funding method – Guidance includes procedures for defined benefit plan sponsors to revoke certain interest rate elections (Rev. Proc. 2017-57).
Final regulations – mortality tables for determining present value – Provide mortality tables that single-employer defined benefit plan sponsors must use to determine minimum required contribution and guidance about construction of substitute mortality tables (T.D. 9826).
New procedures to request to use plan-specific substitute mortality tables – Certain defined benefit plans must follow these procedures for plan years beginning on or after Jan. 1, 2018 (Rev. Proc. 2017-55).

Organizations and service providers involved in defined benefit plans should review their programs and make adjustments as warranted.

About The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for management work, coaching, teachings, and publications.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service as a management consultant, business coach and consultant and policy strategist as well through her leadership participation in professional and civic organizations such her involvement as the Vice Chair of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment;a member and policy technical adviser to the National Physicians’ Council for Healthcare Policy; current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; ABA Real Property Probate and Trust (RPTE) Section former Employee Benefits Group Chair, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative, and Defined Contribution Committee Co-Chair, past Welfare Benefit Committee Chair and current Employee Benefits Group Fiduciary Responsibility Committee Co-Chair, Substantive and Group Committee member, Membership Committee member and RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association and others.

Ms. Stamer also is a widely published author, highly popular lecturer, and serial symposia chair, who publishes and speaks extensively on human resources, labor and employment, employee benefits, compensation, occupational safety and health, and other leadership, performance, regulatory and operational risk management, public policy and community service concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, Insurance Thought Leaders, and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications.

Want to know more? See here for details about the author of this update, attorney Cynthia Marcotte Stamer, e-mail her here or telephone Ms. Stamer at (469) 767-8872.

About Solutions Law Press, Inc.™

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and uhave no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Comments Off on IRS Updates Defined Benefit Plan Guidance | Bankruptcy, board of directors, Brokers, Corporate Compliance, corporate governance, defined benefit plan, Defined Benefit Plans, directors, employee, Employee Benefits, Employer, Employers, Employment Policies, Employment Tax, ERISA, Excise Tax, Form 5500, Government Contractors, government plan, HR, Human Resources, Insurance, Internal Revenue Code, IRC, Labor Management Relations, Management, retirement plan, Retirement Plans, Retirements, Tax, Tax Qualification, Uncategorized, Worker Classification | Tagged: defined benefit plan, Retirement Plans, tax qualification | Permalink
Posted by Cynthia Marcotte Stamer

Read Trump Health Care Executive Order

October 12, 2017

President Trump today (October 12, 2017) issued the following that he promised to be the first in a series of executive orders and other administrative actions that his administration will roll out to provide Obamacare relief for consumers, employers and others by promoting healthcare choice and competition given the continued difficulty by the Republican-led Congress to pass legislation repealing or replacing the health care law.

What actually will result remains to be seen. Like the January 20, 2017 Executive Order Minimizing the Economic Burden of the Patient Protection and Affordable Care Act Pending Repeal that President Trump signed as his first executive order, the new Executive Order doesn’t actually change anything; it merely directs the agencies to review and propose for implementation changes to regulations and other guidance allowed by law.

On the heels of his announcement of the Executive Order, President Trump moved forward on his promise to take other action on Obamacare by announcing that the Administration will not continue funding for individual subsidies that currently are continued under an Obama Administration action in the absence of Congressional action funding those subsidies.

Concerned parties should monitor and inform themselves about proposed changes in the Executive Order and other actions as they are proposed and develop, and provide timely comments and other input to help influence the shape and content of any changes proposed or adopted in response to the Executive Order. Solutions Law Press, Inc. will be monitoring developments. Stay tuned for updates.

Language of Executive Order

By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered as follows:

Section 1. Policy.

(a) It shall be the policy of the executive branch, to the extent consistent with law, to facilitate the purchase of insurance across State lines and the development and operation of a healthcare system that provides high-quality care at affordable prices for the American people. The Patient Protection and Affordable Care Act (PPACA), however, has severely limited the choice of healthcare options available to many Americans and has produced large premium increases in many State individual markets for health insurance. The average exchange premium in the 39 States that are using http://www.healthcare.gov in 2017 is more than double the average overall individual market premium recorded in 2013. The PPACA has also largely failed to provide meaningful choice or competition between insurers, resulting in one-third of America’s counties having only one insurer offering coverage on their applicable government-run exchange in 2017.

(b) Among the myriad areas where current regulations limit choice and competition, my Administration will prioritize three areas for improvement in the near term: association health plans (AHPs), short-term, limited-duration insurance (STLDI), and health reimbursement arrangements (HRAs).

(i) Large employers often are able to obtain better terms on health insurance for their employees than small employers because of their larger pools of insurable individuals across which they can spread risk and administrative costs. Expanding access to AHPs can help small businesses overcome this competitive disadvantage by allowing them to group together to self-insure or purchase large group health insurance. Expanding access to AHPs will also allow more small businesses to avoid many of the PPACA’s costly requirements. Expanding access to AHPs would provide more affordable health insurance options to many Americans, including hourly wage earners, farmers, and the employees of small businesses and entrepreneurs that fuel economic growth.

(ii) STLDI is exempt from the onerous and expensive insurance mandates and regulations included in title I of the PPACA. This can make it an appealing and affordable alternative to government-run exchanges for many people without coverage available to them through their workplaces. The previous administration took steps to restrict access to this market by reducing the allowable coverage period from less than 12 months to less than 3 months and by preventing any extensions selected by the policyholder beyond 3 months of total coverage.

(iii) HRAs are tax-advantaged, account-based arrangements that employers can establish for employees to give employees more flexibility and choices regarding their healthcare. Expanding the flexibility and use of HRAs would provide many Americans, including employees who work at small businesses, with more options for financing their healthcare.

(c) My Administration will also continue to focus on promoting competition in healthcare markets and limiting excessive consolidation throughout the healthcare system. To the extent consistent with law, government rules and guidelines affecting the United States healthcare system should:

(i) expand the availability of and access to alternatives to expensive, mandate-laden PPACA insurance, including AHPs, STLDI, and HRAs;

(ii) re-inject competition into healthcare markets by lowering barriers to entry, limiting excessive consolidation, and preventing abuses of market power; and

(iii) improve access to and the quality of information that Americans need to make informed healthcare decisions, including data about healthcare prices and outcomes, while minimizing reporting burdens on affected plans, providers, or payers.

Sec. 2. Expanded Access to Association Health Plans.

Within 60 days of the date of this order, the Secretary of Labor shall consider proposing regulations or revising guidance, consistent with law, to expand access to health coverage by allowing more employers to form AHPs. To the extent permitted by law and supported by sound policy, the Secretary should consider expanding the conditions that satisfy the commonality‑of-interest requirements under current Department of Labor advisory opinions interpreting the definition of an “employer” under section 3(5) of the Employee Retirement Income Security Act of 1974. The Secretary of Labor should also consider ways to promote AHP formation on the basis of common geography or industry.

Sec. 3. Expanded Availability of Short-Term, Limited‑Duration Insurance.

Within 60 days of the date of this order, the Secretaries of the Treasury, Labor, and Health and Human Services shall consider proposing regulations or revising guidance, consistent with law, to expand the availability of STLDI. To the extent permitted by law and supported by sound policy, the Secretaries should consider allowing such insurance to cover longer periods and be renewed by the consumer.

Sec. 4. Expanded Availability and Permitted Use of Health Reimbursement Arrangements.

Within 120 days of the date of this order, the Secretaries of the Treasury, Labor, and Health and Human Services shall consider proposing regulations or revising guidance, to the extent permitted by law and supported by sound policy, to increase the usability of HRAs, to expand employers’ ability to offer HRAs to their employees, and to allow HRAs to be used in conjunction with nongroup coverage.

Sec. 5. Public Comment.

The Secretaries shall consider and evaluate public comments on any regulations proposed under sections 2 through 4 of this order.

Within 180 days of the date of this order, and every 2 years thereafter, the Secretary of Health and Human Services, in consultation with the Secretaries of the Treasury and Labor and the Federal Trade Commission, shall provide a report to the President that:

(a) details the extent to which existing State and Federal laws, regulations, guidance, requirements, and policies fail to conform to the policies set forth in section 1 of this order; and

(b) identifies actions that States or the Federal Government could take in furtherance of the policies set forth in section 1 of this order.

Sec. 7. General Provisions.

(a) Nothing in this order shall be construed to impair or otherwise affect:

(i) the authority granted by law to an executive department or agency, or the head thereof; or

(ii) the functions of the Director of the Office of Management and Budget relating to budgetary, administrative, or legislative proposals.

(b) This order shall be implemented consistent with applicable law and subject to the availability of appropriations.

(c) This order is not intended to, and does not, create any right or benefit, substantive or procedural, enforceable at law or in equity by any party against the United States, its departments, agencies, or entities, its officers, employees, or agents, or any other person.

DONALD J. TRUMP

THE WHITE HOUSE,

October 12, 2017

Implications & Actions

The impact of this and other Executive Orders and other Presidential actions depend upon what actions, if any, the agencies determine they are allowed by law to take and how those changes are implemented. Concerned persons and organizations should begin preparing input to the agencies and monitoring and commenting on proposals and other guidance to help shape the outcome.

Solutions Law Press, Inc. is preparing initial analysis of this Executive Order and will be closely monitoring and updating this analysis. Follow up to learn more and stay abreast of new developments.

About The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for management work, coaching, teachings, and publications.

Well-known for her extensive work with health, insurance, financial services, technology, energy, manufacturing, retail, hospitality, governmental and other highly regulated employers, her nearly 30 years’ of experience encompasses domestic and international businesses of all types and sizes. Author of numerous works on privacy and data security, Ms. Stamer‘s experience includes involvement in cyber security and other data privacy and security matters for more than 20 years.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service as a management consultant, business coach and consultant and policy strategist as well through her leadership participation in professional and civic organizations such her involvement as the Vice Chair of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; a member and policy adviser to the National Physicians’ Council for Healthcare Policy; current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; ABA Real Property Probate and Trust (RPTE) Section former Employee Benefits Group Chair, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative, and Defined Contribution Committee Co-Chair, past Welfare Benefit Committee Chair and current Employee Benefits Group Fiduciary Responsibility Committee Co-Chair, Substantive and Group Committee member, Membership Committee member and RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association and others.

Want to know more? See here for details about the author of this update, attorney Cynthia Marcotte Stamer, e-mail her here or telephone Ms. Stamer at (469) 767-8872.

About Solutions Law Press, Inc.™

Comments Off on Read Trump Health Care Executive Order | 105(h), ACA, Affordable Care Act, Association Health Plan, Brokers, Civil Rights, Claims Administration, Corporate Compliance, EBSA, employee, Employee Benefits, Employer, Employers, ERISA, Excise Tax, Excise Taxes, Fiduciary Responsibility, FLSA, Form 5500, health benefit, Health Benefits, health Care, Health Care Reform, health insurance, health insurance marketplace, health plan, Health Plans, health reform, HR, Human Resources, Insurance, insurers, Internal Controls, Internal Revenue Code, IRC, MEWA, Payroll Tax, Premium Subsidies, Reporting & Disclosure, Tax Credit, Uncategorized, Union, Wellness, Wellness Programs, Worker Classification, Workforce, zane benefits | Tagged: ACA, Affordable Care Act, Corporate Compliance, Employee Benefits, Employer, Employers, Employment, employment law, ERISA, executive, Health Care, Health Care Reform, Health Insurance, Health Plan, Health Plans, Human Resources, Insurance, Labor, Labor Department, Managed Care, Medical Coverage, Overtime, Tax, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

Dealing With HR, Benefits & Other Headaches From Equifax and Other Data Breach

October 6, 2017

As businesses continue to struggle to comply with the growing plethora of federal and state laws mandating data security, the identity theft and cyber security epidemic keeps growing.

As human resources and other business leaders work to guard their own data and respond to employee demands for assistance in responding to breaches of their personal financial and other data, this weeks’ announcement that embattled credit monitoring giant Equifax has been awarded the exclusive contract to provide taxpayer identification and fraud prevention services to the Internal Revenue Service has many questioning whether these investments are futile.

The IRS’ announcement comes despite the September 7, 2017 announcement by Equifax of a data breach of its records impacting sensitive personal information of millions of consumers including:

The names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers of an estimated 143 million U.S. consumers;
Credit card numbers for approximately 209,000 U.S. consumers,
Certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers,and
Personal information for certain U.K. and Canadian consumers.

The huge breach already was creating many headaches for many businesses and their human resources departments before the IRS announced the award of the contract to Equifax. Due to the massive size of the breach, mist companies have been required to respond to concerns of workers impacted directly by the breach as well as requests of employees and identity theft protection companies that the business consider offering cybersecurity protection for employees or customers.

Beyond helping their workforce understand and cope with the news, many businesses and employee benefit plans also face the added headache of needing to investigate and respond to concerns about their own potential responsibilities to provide breach notification or take other actions. This added headache arises due to their or their plans’ use of Equifax or vendors utilizing Equifax to run employee or vendor background checks or carry out internal employee or employee benefit plan, customer or other business activities. These involvements often give rise to duties to conduct investigations and potentially provide notification or other responses to employees, applicants, benefit plan members, contractors or customers whose data may have been impacted under the Fair and Accurate Credit Transactions Act (FACTA), the Health Insurance Portability and Accountability Act (HIPAA), the Employee Retirement Income Security Act (ERISA) Fiduciary Responsibility rules or various other federal and state laws and regulations, vendor contracts or their own data privacy or security policies.

When notification is recommended or required, human resources and other business leaders also have to consider if modifications should be considered to standard protocols recommended to data breach victims. Notification and registration as an identity theft victim with Equifax long has been a standard part of the federal and state government recommended protocol for recommended to consumers impacted by identity theft or other data breaches. See,e.g., IRS Taxpayer Guide To Identity Theft. Although government agencies as of yet have not changed this recommendation to remove Equifax reporting, many consumers and others view reporting to Equifax as akin to the fox watching the hen house. Consequently, employers and other parties helping consumers respond to the breach often receive push back or questions from consumers about the appropriateness and security reporting to Equifax in light of its breach.

Beyond evaluating and handling their own legal responsibilities to investigate and deal with any breach impacting their data, employers and other business leaders also likely are or should consider what claims against Equifax, other vendors and business partners involved with Equifax and their own liability insurers are available and warranted to help cover the costs and potential liabilities for the business arising from the breach and it’s fall out.

As employers and other businesses work through these issues, They should keep in mind that the fallout is likely to continue for years and be further complicated by past and subsequent breaches impacting other governmental and private organizations. Human resources, employee benefits and other businesses and their leaders can expect to experience challenges dealing with fraudulent uses of misappropriated information as well as demands that they tighten up their background check, data security and usage and other practices and documentation to mitigate risks from the compromised data.

Human resources, employee benefits and other business leaders need to secure the assistance of counsel experienced in guiding their organizations through these and other challenges.

About The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for management work, coaching, teachings, and publications.

Well-known for her extensive work with health, insurance, financial services, technology, energy, manufacturing, retail, hospitality, governmental and other highly regulated employers, her nearly 30 years’ of experience encompasses domestic and international businesses of all types and sizes. Author of numerous works on privacy and data security, Ms. Stamer‘s experience includes involvement in cyber security and other data privacy and security matters for more than 20 years.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service as a management consultant, business coach and consultant and policy strategist as well through her leadership participation in professional and civic organizations such her involvement as the Vice Chair of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; a member and policy adviser to the National Physicians’ Council for Healthcare Policy; current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; ABA Real Property Probate and Trust (RPTE) Section former Employee Benefits Group Chair, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative, and Defined Contribution Committee Co-Chair, past Welfare Benefit Committee Chair and current Employee Benefits Group Fiduciary Responsibility Committee Co-Chair, Substantive and Group Committee member, Membership Committee member and RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association and others.

Want to know more? See here for details about the author of this update, attorney Cynthia Marcotte Stamer, e-mail her here or telephone Ms. Stamer at (469) 767-8872.

About Solutions Law Press, Inc.™

▪RAISE Act Immigration Reforms Touted As “Giving Americans A Raise”

▪Health Clinic At Houston Convention Center, Other HHS Help For Hurricane Harvey Victims

▪IRS Updates Amounts Used To Calculate 2017 Obamacare Individual Individual Shares Responsibility Tax Penalties

▪DB Plan Sponsors Check Out New Bifurcated Distribution Model Amendmentsy

▪U.S. News Names 2017-2018 “Best” Hospitals; Patient Usefulness Starts With Metholodogy Understanding

▪Use Lessons Of Past Mistakes or Injustice To Build Better Future

▪Prepare For Turnover, Other Challenges From Rising Workforce Competition

▪Employers, Health Plans Should Brace For Tightened Federal Mental Health Coverage Mandate Disclosure And Enforcement

▪Withholding Calculator Tool Helps Workers Figure Withholding

▪Better Preparing U.S. Workers To Fill Your Jobs

▪SCOTUS Ruling Bars Many State Arbitration Agreement Restrictions

▪$2.4M HIPAA Settlement Message Warns Health Plans & Providers Against Sharing Medical Info With Media, Others

Comments Off on Dealing With HR, Benefits & Other Headaches From Equifax and Other Data Breach | Banking, board of directors, Brokers, Civil Monetary Penalties, Claims, Claims Administration, compliance, conflict of interest, Consumer Protection, Corporate Compliance, corporate governance, Cybercrime, Data Breach, Data Security, defined benefit plan, Defined Benefit Plans, defined contribution plan, Defined Contribution Plans, directors, E-Verify, EBSA, Educational Privacy, employee, Employee Benefits, Employer, Employers, Employment, Employment Policies, Employment Tax, ERISA, ESOP, Excise Tax, FACTA, Fair Credit Reporting Act, FICA, fiduciary duty, Fiduciary Responsibility, Financial Security, Form 5500, GINA, Government Contractors, health benefit, Health Benefits, health Care, health insurance, health plan, Health Plans, HIPAA, Hiring, HR, Human Resources, I-9, Identity Theft, Income Tax, Insurance, insurers, Internal Controls, Internal Investigations, Internal Revenue Code, Internet, IRC, Labor Management Relations, Leadership, Management, Managment, Patient Empowerment, Payroll Tax, pension plan, Physician, Plan Admistrator, Privacy, Professional Liability, Protected Health Information, Provider, Reporting & Disclosure, retirement plan, Retirement Plans, Retirements, Risk Management, Security, Tax, Tax Credit, Tax Qualification, Technology, third party administrators, visas, Workforce | Tagged: ADA, Corporate Compliance, Data Breach, Employee Benefits, Employer, Employers, employment law, Equifax, ERISA, Health Care, Health Insurance, HIPAA, Human Resources, Insurance, Insurer, Labor Department, Privacy, Retirement Plans, Risk Management, Tax, Technology, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

Employers Should Manage Potential Unfair Labor Practice Risks From Recording, Acceptable Use, Fighting, Integrity & Other Employment Policies

September 13, 2017

Employers beware of potential National Labor Relations Act unfair labor practices risks that may arise from their adoption or enforcement of overly broad or restrictive workplace recording, acceptable use, workplace conduct, commitment-to-integrity or other policies that might be construed to prohibit or deter employees from exercising protected organization or other collective bargaining rights under the National Labor Relations Act (NLRA) in light of the Fifth Circuit’s July 25, 2017 T-Mobile United States, Inc. v. Nat’l Labor Relations Bd. decision.

In T-Mobile v. NLRB, the Fifth Circuit upheld and ordered the enforcement of a National Labor Relations Board (NLRB) ruling that telecommunications industry employers T-Mobile and MetroPCS (T-Mobile) engaged in unfair labor practices in violation of Section 8 of the NLRA by maintaining a policy that prohibited all photography and audio or video recording in its workplace without the employer’s prior permission (“Recording Policy”).

The Fifth Circuit’s ruling arose from an appeal filed by T-Mobile with the Fifth Circuit, challenging a NLRB ruling that the Recording Policy, a workplace conduct policy, a commitment-to-integrity policy and an Acceptable Use Policy included in the T-Mobile employee handbook violated the NLRA because “employees would reasonably construe the language to prohibit Section 7 activity and therefore constituted unfair labor practices prohibited under Section 8 of the NLRA. (Note: T-Mobile did not appeal the NLRB’s findings that 7 other policies also violated the NLRA).

While the Fifth Circuit’s decision only upheld the unfair labor practice determination based on the Recording policy, the decision makes clear that its findings concerning each of the four employment policies subject to the appeal as well as other employment policies could come out differently in other cases based on the contextual evidence reflected in the factual record concerning the particular employment policy and the context in which it is implemented and enforced. Employers maintaining or administering similar workplace rules will want to scrutinize carefully their own policies to assess their potential for exposing the employer to unfair labor practice charges and take appropriate action to minimize these risks.

Policies Chilling Organizational Rights Protected By NLRA § 7 Create Unfair Labor Practice Exposures

Section 7 of the NLRA protects workers’ right “to form, join, or assist labor organizations, to bargain collectively through representatives of their own choosing, and to engage in other concerted activities for the purpose of collective bargaining or other mutual aid or protection.” 29 U.S.C. § 157. NLRA § 8(a)(1) makes it an “unfair labor practice” for an employer to “interfere with, restrain, or coerce employees in the exercise of the rights” protected by NLRA § 7.

According to existing Fifth Circuit precedent, a workplace rule violates Section 8(a)(1) of the NLRA if the rule either:

“Explicitly restricts activities protected by Section 7″ or
Employees would reasonably construe the language to prohibit Section 7 activity even if the rule does not explicitly prohibit or has not been enforced to prohibit or restrict Section 7 protected activity.

A careful analysis of the Fifth Circuit’s decision makes clear that its decision about each of the four challenged policies covered by T-Mobile’s appeal turned upon the Court’s careful analysis of the surrounding context under which the applicable policy was implemented and administered reflected in the factual record. While the Fifth Circuit overruled as erroneous the NLRB’s findings that three other challenged policies violated the NLRA under this analysis, it agreed with and ordered enforced the NLRB’s ruling that T-Mobile’s Recording Policy violated the NLRA by impermissibly chilling worker’s exercise of their Section 7 rights. Construing the Acceptable Use Policy as prohibiting all recording in the workplace without the employer’s consent, the Fifth Circuit concluded that the policy would “discourage” a reasonable employee from engaging in protected activity” because a reasonable employee would construe the Policy as prohibiting employee unionizing or other concerted activity protected by the NLRA.

Context Protected Workplace Conduct, Commitment-To-Integrity, No Arguing or Fighting & Acceptable Use Policy

Based upon its review of the contextual facts shown in the record, the Fifth Circuit overruled the NLRB’s unfair labor practice orders with respect to T-Mobile’s workplace conduct, commitment-to- integrity, no argument or fighting and Acceptable Use policies. Employers should note, however, that the Fifth Circuit’s ruling does not give blanket enforcement to the defensibility of these policies in all circumstances. Rather, noting that “context matters” when determining whether a work rule violates the NLRA, the court found the policies read in the context of the workplace established common sense civility guidelines that a reasonable employee would not read as chilling or discouraging organization activities protected under Section 7. Accordingly, the Fifth Circuit declined to enforce the NLRB’s unfair labor practice orders against T-Mobile with respect to those policies in this instance. Employers considering the implications on this decision on their own policies should keep in mind, however, that the Fifth Circuit based its decision on the context reflected by the facts in the record. Accordingly, there remains a risk that these or other policies could be found to violate the NLRB if adopted or administered under circumstances that could chill reasonable workers from exercising their Section 7 organizational rights.

Context Invalidated Recording Policy

The critical significance of the factual context in determining the defensibility of each of these policies under Sections 7 and 8(a) of the NLRA is driven home by the Fifth Circuit’s explanation in the opinion of its decision to enforce the NLRB’s order with respect to the following Recording Policy as well as its explanation of its distinguishability from the Acceptable Use Policy that the Fifth Court found permitted.:

To prevent harassment, maintain individual privacy, encourage open communication, and protect confidential information employees are prohibited from recording people or confidential information using cameras, camera phones/devices, or recording devices (audio or video) in the workplace. Apart from customer calls that are recorded for quality purposes, employees may not tape or otherwise make sound recordings of work-related or workplace discussions. Exceptions may be granted when participating in an authorized [T-Mobile] activity or with permission from an employee’s Manager, HR Business Partner, or the Legal Department. If an exception is granted, employees may not take a picture, audiotape, or videotape others in the workplace without the prior notification of all participants.

In determining this Recording Policy impermissibly deterred employees from exercising their Section 7 rights in violation of the NLRA, the Fifth Circuit’s opinion makes clear that “the broad reach of the recording ban” strongly influenced this determination, stating:

The ban, by its plain language, encompasses any and all photography or recording on corporate premises at any time without permission from a supervisor. This ban is, by its own terms alone, stated so broadly that a reasonable employee, generally aware of employee rights, would interpret it to discourage protected concerted activity, such as even an off-duty employee photographing a wage schedule posted on a corporate bulletin board. …

Unlike the “workplace conduct” policy and the “commitment-to-integrity” policy, the recording policy forbids certain forms of clearly protected activity. We have earlier held that held those two policies would not be interpreted by a reasonable T-Mobile employee as forbidding protected activity. By contrast, a reasonable T-Mobile employee, aware of his legal rights, would read the language of the recording policy as plainly forbidding a means of engaging in protected activity.

In the face of this possibility, the Court similarly considered the factual record before rejecting T-Mobile’s argument that the Policy was defensible to promote its legitimate business interests “[t]o prevent harassment, maintain individual privacy, encourage open communication, and protect confidential information” on the grounds that “merely reciting such justifications does not alter the fact that the operative language of the rule on its face prohibits protected Section 7 activity, including Section 7 activity wholly unrelated to those stated interests.”

In reaching this determination, the Fifth Circuit distinguished these findings from its findings with regard to the Acceptable Use policy. In explaining its finding the Acceptable Use Policy valid, the Fifth Circuit’s opinion explains that the NLRB’s decision concerning the Acceptable Use Policy disregarded the context in which the acceptable use policy is to be read and understood, stating:

The “Scope” section of the acceptable use policy explicitly states that the policy “applies to all non-public T-Mobile information.” Thus the policy only prohibits employees from sharing non-public information.

Where a company policy prohibits the disclosure of non-public information, courts presume that a reasonable employee would not construe the policy to prohibit the disclosure of information that may be properly used in protected activity, such as wage and benefit information, so long as the policy does not explicitly state that it encompasses such information. … Here… the policy does not define “non-public T-Mobile information” in a way that would lead a reasonable worker to believe that it includes protected wage and benefit information. Instead, the policy only applies to the sort of proprietary business information that an employer may properly restrict its employees from sharing outside of the company. …

Thus the NLRB’s finding that a reasonable worker would construe the acceptable use policy to discourage protected activity is unreasonable, and we deny enforcement as to that part of its order.

Accordingly, the Fifth Circuit upheld enforcement of the NLRB’s order striking down the Recording Policy but denied enforcement and overruled the NLRB’s unfair labor practice finding with regard to the other three policies.

Contextual Basis of Decision Requires Employer Tread Carefully, Manage Risks

While the Fifth Circuit only enforced the NLRB’s unfair labor practice finding with respect to T-Mobile’s Recording Policy in T-Mobile, the opinion makes clear that similar or identical policies could be treated differently depending upon whether the contextual evidence reflects that the policy could be reasonably construed by employees as prohibiting or restricting conduct protected by Section 7 of the NLRA. Employers maintaining or administering similar workplace rules will want to scrutinize carefully their own policies to assess their potential for exposing the employer to unfair labor practice charges and take appropriate action to minimize these risks.

About The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for management work, coaching, teachings, and publications.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service as a management consultant, business coach and consultant and policy strategist as well through her leadership participation in professional and civic organizations such her involvement as the Vice Chair of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; a member and policy adviser to the National Physicians’ Council for Healthcare Policy; current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; ABA Real Property Probate and Trust (RPTE) Section former Employee Benefits Group Chair, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative, and Defined Contribution Committee Co-Chair, past Welfare Benefit Committee Chair and current Employee Benefits Group Fiduciary Responsibility Committee Co-Chair, Substantive and Group Committee member, Membership Committee member and RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association and others.

Want to know more? See here for details about the author of this update, attorney Cynthia Marcotte Stamer, e-mail her here or telephone Ms. Stamer at (469) 767-8872.

About Solutions Law Press, Inc.™

Comments Off on Employers Should Manage Potential Unfair Labor Practice Risks From Recording, Acceptable Use, Fighting, Integrity & Other Employment Policies | board of directors, compliance, directors, employee, Employee Handbook, Employer, Employers, Employment, Employment Agreement, Employment Policies, ERISA, health plan, Human Resources, Internal Controls, Internal Investigations, Loyalty, Management, Managment, NLRA, Non-Compete, Non-Competition Agreement, Uncategorized, Unfair Labor Practice, Union, Workforce | Tagged: Economy, Employer, Hiring, HR, Job Growth, Labor, Labor Management Relations, Labor Pool, Labor Statistics, Management, Recruiting, Workforce | Permalink
Posted by Cynthia Marcotte Stamer

DB Plan Sponsors Check Out New Bifurcated Distribution Model Amendments

August 20, 2017

Need to amend your qualified defined benefit plan plan document to offer bifurcated benefit distribution options to participants? Check out the new model amendments published by the Internal Revenue Service in Notice 2017-44 for a possible cost-effective option to add a bifurcated distribution option in accordance with final regulations issued under § 417(e) of the Internal Revenue Code.

About The Author

Recognized as “Legal Leader™ Texas Top Rated Lawyer” in both Health Care Law and Labor and Employment Law, a “Texas Top Lawyer,” and an “AV-Preeminent” and “Top Rated Lawyer” by Martindale-Hubble, singled out as among the “Best Lawyers In Dallas” in employee benefits by D Magazine; Cynthia Marcotte Stamer is a practicing attorney and management consultant, author, public policy advocate and lecturer widely recognized for her nearly 30 years’ of work and pragmatic thought leadership, publications and training on health coverage and health care, health plan and employee benefits, workforce and related regulatory and other compliance, performance management, risk management, product and process development, public policy, operations and other concerns.

Throughout her legal and consulting career, Ms. Stamer has drawn recognition for combining extensive knowledge and experience with her talents as an insightful innovator and problem solver when advising, representing and defending employer and other plan sponsors, insurers, fiduciaries, insurers, electronic and other technology, plan administrators and other service providers, governments and others about health coverage, benefit program design, funding, documentation, administration, data security and use, contracting, plan, public and regulatory reforms and enforcement, and other risk management and operations matters as well as for her work and thought leadership on a broad range of other health, employee benefits, human resources and other workforce, insurance, tax, compliance and other matters. Her experience encompasses leading and supporting the development and defense of innovative new programs, practices and solutions; advising and representing clients on routine plan establishment, plan documentation and contract drafting and review, administration, change and other compliance and operations crisis prevention and response, compliance and risk management audits and investigations, enforcement actions and other dealings with the US Congress, Departments of Labor, Treasury, Health & Human Services, Federal Trade Commission, Justice, state legislatures, attorneys general, insurance, labor, worker’s compensation, and other agencies and regulators, She also provides strategic and other supports clients in defending litigation as lead strategy counsel, special counsel and as an expert witness.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares shared her thought leadership, experience and advocacy on these and other concerns by her service in the leadership of a broad range of other professional and civic organization including her involvement as Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE; Coalition on Patient Empowerment, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, Past Group Chair, current Defined Contribution Plan Committee Co-Chair, former Welfare Committee Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative and current RPTE Representative to the ABA Health Law Coordinating Counsel, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, former member of the Board of Directors of the Southwest Benefits Association and others.

Ms. Stamer also is a highly popular lecturer, symposia chair and author, who publishes and speaks extensively on health and managed care industry, human resources, employment and other privacy, data security and other technology, regulatory and operational risk management for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, the Society of Professional Benefits Administrators, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients, serves on the faculty and planning committee of many workshops, seminars, and symposia, and on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications. For additional information about Ms. Stamer, see www.CynthiaStamer.com or contact Ms. Stamer via email to here or via telephone to (469) 767-8872.

About Solutions Law Press

If you or someone else you know would like to receive future updates and notices about other upcoming Solutions Law Press™ events, please be sure that we have your current contact information – including your preferred e-mail by creating or updating your profile here. For important information concerning this communication, see here.

NOTICE: Any party accessing or using any content obtained from or through Solutions Law Press, Inc.™ acknowledges and agrees that any and all programs, publications, statements and materials presented or published by Solutions Law Press, Inc.™ and any statements or other contents made or contained therein are for general informational and educational purposes only. They are generic in nature and not tailored or intended to be relied upon by any person, business, entity or other party for purposes for determining the legal, financial or other appropriateness, defensibility, suitability, outcome or consequences of any strategy, action, course of action, or any other facts, circumstances, event or conduct. Users of these resources are responsible at all times for independently evluating the suitability of any content, materials, tools or other materials or information accessed from or through Solutions Law Press, Inc. directly or indirectly.

Solutions Law Press, Inc.™ and its authors and contributors do not represent or warrant in any form or manner, and expressly disclaim and deny the appropriateness of the use or reliance of any person or entity on any content, tools or resources accessed or obtained from or through Solutions Law Press, Inc.™ for any general or particular use or purpose by any party under any circumstances.

Likewise, they do not establish an attorney-client relationship or other fiduciary, contractual or other relationship between Solutions Law Press, Inc. and/or any of its authors or contributors and any other party. They are not, and do not serve as a substitute for legal, accounting, tax or other advice. They don’t create or otherwise give rise to any duty, obligation, responsibility on behalf of Solutions Law Press, Inc™ or any provider or offeree of content, tools or services to any party.

Parties accessing or using any of Solutions Law Press, Inc.™ competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The publisher and the author expressly disclaim all liability for this content and any responsibility to provide any update or otherwise notify anyone of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Comments Off on DB Plan Sponsors Check Out New Bifurcated Distribution Model Amendments | defined benefit plan, Defined Benefit Plans, Employer, Employers, Employment, ERISA, retirement plan, Retirement Plans, Tax, Tax Qualification | Tagged: Bifurcated Distributions, defined benefit plan, Distributions, Employer, Pension, Plan Amendment, plan sponsor, Qualiified Plan, Retirement Plans | Permalink
Posted by Cynthia Marcotte Stamer

Prepare For Turnover, Other Challenges From Rising Workforce Competition

August 8, 2017

U.S. employers recruiting or employing workers with high demand skills or experience in the U.S. labor market should reevaluate existing employee retention and recruiting packages and policies and intellectual property safeguards to deal with the increasingly competitive job market reflected in June, 2017 employment data and trends reflected in U.S. Bureau of Labor Statistics (BLS) data released today (August 8, 2017). Employers relying on workers within these industries should re-evaluate and update as necessary their existing budgeting, hiring, recruitment and retention, trade secret, noncompetition and other policies and practices to proactively position their companies to effectively compete to ensure they retain and recruit the necessary workers to operate effectively.

The BLS statistics offer employers and others key insights into various workforce and employment trend, not the least of which are signs of growing competition among employers for high demand workers arising from the continued growth in job openings reported in the BLS statistics. See, e.g. Table A. Job openings, hires, and total separations by industry, seasonally adjusted and Job Openings and Labor Turnover Technical Note; Table 1. Job openings levels and rates by industry and region, seasonally adjusted; Table 2. Hires levels and rates by industry and region, seasonally adjusted; Table 3. Total separations levels and rates by industry and region, seasonally adjusted.

BLS statistics showing new hires lagging behind the continued growth in job openings signal that employers in impacted industries and regions should prepare to face growing competition for qualified workers.

According to BLS, the U.S. job openings level increased by 461,000 to 6.2 million openings as of the last day of June. Among these 461,000 new openings, the overwhelming majority – 417,000 openings were for private sector positions, with the largest increases occurring in professional and business services (+179,000), health care and social assistance (+125,000) and construction (+62,000) while job openings decreased for other services by 62,000.

Meanwhile, BLS statistics showing that hires and total separations did not keep up with the growth in job openings sends a strong message that employers employing workers from increasingly competitive talent pools should focus as much on their ability to retain existing workers as to recruit new workers to fill new positions or replace workers. Aside from the gap between job openings and hires generally, quit rate statistics reported by BLS merit special consideration. As quits are voluntary separations initiated by the employee, the quit rate can serve as a measure of workers’ willingness or ability to leave an existing position for a new opportunity. BLS statistics showing continued stability in the quit rate and number of quits during June suggests that as of the end of June, reflected that many employed workers in high growth industries had not yet decided to make the leap to a new position. See Table 4. Quits levels and rates by industry and region, seasonally adjusted. Table 10. Quits levels and rates by industry and region, not seasonally adjusted.

Amid growing competition for workers, however, it is foreseeable that employers seeking to fill open positions will turn their attention to employers already employed. Accordingly, in addition to evaluating their ability to recruit qualified workers away from other employers, employers should anticipate and prepare for the likelihood that other employers increasingly will target their workers for recruitment.

Adequate analysis and preparation now could help position their businesses both to retain valuable workers and recruit new or replacement workers to fulfill their staffing leads. Beyond considering the adequacy of current recruitment, compensation, benefits, work rules and culture to compete effectively amid the evolving labor market, business leaders also generally will want to evaluate the adequacy and enforceability of trade secret, noncompetition and solicitation, and other legal and operational controls to protect their organization’s workforce and intellectual property from turnover related threats and dilution both as they relate to new hires and potential departing employees.

About The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for management work, coaching, teachings, and publications.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service as a management consultant, business coach and consultant and policy strategist as well through her leadership participation in professional and civic organizations such her involvement as the Vice Chair of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; a member and policy adviser to the National Physicians’ Council for Healthcare Policy; current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; ABA Real Property Probate and Trust (RPTE) Section former Employee Benefits Group Chair, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative, and Defined Contribution Committee Co-Chair, past Welfare Benefit Committee Chair and current Employee Benefits Group Fiduciary Responsibility Committee Co-Chair, Substantive and Group Committee member, Membership Committee member and RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association and others.

Want to know more? See here for details about the author of this update, attorney Cynthia Marcotte Stamer, e-mail her here or telephone Ms. Stamer at (469) 767-8872.

About Solutions Law Press, Inc.™

Comments Off on Prepare For Turnover, Other Challenges From Rising Workforce Competition | 401(k), directors, employee, Employee Benefits, Employer, Employers, Employment, Employment Agreement, ERISA, Executive Compensation, health plan, Management, Managment, Non-Compete, Non-Competition Agreement, Uncategorized | Tagged: Economy, Employer, Hiring, HR, Job Growth, Labor, Labor Management Relations, Labor Pool, Labor Statistics, Management, Recruiting, Workforce | Permalink
Posted by Cynthia Marcotte Stamer

Learn About Rising Group Health Plan Mental Health Mandate Risks From 6/27 “2017 Federal Group Health Plan Mental Health Rules Update”

June 22, 2017

Register Now To Participate In

“2017 Federal Group Health Plan Mental Health Rules Update”

Solutions Law Press, Inc™ Health Plan Update WebEx Briefing

Tuesday, June 27, 2017

10:30 A.M.-11:30 P.M. Eastern | 11:30 A.M.-12:30 P.M. Central

EXPANDING REGULATORY REQUIREMENTS & ENFORCEMENT SPELL TROUBLE FOR HEALTH PLANS AND THEIR SPONSORING EMPLOYERS.

Solutions Law Press, Inc.™ invites employer and other group health plan sponsors, fiduciaries, insurers, administrative service providers, plan brokers and consultants are invited learn critical information about their expanding risks and responsibilities arising from existing and proposed changes to rules and enforcement of federal group health plan mental health and substance abuse (MH/SUB) coverage and privacy rules under the Mental Health Parity and Addiction Equity Act of 2008 (MHPAEA), as supplemented by the Patient Protection and Affordable Care Act (ACA) and the 21st Century Cures Act (Cures Act) and the Privacy Rules of the Health Insurance Portability & Accountability Act (HIPAA) conducted by attorney Cynthia Marcotte Stamer, a Fellow in the American College of Employee Benefits recognized as among the “Best Lawyers” in employee benefits for her health and other benefit knowledge, experience, policy advocacy and thought leadership. Register here now!

Tightening Health Plan Mental Health & Substance Abuse Rules & Enforcement Make Group Health Plan Compliance Critical

New and proposed guidance jointly published June 16, 2017 by the Departments of Labor (DOL), Health & Human Services (HHS) and Treasury is the latest in a series of regulatory and enforcement developments over the past year alerting group health plans and their employer and other group health plan sponsors, fiduciaries, insurers, administrative services providers, plan brokers and consultants involved in health plan design, funding, or administration to get serious about their group health plans’ compliance with the MHPAEA federal group health plan mental health and substance abuse coverage and benefit requirements, as supplemented by the ACA and the Cures Act without running afoul of the Privacy Rules of HIPAA.

Building upon federal group health plan mental health parity mandates originally implemented under the Mental Health Parity Act, the MHPAEA generally requires that any financial requirements or treatment limitations group health plans impose on mental health and substance use disorder (MH/SUD) benefits not be restrictive than the predominant financial requirements and treatment limitations that apply to substantially all medical and surgical benefits. MHPAEA also imposes several disclosure requirements on group health plans and health insurance issuers. Not satisfied with the MHPAEA coverage and disclosure protections, however, Congress subsequently broadened federal MH/SUD benefit rights under group health plans through the enactment of the ACA and the Cures Act. Congress also has imposed special requirements and protections for mental health treatment records adds additional responsibilities for group health plans and their service providers when dealing with information and records in connection with the administration of MH/SUD benefits.

After a long period of lax oversight and enforcement of these federal group health plan mental health rules, the Departments of Labor (DOL), Health and Human Services (HHS), and the Treasury (collectively, the Departments) since October, 2016 have begun both tightening the rules and acting to increase oversight and enforcement. The Departments have issued a series of joint guidance clarifying and broadening their interpretations of these MH/SUD benefit and disclosure mandates while simultaneously taking steps to increase awareness and enforcement of these rights. As part of these ongoing efforts, Departments’ on June 16, 2017 expanded this guidance with their publication of new Mental Health Parity Implementation FAQs Part 38 discussing their joint interpretation of the broadening effect of the enactment of the ACA and the Cure Act on these plan requirements. Concurrently, the Departments signaled their intention to add additional responsibilities for group health plans and insurers by publishing along with FAQ Part 38 a Draft MHPAEA Disclosure Template and request for comments. This latest guidance package reaffirms that the Departments are continuing efforts to increase oversight of and enforcement of MH/SUD compliance against group health plans, their sponsors, fiduciaries, insurers, and their administrative and other service providers. In the face of these developments and the reported initiation of enforcement actions by the Departments, the group health plans, their employer and other sponsors, fiduciaries, insurers, and their administrative and other service providers should move quickly to understand and update their plans and practices to comply with these recent developments while bracing for the likely need to deal with further expanded disclosure and other additional responsibilities under the MHPAEA jointly proposed by the Departments on June 16, 2017.

Beyond fulfilling these expanding MHPAEA responsibilities, health plan fiduciaries, administrators, insurers and sponsors also must ensure their health plan and its business associates comply with special rules concerning the protection, use and disclosure of mental health treatment records and information that may impact certain mental health treatment and other records received, used, retained or disclosed in the course of administering mental health, substance abuse or other provisions of their group health plans under the HIPAA Privacy Rules. Keeping in mind that HHS audit and enforcement of compliance by health plans and other HIPAA covered entities with HIPAA’s medical privacy and data security rules, health plan sponsors, fiduciaries, insurers and administrative and other service providers also should take the opportunity to verify that their plans and practices comply with special HIPAA rules impacting authorizations and other dealings with certain mental health and substance abuse health information and records and other HIPAA medical privacy and security requirements.

Given these developments, group health plans, their sponsors, fiduciaries, insurers and administrator must take steps to verify and maintain compliance with these federal MH/SUD requirements. Ensuring proper compliance with these federal rules is particularly important to avoid triggering the substantial liability that health plans, their employer and other sponsors, insurers, and administrators can incur if their health plan violates these mandates. Obviously, plans and their sponsors, insurers and fiduciaries can expect to pay additional plan expenses necessary to pay wrongfully denied benefits and other expenditures these plan or its fiduciaries expend to investigate, defend and resolve claims or compliance audits, investigations, litigation or actions brought by the Departments, state insurance regulators with respect to state governments or insurers, or private litigation by participants or beneficiaries. Many employer or other plan sponsors may be unaware that these violations also generally expose employers and other health plan sponsors to liability to self identify, self-report on Internal Revenue Service Form 8928 and self-pay and excise tax of up to $100 per participant per day per uncorrected violation by the due date for filing of their annual corporate tax return.

With oversight and enforcement already rising and the Departments proposing to expand further both disclosure duties and enforcement, group health plans, their employer and other sponsors, insurers, fiduciaries and administrators clearly need to take prompt action to verify their existing health plan provisions and administrative practices are up-to-date and administered to withstand challenge from the Departments, participants, beneficiaries, health care providers and others. Consequently, employer and other group health plan sponsors, fiduciaries, insurers, administrative services providers, plan brokers and consultants involved in health plan design, funding, or administration should act quickly to verify their plan terms and practices are updated to comply with existing rules and share their input in response to the Departments June 16, 2017 requests for comments.

ABOUT CYNTHIA MARCOTTE STAMER

Ms. Stamer also is a highly popular lecturer, symposia chair and author, who publishes and speaks extensively on health and managed care industry, human resources, employment and other privacy, data security and other technology, regulatory and operational risk management for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, the Society of Professional Benefits Administrators, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients, serves on the faculty and planning committee of many workshops, seminars, and symposia, and on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications. For additional information about Ms. Stamer, see CynthiaStamer.com or contact Ms. Stamer via email to here or via telephone to (469) 767-8872.

About Solutions Law Press

Comments Off on Learn About Rising Group Health Plan Mental Health Mandate Risks From 6/27 “2017 Federal Group Health Plan Mental Health Rules Update” | 4980D, 6039D, ACA, Affordable Care Act, Appeals, Attorney-Client Privilege, board of directors, Brokers, Cafeteria Plans, church plan, Civil Monetary Penalties, Civil Rights, Claims, Claims Administration, compensation, compliance, conflict of interest, Corporate Compliance, corporate governance, Data Breach, Data Security, EBSA, employee, Employee Benefits, Employer, Employers, Employment, Employment Tax, ERISA, Excepted Benefits, exchange, Excise Tax, Excise Taxes, Exempt, fiduciary duty, Fiduciary Responsibility, H.R. 4872, health reform, HIPAA, HR, Human Resources, Identity Theft, Income Tax, Insurance, insurers, Internal Revenue Code, IRC, Labor Management Relations, Management, Mental Health, Mental Health Parity, MEWA, Obamacare, Patient Protection & Affordable Care Act, Pay, Physician, Plan Admistrator, preventive care, Privacy, Professional Liability, Protected Health Information, Provider, Risk Management, SBC, Tax Credit, Uncategorized, Union | Tagged: ACA, Brokers, CCIIO, Corporate Compliance, EBSA, Employers, enforcement, Essential health benefits, Fiduciary, Fiduciary Duties, Health Benefits, health coverage, Health Plans, health reform, HHS, Mental Health, Mental Health Parity, mental health records, substance abuse, Third party Administrators | Permalink
Posted by Cynthia Marcotte Stamer

Stamer To Moderate, Talk Medical CyberSecurity At 5/19 ISSA-LA IT Security Meedical Privacy Forum

May 12, 2017

Solutions Law Press, Inc. editor and attorney Cynthia Marcotte Stamer will speak and moderate two key panel programs on health care privacy and data security scheduled at the Healthcare Privacy & Security Form hosted on May 19, 2017 by the Information Security Systems Association of Los Angeles County (ISSA-LA) as a component of its 9th Annual ISSA-LA Information Security Summit. The presentations of Ms. Stamer and others at the conference are particularly timely coming on the heels of the May 12 Cyber alerts to U.S. health industry and other businesses about the urgent need to defend against the spread of an epidemic international malware threat targeting U.S. healthcare and other businesses. See Urgent WannaCry Ransomware Cyber Warning Issued; Alert: Guard Health E-Mail, Other IT Against WannaCry Malware Attack.

The Medical Privacy & Security Summit is part of the 9th Annual ISSA-LA Information Security Summit scheduled for May 18-19, 2017 at the Universal City Hilton in Los Angeles. Recognized as a premier information security education and networking event, the Summit is expected to bring together 1000 or more health industry and other IT and InfoSec executives, leaders, analysts, and practitioners to learn from the experts, exchange ideas with their peers, and enjoy conversations with the community.

The Healthcare Privacy & Security Forum offered for the 5^th year as a component of the annual Summit on May 19 specifically focuses on leading challenges, issues and opportunities confronted by health industry privacy and security professionals and their organizations. Ms. Stamer has served on the steering committee, moderator and popular faculty member for the 2017 Forum for the 5^th consecutive year. During the 2017 Forum, she will moderate and speak on two panels:

“Finding & Negotiating The Mine Fields: CISO, CIO & Privacy Officer’s Playbook for Promoting Compliance & Security Without Getting Fired,” a luncheon interactive panel discussion with the audience exploring the challenging mission CISOs, CIOs and Privacy Officers face to ensure their healthcare, financial and other critical information, data and systems continue to support the patient care and operating functions of their organizations, while at the same time defending these systems, operations and their sensitive, but mission critical data against malicious or innocent misappropriation, use, access or destruction; and
The closing panel on “What Initiatives Are on the Horizon in Healthcare, and How Can We Secure Them?”, which will explore likely future emerging privacy and security threats and technologies, regulatory challenges and enforcement, and other trends that Privacy and Security professionals are likely to face and tips and strategies for preparing to leverage these likely new opportunities and manage new challenges.

Register or get the full schedule of programs and other events scheduled at the Healthcare Privacy & Security Forum specifically along with the overall Information Security Summit here.

About Ms. Stamer

Cynthia Marcotte Stamer is a Martindale-Hubble “AV-Preeminent (Top 1%) rated practicing attorney and management consultant, health industry public policy advocate, widely published author and lecturer, recognized for her nearly 30 years’ of work on health industry and other privacy and data security and other health care, health benefit, health policy and regulatory affairs and other health industry legal and operational as a LexisNexis® Martindale-Hubbell® “LEGAL LEADER™ and “Top Rated Lawyer,” in Health Care Law and Labor and Employment Law; a D Magazine “Best Lawyers In Dallas” in the fields of “Health Care,” “Labor & Employment,” “Tax: Erisa & Employee Benefits” and “Business and Commercial Law,” a Fellow in the American Bar Foundation, the Texas Bar Foundation and the American College of Employee Benefit Counsel.

Scribe for ABA JCEB annual agency meeting with OCR for many years, Ms. Stamer is well-known for her extensive work and leadership throughout her career on HIPAA, FACTA, PCI, IRC and other tax, Social Security, GLB, trade secret, physician and other medical confidentiality and privacy, federal and state data security and data breach and other information privacy and data security rules and concerns. Ms. Stamer has worked extensively throughout her career with health care providers, health plans, health care clearinghouses, their business associates, employers and other plan sponsors, banks, insurers and other financial institutions, and others on trade secret confidentiality, privacy, data security and other risk management and compliance including design, establishment, documentation, implementation, audit and enforcement of policies, procedures, systems and safeguards, drafting and negotiation of business associate, chain of custody, confidentiality, and other contracting; risk assessments, audits and other risk prevention and mitigation; investigation, reporting, mitigation and resolution of known or suspected breaches, violations or other incidents; and defending investigations or other actions by plaintiffs, OCR, FTC, state attorneys’ general and other federal or state agencies, other business partners, patients and others; reporting known or suspected violations; commenting or obtaining other clarification of guidance and other regulatory affairs, training and enforcement, and a host of other related concerns.

Her clients include public and private health care providers, health insurers, health plans, employers, payroll, staffing, recruitment, insurance and financial services, health and other technology and other vendors, and others.

Author of a multitude of highly-regarded works and training programs on HIPAA and other data security, privacy and use published by BNA, the ABA and other premier legal industry publishers In addition to representing and advising these organizations, she also speaks extensively and conducts training on health care and other privacy and data security and many other matters Privacy & The Pandemic for the Association of State & Territorial Health Plans, as well as HIPAA, FACTA, PCI, medical confidentiality, insurance confidentiality and other privacy and data security compliance and risk management for Los Angeles County Health Department, ISSA, HIMMS, the ABA, SHRM, schools, medical societies, government and private health care and health plan organizations, their business associates, trade associations and others.

Beyond these involvements, Ms. Stamer also is active in the leadership of a broad range of other professional and civic organizations. Through these and other involvements, she helps develop and build solutions, build consensus, garner funding and other resources, manage compliance and other operations, and take other actions to identify promote tangible improvements in health care and other policy and operational areas.

For additional information about Ms. Stamer, see here or contact Ms. Stamer directly by e-mail here or by telephone at (469) 767-8872. ©2017 Cynthia Marcotte Stamer. Limited, non-exclusive right to republish granted to Solutions Law Press, Inc. All other rights reserved.

Comments Off on Stamer To Moderate, Talk Medical CyberSecurity At 5/19 ISSA-LA IT Security Meedical Privacy Forum | ADA, ARRA, board of directors, Brokers, Child Safety, Civil Monetary Penalties, compliance, Consumer Protection, Corporate Compliance, corporate governance, Cybercrime, Data Breach, Data Security, EBSA, Educational Privacy, Electronic Medical Record, employee, Employee Benefits, Employer, Employers, EMR, ERISA, FACTA, Fair Credit Reporting Act, FICA, fiduciary duty, FINRA, Government Contractors, health benefit, Health Benefits, health Care, health insurance, health insurance marketplace, health plan, Health Plans, HIPAA, HIPAA, HR, Human Resources, Identity Theft, Insurance, insurers, Internal Controls, Internal Investigations, Internet, Management, Mental Health, officers, Physician, Plan Admistrator, Privacy, Professional Liability, Protected Health Information, Provider, Public Policy, Security, Technology, third party administrators, Uncategorized | Tagged: Cyber Security, Cybercrime, Data Security, Information Security, IT, medical data, Medical Privacy, medical security, Protected Health Information, speech | Permalink
Posted by Cynthia Marcotte Stamer

$2.4M HIPAA Settlement Message Warns Health Plans & Providers Against Sharing Medical Info With Media, Others

May 10, 2017

Healthcare providers, health plans, healthcare clearinghouses and their business associates (Covered Entities) can’t disclose the name or other protected health care information about a patient in press releases or other announcements without prior authorization from the patient. That’s the clear lesson Covered Entities should learn from the $2.4 million payment to the U.S. Department of Health and Human Services (HHS) that the largest not-for-profit health system in Southeast Texas, Memorial Hermann Health System (MHHS) is paying to settle charges it violated the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule by issuing a press release with the name and other protected health information (PHI) about a patient without the patient’s prior HIPAA-compliant authorization under a Resolution Agreement and Corrective Action Plan (Resolution Agreement) announced May 10, 2017 by HHS Office of Civil Rights (OCR).

The Resolution Agreement resolves OCR charges the operator of 13 hospitals, eight Cancer Centers, three Heart & Vascular Institutes, and 27 sports medicine and rehabilitation centers violated the Privacy Rule that resulted from an OCR compliance review of MHHS triggered by multiple media reports suggesting that MHHS improperly disclosed the name and other details about a patient arrested and charged with presenting an allegedly fraudulent identification card to office staff at an MHHS’s clinic after MHHS clinic staff alerted law enforcement of suspicions the patient was presenting false identification to the clinic. According to OCR, after law enforcement investigated and arrested the patient, MHHS published a press release concerning the incident in which MHHS senior management approved the impermissible disclosure of the patient’s PHI by adding the patient’s name in the title of the press release without securing prior authorization of the patient.

While OCR concluded the report to law enforcement allowable under the Privacy Rule, OCR found MHHS violated the Privacy Rule by issuing the press release disclosing the patient’s name and other PHI without authorization from the patient and also by failing to timely document the sanctioning of its workforce members for impermissibly disclosing the patient’s information.

To resolve and avoid the potential Civil Monetary Penalties that HIPAA could authorize OCR to impose for the alleged Privacy Rule violation, MHHS agrees in the Resolution Agreement to pay OCR a $2.4 million monetary settlement and implement a corrective action plan that obligates MHHS to update and train its workforce on its policies and procedures on safeguarding PHI from impermissible uses and disclosures including specific instructions and procedures to:

Address (a) Uses and disclosures for which an authorization is required, including to the media, to public officials, and on the internet; (b) Disclosures for law enforcement purposes; and (c) Uses and disclosures for health oversight activities;
Identify MHHS personnel or representatives whom workforce members, agents, or business associates may contact in the event of any inquiry or concern regarding compliance with HIPAA in relation to these activities;
Internal reporting procedures requiring all workforce members to report to the designated person or office at the earliest possible time any potential violations of the Privacy, Security or Breach Notification Rules or of MHHS’ privacy and security policies and procedures and MHHS promptly to investigate and address all received reports in a timely manner; and
Application and documentation of appropriate sanctions (which may include retraining or other instructive corrective action, depending on the circumstances) against members of MHHS’ workforce, including senior level management, who fail to comply with the Privacy, Security or Breach Notification Rules or MHHS’ privacy and security policies and procedures, including a description of the sanctions; a timeframe in which MHHS will apply and document sanctions for violations of the HIPAA Rules or of MHHS’ privacy, security or breach policies or procedures; the manner in which MHHS will document the sanctions; and where MHHS will store or retain such documentation (e.g., personnel file).

The corrective action plan in the Resolution Agreement also requires all MHHS facilities to attest to their understanding of permissible uses and disclosures of PHI, including disclosures to the media and others.

Covered entities should keep in mind the MHHS Resolution Agreement is the latest in a series of OCR enforcement actions and resolution agreements highlighting the need for Covered Entities to adopt and use appropriate policies and procedures to prevent wrongful disclosures of PHI to the media or public. For instance, in June, 2013, OCR required Shasta Regional Medical Center (SRMC) to pay a $275,000 settlement payment and implement a comprehensive corrective action plan to resolve OCR charges stemming from SRMC’s disclosure of PHI about a patient to members of the media and its workforce in an effort to respond to accusations the patient made that SRMC engaged in fraud and other misconduct. See HIPAA Sanctions Triggered From Covered Entity Statements To Media, Workforce. In contrast, the $2.2 million resolution agreement that OCR required New York Presbyterian Hospital for improperly allowing a film crew to film hospital patients in violation of HIPAA was almost 10 times greater than the SRMC penalty and was accompanied by OCR’s publication OCR of specific additional guidance warning Covered Entities against improper disclosures to the media. See $2 Million+ HIPAA Settlement, FAQ Warn Providers Protect PHI From Media, Other Recording Or Use.

Following on the heels of this previous guidance and prior enforcement actions warning Covered Entities against wrongful disclosure to the media, the MHHS Resolution Agreement sends a strong message to Covered Entities that they should expect little sympathy if their organizations improperly share PHI with the media. OCR’s announcement of the MHHS Resolution Agreement, for instance quotes OCR Director Roger Severino with stating that “Senior management should have known that disclosing a patient’s name on the title of a press release was a clear HIPAA Privacy violation that would induce a swift OCR response.” The announcement goes on to quote Director Severino further as stating, “This case reminds us that organizations can readily cooperate with law enforcement without violating HIPAA, but that they must nevertheless continue to protect patient privacy when making statements to the public and elsewhere.”

Conduct Entity-Wide Risk Assessment & Review & Tighten Media Relations Policies, Processes & Training ASAP

Covered entities should heed the warning by conducting a risk assessment of their organization’s susceptibility to potential improper disclosures to media or others and reviewing and implementing necessary written policies, procedures and training to prevent the improper disclosure of patient PHI to media or others unless the Covered Entity either secures prior HIPAA-compliant authorization from the patient or can prove the disclosure falls squarely under an exception to the Privacy Rule’s prohibition against disclosure of PHI without authorization except as allowed by the Privacy Rule.

Taking these and other needed steps to evaluate, and strengthen and enforce as needed, risk assessments, policies, procedures, and training to prevent wrongful use, access or disclosure of PHI to the media or others is particularly critical in light of the ongoing tightening of expectations, and rising enforcement and sanctions for HIPAA violations since Congress amended HIPAA in 2009. See OCR Audit Program Kickoff Further Heats HIPAA Privacy Risks; HIPAA Heats Up: HITECH Act Changes Take Effect & OCR Begins Posting Names, Other Details Of Unsecured PHI Breach Reports On Website.

Based on experiences reported in the MHHS and other similar resolution agreements, Covered Entities also generally will want to ensure that their policies, procedures and training extend to all potential sources of communications that could involve patient information and make clear that the Privacy Rule restrictions must be followed even if the circumstances involve allegations of misconduct, special performance by healthcare providers or others that it would benefit the organization or certain individuals to have known to the public, or other circumstances likely to be of interest to the media or other parties.

As part of this process, covered entities should ensure they look outside the four corners of their Privacy Policies to ensure that appropriate training and clarification is provided to address media, practice transition, workforce communication and other policies and practices that may be covered by pre-existing or other policies of other departments or operational elements not typically under the direct oversight and management of the Privacy Officer such as media relations. Media relations, physician and patients affairs, outside legal counsel, media relations, marketing and other internal and external departments and consultants dealing with the media, the public or other inquiries or disputes should carefully include and coordinate with the privacy officer both to ensure appropriate policies and procedures are followed and proper documentation created and retained to show authorization, account, or meet other requirements.

In conducting this analysis and risk assessment, it will be important that Covered Entities include, but also look beyond the four corners of their Privacy Policies to ensure that their review and risk assessment identifies and assesses and addresses compliance risks on an entity wide basis. This entity-wide assessment should include both communications and requests for information normally addressed to the Privacy Officer as well as requests and communications that could arise in the course of media or other public relations, practice transition, workforce communication and other operations not typically under the direct oversight and management of the Privacy Officer. For this reason, Covered Entities also generally will not only to adopt and implement specific policies, processes and training in these other departments to prohibit and prevent inappropriate disclosures of PHI in the course of those departments operations. It also may be advisable to pre-established processes for reviewing media or other communications for potential PHI content and require prior review of any proposed public relations and other internal or external communications containing patient PHI or other information by the privacy officer, legal counsel or another suitably qualified party.

Because of the high risk that the preparation or review of media or other public communications reports will involve the use and disclosure of PHI, Covered Entities also generally should verify that all outside media or public relations, legal, or other outside service providers participating in the investigation, response or preparation or review of communications to the media or others both are covered by signed business associate agreements that fulfill the Privacy Rule and other requirements of HIPAA as well as possess detailed knowledge and understanding of the Privacy and Security Rules suitable to participate in and help safeguard the Covered Entity against violations of these and other Privacy Rules. See e.g., Latest HIPAA Resolution Agreement Drives Home Importance Of Maintaining Current, Signed Business Associate Agreements.

About The Author

Recognized by LexisNexis® Martindale-Hubbell® as a “AV-Preeminent” (Top 1%/ the highest) and “Top Rated Lawyer,” with special recognition as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Health Care,” “Labor & Employment,” “Tax: Erisa & Employee Benefits” and “Business and Commercial Law” by D Magazine, the author of this update is widely known for her 29 plus years’ of work in health care, health benefit, health policy and regulatory affairs and other health industry concerns as a practicing attorney and management consultant, thought leader, author, public policy advocate and lecturer.

Throughout her adult life and nearly 30-year legal career, Ms. Stamer’s legal, management and governmental affairs work has focused on helping health industry, health benefit and other organizations and their management use the law, performance and risk management tools and process to manage people, performance, quality, compliance, operations and risk. Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

As a core component of her work, Ms. Stamer has worked extensively throughout her career with health care providers, health plans and insurers, managed care organizations, health care clearinghouses, their business associates, employers, banks and other financial institutions, management services organizations, professional associations, medical staffs, accreditation agencies, auditors, technology and other vendors and service providers, and others on legal and operational compliance, risk management and compliance, public policies and regulatory affairs, contracting, payer-provider, provider-provider, vendor, patient, governmental and community relations and matters including extensive involvement advising, representing and defending public and private hospitals and health care systems; physicians, physician organizations and medical staffs; specialty clinics and pharmacies; skilled nursing, home health, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing and management services organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry clients to manage and defend compliance, public policy, regulatory, staffing and other operations and risk management concerns. A core focus of this work includes work to establish and administer compliance and risk management policies; comply with requirements, investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; dealings with JCHO and other accreditation and quality organizations; investigation and defense of private litigation and other federal and state health care industry investigations and enforcement; insurance or other liability management and allocation; process and product development; managed care, physician and other staffing, business associate and other contracting; evaluation, commenting or seeking modification of regulatory guidance, and other regulatory and public policy advocacy; training and discipline; and a host of other related concerns for public and private health care providers, health insurers, health plans, technology and other vendors, employers, and others.

Author of leading works on HIPAA and other privacy and data security works and the scribe leading the American Bar Association Joint Committee on Employee Benefits Annual Agency Meeting with OCR, her experience includes extensive compliance, risk management and data breach and other crisis event investigation, response and remediation under HIPAA and other data security, privacy and breach laws. Heavily involved in health care and health information technology, data and related process and systems development, policy and operations innovation and a Scribe for ABA JCEB annual agency meeting with OCR for many years who has authored numerous highly regarded works and training programs on trade secret, HIPAA and other medical, consumer, insurance, tax, and other privacy and data security, Ms. Stamer also is widely recognized for her extensive work and leadership on leading edge health care and benefit policy and operational issues including meaningful use and EMR, billing and reimbursement, quality measurement and reimbursement, HIPAA, FACTA, PCI, trade secret, physician and other medical confidentiality and privacy, federal and state data security and data breach and other information privacy and data security rules and many other concerns.

In connection with this work, Ms. Stamer has worked extensively with health care providers, health plans, health care clearinghouses, their business associates, employers and other plan sponsors, banks and other financial institutions, and others on risk management and compliance with HIPAA, FACTA, trade secret and other information privacy and data security rules, including the establishment, documentation, implementation, audit and enforcement of policies, procedures, systems and safeguards, investigating and responding to known or suspected breaches, defending investigations or other actions by plaintiffs, OCR and other federal or state agencies, reporting known or suspected violations, business associate and other contracting, commenting or obtaining other clarification of guidance, training and enforcement, and a host of other related concerns. Her clients include public and private health care providers, health insurers, health plans, technology and other vendors, and others.

Her work includes both regulatory and public policy advocacy and thought leadership, as well as advising and representing a broad range of health industry and other clients about policy design, drafting, administration, business associate and other contracting, risk assessments, audits and other risk prevention and mitigation, investigation, reporting, mitigation and resolution of known or suspected violations or other incidents and responding to and defending investigations or other actions by plaintiffs, DOJ, OCR, FTC, state attorneys’ general and other federal or state agencies, other business partners, patients and others.

In addition to representing and advising these organizations, she also has conducted training on Privacy & The Pandemic for the Association of State & Territorial Health Plans, as well as HIPAA, FACTA, PCI, medical confidentiality, insurance confidentiality and other privacy and data security compliance and risk management for Los Angeles County Health Department, MGMA, ISSA, HIMMS, the ABA, SHRM, schools, medical societies, government and private health care and health plan organizations, their business associates, trade associations and others.

A former lead consultant to the Government of Bolivia on its Pension Privatization Project with extensive domestic and international public policy concerns in Pensions, healthcare, workforce, immigration, tax, education and other areas.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health plans, health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other “nonpar,” insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; an ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

Ms. Stamer also is a highly popular lecturer, symposium and chair, faculty member and author, who publishes and speaks extensively on health and managed care industry, human resources, employment and other privacy, data security and other technology, regulatory and operational risk management. Examples of her many highly regarded publications on these matters include “Protecting & Using Patient Data In Disease Management: Opportunities, Liabilities And Prescriptions,” “Privacy Invasions of Medical Care-An Emerging Perspective,” “Cybercrime and Identity Theft: Health Information Security: Beyond HIPAA,” as well as thousands of other publications, programs and workshops these and other concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, Insurance Thought Leadership and many other prominent publications and speaks and conducts training for a broad range of professional organizations.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

©2017 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ All other rights reserved. For information about republication or other use, please contact Ms. Stamer here.

Comments Off on $2.4M HIPAA Settlement Message Warns Health Plans & Providers Against Sharing Medical Info With Media, Others | ADA, board of directors, Brokers, Cafeteria Plans, Civil Monetary Penalties, Civil Rights, compliance, conflict of interest, Corporate Compliance, corporate governance, Cybercrime, Data Breach, Data Security, directors, Disability Discrimination, Electronic Medical Record, employee, Employee Benefits, Employer, Employers, Employment, EMR, ERISA, Fair Credit Reporting Act, fiduciary duty, GINA, HIPAA, HIPAA, Hiring, HR, Human Resources, Identity Theft, Insurance, insurers, Internal Controls, Internal Investigations, Internal Revenue Code, IRC, Leadership, LGBT, Management, Medicare Part D, Mental Health, Mental Health Parity, MEWA, Physician, Prescription Drugs, Privacy, Professional Liability, Protected Health Information, Provider, Risk Management, Technology, third party administrators, Uncategorized | Tagged: Health Care Provider, Health Plans, HIPAA, Medical Privacy, PHI, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

SHOP Marketplace Still Health Coverage Option For Small Employers; All Employers Should Confirm Health Plan Compliance

May 10, 2017

While Congress continues to debate the future of the Obamacare health reforms and its exchanges, the Department of Health & Human Services is reminding employers with less than 50 employees that wish to offer group health coverage for their employees to check out their coverage options offered the Small Business Health Options Program (SHOP) Marketplace established as part of the Patient Protection and Affordable Care Act (ACA). Before or when offering health coverage for employees or their dependents, employers and their management should confirm they fully understand and appropriately arrange for fulfillment of all applicable federal, contractual and other requirements to avoid unfortunate and often expensive liabilities.

The SHOP Marketplace is intended to offer an opportunity for for small employers who want to provide health and dental insurance to their employees. Use of the SHOP Marketplace to obtain coverage may be an option for an employer if it is a business or non-profit organization with 50 or fewer full-time equivalent employees (FTEs). An employer that qualifies to get group health coverage through the SHOP doesn’t have to wait for an annual enrollment period; it can start offering SHOP insurance to your employees any time of year by completing the enrollment process by the applicable deadline prior to the first day of the month that the employer wants to start offering coverage through the SHOP.

In addition to the option to buy coverage through the SHOP, employers with 25 or fewer employees also may be eligible to use the Small Employer Health Care Credit created by the ACA to help defray the costs of providing this coverage to their qualifying employees. For instance, Monday, May 15 is the sign up deadline for small employers and nonprofit employees interested in obtaining small group health plan coverage for their employees through the the SHOP Marketplace beginning on June 1. See HealthCare.gov/Small-Business to enroll your small business or non-profit employees or get more details.

While many excellent reasons may exist for a business to offer group health coverage for qualifying employees, all employers regardless of size considering offering group health coverage obtained through the SHOP or other sources should keep in mind that employers that establish and maintain group health coverage, the group health plans they establish and the company or persons with discretionary authority or responsibility for the maintenance, management or administration of these programs or their plans are required to comply with a variety of federal tax, labor and other rules.

Businesses and their owners or management leaders making these decisions should confirm that they fully understand these responsibilities and take appropriate steps to ensure their fulfillment before establishing or maintaining a group health plan to avoid exposing their business, its management or owners or others to unexpected and often substantial liabilities that can result from violation of these requirements. While small employers plans sometimes qualify for some relief from a few of these requirements, depending on their size, the majority of these federal rules apply to most if not all group health plans. Furthermore, businesses sponsoring these programs and their leaders involved in deciding whether and what health coverage to offer for employees and their dependents should not presume that their organization, the resulting plan or its fiduciaries will fulfill these requirements simply by purchasing coverage through the SHOP Marketplace, directly from an insurer, or with the assistance of a broker or consultant. Fulfillment of applicable requirements generally requires that sponsoring employers and individuals within the management responsible for or appointed to oversee the program to take other steps. The scope of responsibility and resulting liability to a sponsoring employer and members of its ownership or management also typically are impacted by the plan design and contracts used to establish and maintain the program, its funding, and various other factors. These factors generally include contractual language in insurance, consulting or brokerage, administrative services and other contracts presented by vendors for use in purchasing and maintaining the program that often shift responsibility for many duties an employer otherwise might assume would be born by the vendor. For these and other reasons, most businesses and their leadership will want to consider arranging for their proposed program and its associated contracts and arrangements to be reviewed by legal counsel experienced in group health plan and associated labor, tax and other laws and arrangements.

About The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for work, teachings and publications.

Well-known for her extensive work with health, insurance, financial services, technology, energy, manufacturing, retail, hospitality and governmental employers, her nearly 30 years’ of experience encompasses domestic and international businesses of all types and sizes.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service in the leadership of a broad range of other professional and civic organization including her involvement as the Vice Chair of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; a member and advisor to the National Physicians’ Council for Healthcare Policy; current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group; immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative and current RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association and others.

Ms. Stamer also is a highly popular lecturer, symposia chair and author, who publishes and speaks extensively on human resources, labor and employment, employee benefits, compensation, occupational safety and health, and other regulatory and operational risk management. Examples of her many highly regarded publications on these matters include the “Texas Payday Law” Chapter of Texas Employment Law, as well as thousands of other publications, programs and workshops these and other concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications.

Want to know more? See here for details about the author of this update, attorney Cynthia Marcotte Stamer, e-mail her here or telephone Ms. Stamer at (469) 767-8872.

About Solutions Law Press, Inc.™

Leave a Comment » | employee, Employer, Employers, Employment, HR, Human Resources, Labor Management Relations, Leadership, Managment, MSHA, NLRA, Uncategorized | Tagged: Labor Law, labor-management relations, NLRA, Trump Administration | Permalink
Posted by Cynthia Marcotte Stamer

Employers Review Health Plans Now To Avoid Excise Taxes & Other Current Law Plan Risks & Ready For Health Reform

April 25, 2017

While Congress and the Trump Administration continue to ponder and debate what if anything to do with the health care reforms of the Patient Protection and Affordable Care Act (ACA), employer and other health plan sponsors, health plan insurers, plan fiduciaries and others responsible for health plan design, administration or funding must take steps to verify their past and continuing compliance with the ACA and other federal mandates while laying the groundwork to respond quickly to any eventual reforms.

Regardless of what, if anything, the existing Congress or the Trump Administration does to repeal or reform the ACA or other federal health plan rules, all health plan sponsors, insurers, fiduciaries and administrators should act to mitigate their substantial and ever-growing health plan exposures by arranging for an independent compliance audit of their health plan terms, materials and operations for potential uncorrected past or current violations of the 40 federal mandates covered by the Form 8928 reporting and associated Internal Revenue Code excise tax liability exposure, as well as other applicable plan liabilities under the Employee Retirement Income Security Act (ERISA), the Social Security Act, the Internal Revenue Code and other federal laws within open statute of limitation periods.

The cost, complexity and riskiness of health plan sponsorship and administration has grown exponentially over the past two decades. Thanks to the ACA and the continuous stream of other federal laws and regulations implemented over the past 20 years, sponsoring employers, as well as their health plans and those responsible as fiduciaries for administering, funding and insuring these programs now face huge costs, responsibilities and liabilities. While the ACA substantially expanded the federal health plan mandates and liabilities, the ACA is not the lone cause and its amendment or repeal alone won’t fully resolve these risks prospectively or retrospectively insulate sponsoring employers, their plans or their fiduciaries and insurers from the liabilities and costs of compliance issues occurring before Congress repeals or amends the ACA.

Of particular note for employer and other sponsors of group health plans are the self-reporting and excise tax self-assessment and payment requirements for employers coupled with the companion responsibilities and liabilities fiduciaries, plan administrators and others face under these federal mandates make it important that employers and others sponsoring group health plans and their management or other leaders overseeing or participating in plan design or vendor selection, plan administration or other plan related activities get advice and help from qualified legal counsel experienced in health plan matters:

To conduct an independent compliance review and risk assessment of their health plans,
To recommend and assist in the performance of recommended steps to correct or mitigate risks from any potential past or existing violations or other exposures that have arisen or are likely to arise from existing contractual, plan design or other health plan actions;
To explore the potential advisability of taking additional steps to prevent or mitigate health plan associated compliance or other risks going forward whether or not health reform happens; and
To begin preparing to take advantage of any impending health care reforms by evaluating the requirements and procedures that existing plan terms, contracts, vendors and arrangements are likely to require to implement changes necessary to respond to any reforms as quickly and efficiently as possible.

Spring Clean Your Health Plan House

Since any reforms eventually enacted are unlikely to retroactively eliminate liability of employers, their health plans or fiduciaries for violations of federal health plan mandates, health plan terms, or associated contracts occurring before the effective date of reform, employer and other health plan sponsors, fiduciaries, insurers and administrators should begin by identifying, cleaning up any existing, unresolved, and preventing any new health plan compliance problems.

While overall compliance with applicable federal mandates and health terms generally should be the goal, employers or others sponsoring group health plans need to be particularly concerned with their responsibilities and potential liability under the Internal Revenue Code to self-identify, report and pay stiff excise tax penalties of $100 per day per violation of any of 40 federal health plan mandates imposed by the ACA and various other federal laws when the sponsor files its annual tax return.

This employer or other plan sponsor excise tax liability generally arises in addition to the liabilities that plans, their fiduciaries and their insures face for failing to administer and pay benefits under the plans in accordance with the listed 40 federal mandates, whether actually written into or imputed by operation of law into the plan, the costs of which sponsoring employers often will bear responsibility for funding in whole or in part pursuant to their contractual liabilities under the health plan contracts, as plan fiduciaries or both. See, Businesses Must Confirm & Clean Up Health Plan ACA & Other Compliance Following Supreme Court’s King v. Burwell　Decision;　 More Work For Employers, Benefit Plans Following SCOTUS Same-Sex Marriage　Ruling; 2016 & 2017 Health Plan Budgets, Workplans Should Anticipate Expected Changes To　SBCs.

Sponsors and plan fiduciaries also need to be concerned about other risks beyond sponsoring employers’ excise tax liability exposures for sponsoring a non-compliant group health plan. Among other things, group health plans and their fiduciaries can face audits, litigation and enforcement actions by the Centers for Medicare & Medicaid Services and other health plans for improperly coordinating plan claims with other coverage as well as lawsuits from covered persons, their health care providers or other beneficiaries, the Department of Labor and CMS, or others seeking to enforce rights to benefits, penalties in the case of CMS or the Department of Labor, and attorneys’ fees and other costs of enforcement. Beyond benefit litigation, the employer or representatives of the sponsoring employer, if any, named or acting as fiduciaries, insurer or third-party service providers named or acting as fiduciaries, also could face fiduciary lawsuits seeking damages, equitable relief, and attorneys’ fees and costs of court, for failing to prudently administer the plan in accordance with its terms and the law brought by covered persons or their beneficiaries or the DOL as well as fiduciary breach penalties if the fiduciary breach action is brought by the DOL. If the plan fails to comply with claims and appeals procedures or other ERISA notification requirements, parties named or functioning as the plan administrator for this purpose also could face penalties of up to $125 per violation per day in the case of enforcement actions brought by participants and beneficiaries or $1025 per violation per day in the case of actions brought by the DOL, plus attorneys’ fees and other costs of enforcement. Unless the employer previously took steps to draft its health plan documents and negotiate its vendor contracts to provide otherwise, most vendor provided plans typically assign these liabilities to the sponsoring employer or a member of its management by naming that employer or the management person the “plan administrator” and/or “named fiduciary” responsible for those activities and liabilities, requiring the plan sponsor to indemnify the vendor for costs and liabilities arising from the performance of actions under the plan even when those actions don’t comply with ERISA fiduciary or other legal standards applicable to the performance of those duties under the plan, or both, and other contractual or plan provisions that shift liabilities and costs to the plan sponsor.

To mitigate their exposure to these liabilities and costs, employer or other health plan sponsors should consider arranging for an independent legal compliance and risk assessment of their health plan, its terms, materials and operations to help mitigate the sponsoring employer’s exposure to self-identify, self-report on IRS Form 2848 and pay the $100 per day per violation excise tax liability now generally required under the Internal Revenue Code for any such violation.

Beyond mitigating a plan sponsor’s Form 8928 reporting and associated excise tax exposures, an independent compliance audit also can mitigate other risks and exposures for the sponsoring employer, the plan and its fiduciaries, the cost of which the sponsoring employer often bears financial responsibility for funding pursuant to the contractual indemnification and funding obligations entered into in connection with the establishment and maintenance of the plan, the fiduciary role, if any, of the employer with respect to the plan, or both. Accordingly, a timely and appropriate review is likely to help mitigate other risks and liabilities such as:

Fiduciary liability that can arising from failing to administer the plan in accordance with these and other federal health plan mandates under ERISA;
Unanticipated benefit costs and liabilities, which for self-insured plans are likely to be particularly burdensome if compliance issues are not identified and corrected before applicable deadlines to pay and submit claims to the stop-loss or other insurer expire (usually at or shortly after the close of a plan year or if earlier, contract termination);
Benefit costs and penalties for wrongful coordination of benefits with Medicare, Medicaid, DOD and certain other plans or coverage in violation of Secondary Payer and other mandates; and
Costs of defending and settling audits, litigation and other government or participant enforcement actions.

Since prompt self-audit and correction can help mitigate all of these liabilities, business leaders of employers sponsoring health plans should act promptly to engage experienced legal counsel experienced with health plan laws and operations to advise the plan sponsor about how to audit their group health plan’s plan documents, materials and operations for compliance with these and other federal health plan rules within the scope of attorney-client privilege while managing tax, financial, benefit and fiduciary liability exposures to deal with potential compliance concerns that the review might discover as well as mitigate risks that could result if the audit is improperly structured or conducted.

Prepare To Respond To Potential Health Reform & Other Health Plan Improvement

Beyond identifying and addressing existing compliance concerns and other risks associated with prior or existing plan design or administration, most employer and other sponsors also will want to review the health plan document and materials and associated insurance, third-party administration and other health plan vendor contracts pursuant to which the health plan is established, maintained and administered to identify requirements and opportunities to respond quickly to make changes when and if health care reform happens as well as for other opportunities to mitigate existing risks and costs.

As most commentators expect some type of regulatory or statutory health plan relief to result from the current health care reform debates in Congress, employer and other health plan sponsors desiring to accelerate their ability to take advantage of any forthcoming relief should familiarize themselves with the procedures required under existing plan terms, contracts and rules to modify their programs in response to these changes. Almost certainly, plan sponsors should anticipate needing to adopt some amendments to plan documents, summary plan descriptions and other materials to take advantage of any legislative or statutory relief. Plan sponsors also need to keep in mind that their vendor contracts with administrators, group, stop-loss or captive insurers, and other vendors likely also will require the plan sponsor to notify and negotiate with its vendors to secure their agreement before adopting these changes to avoid violating those vendor agreements and prudently to arrange for appropriate implementation and administration of the modified plan design and terms. Identification of the contractual and plan requirements and commencement of discussions with the relevant vendors can help expedite the planning and implementation of any desired plan modifications the plan sponsor elects to make in response to any statutory or regulatory reforms.

While preparing for anticipated health care reforms, most plan sponsors also will want to review their plans and vendor contracts for other potential opportunities to mitigate risks or expenses. With respect to existing and future liability mitigation, each plan sponsor generally should carefully assess the allocation of fiduciary responsibility and liability between the sponsoring employer, members of its management or other workforce team, and vendors to identify potential areas where the contract may assign named or other plan administrator or other fiduciary status and liability to the plan sponsor or a member of its workforce for duties outsourced to a vendor. Sponsoring employers or their management may want to initiate negotiations with the vendor to reallocate the fiduciary role and responsibility to the party responsible for performance of the specific duties, enhancement of performance guarantees, indemnifications and insurance coverage for proper performance of the outsourced duties by the vendor in accordance with the plan terms, including any mandates imposed by the ACA and other federal laws in form and operation, and other safeguards or, if the vendor is unwilling to consider these changes, begin searching for a replacement vendor willing to provide better accountability for its actions with respect to the services it is hired to perform.

Except in rare circumstances where the sponsoring employer has carefully contracted to transfer fiduciary liability to its insurer or administrator and otherwise does not exercise or have a fiduciary obligation to exercise discretion or control over these responsibilities, employers sponsoring group health plans that violate federal mandates like the out-of-pocket limit often ultimately bear some or all of these liabilities even if the violation actually was committed by a plan vendor hired to administer the program either because the plan documents name the employer as the “named fiduciary” or “plan administrator” under ERISA, the employer or a member of its management named in the plan generally bears fiduciary responsibility functionally for selection or oversight of the culpable party, the employer signed a contract, resolution or plan document obligating the employer to indemnify the service provider for the liability, or a combination of these reasons.

Since prompt self-audit and correction can help mitigate all of these liabilities as well as help to preserve access to stop-loss or other reinsurance coverage, if any, applicable to help pay for some or all of any additional benefit liabilities resulting from these benefit mandates, business leaders of companies offering group health plan coverage should act quickly to engage experienced legal counsel for their companies for advice about how to audit their group health plan’s compliance with these and other federal health plan rules within the scope of attorney-client privilege while managing tax, financial, benefit and fiduciary liability exposures to deal with potential compliance concerns that the review might discover as well as mitigate risks that could result if the audit is improperly structured or conducted.

While businesses inevitably will need to involve or coordinate with their accounting, broker, and other vendors involved with the plans, businesses generally will want to get legal advice in a manner that preserves their potential to claim attorney-client privilege to protect against discovery in the event of future enforcement or litigation actions sensitive discussions and analysis　about compliance audits, plan design choices, and other risk management and liability planning as well as to get help identifying potential plan design, contracting, procedural or other changes that may be needed to fix compliance deficiencies and mitigate other risks, particularly in light of complexity of the exposures and risks.

About The Author

Throughout her adult life and nearly 30-year legal career, Ms. Stamer’s legal, management and governmental affairs work has focused on helping health and othre employee benefit, financial services, health care and other organizations and their management use the law, performance and risk management tools and process to manage people, performance, quality, compliance, operations and risk.

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer supports these organizations and their leaders on both a real-time, “on demand” basis as well as outsourced operations or special counsel on an interim, special project, or ongoing basis with strategic planning and product and services development and innovation; workforce and operations management, crisis preparedness and response as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

Throughout her career, she has helped a diverse array of clients manage, administer and defend employee and other workforce, vendors and suppliers, their recruitment, selection, performance management, contracting, investigation, discipline and termination; health and other employee benefits; compensation; safety; governance; compliance and internal controls; strategic planning, process and quality improvement; change management; trade secret and other privacy, data security and data breach;; crisis preparedness and response; internal, government and third-party reporting relations, audits, investigations and enforcement; government affairs and public policy; and other compliance and risk management, government and regulatory affairs and operations concerns.

The American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has worked extensively throughout her career with employers, health and other employee benefit plans, insurers, managed care organizations, health care clearinghouses, health care providers, their business associates, employers, banks and other financial institutions, management services organizations, professional and trade associations, accreditation agencies, auditors, technology and other vendors and service providers, and others on benefit and insurance program legal and operational compliance, risk management, public policies and regulatory affairs, contracting, payer-provider, provider-provider, vendor, patient, governmental and community relations and matters including extensive involvement advising, representing and defending plan sponsors, fiduciaries, service providers, managed care organizations, insurers, self-insured health plans and other payers. Her experience includes both leading edge work designing and administering programs, as well as defending clients in connection with audits and enforcement actions by OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC, OSHA, Department of Insurance, Department of Justice and state attorneys’ general and other federal and state agencies; accreditation and quality organizations; private litigation and other federal and state health care industry investigation, enforcement including insurance or other liability management and allocation; process and product development, contracting, deployment and defense; evaluation, commenting or seeking modification of regulatory guidance, and other regulatory and public policy advocacy; training and discipline; enforcement, and a host of other related concerns for public and private health care providers, health insurers, health plans, technology and other vendors, employers, and others.and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

Heavily involved in health care and health information technology, data and related process and systems development, policy and operations innovation and a Scribe for ABA JCEB annual agency meeting with OCR for many years who has authored numerous highly-regarded works and training programs on HIPAA and other data security, privacy and use, Ms. Stamer also is widely recognized for her extensive work and leadership on leading edge health care and benefit policy and operational issues including meaningful use and EMR, billing and reimbursement, quality measurement and reimbursement, HIPAA, FACTA, PCI, trade secret, physician and other medical confidentiality and privacy, federal and state data security and data breach and other information privacy and data security rules and many other concerns. Her work includes both regulatory and public policy advocacy and thought leadership, as well as advising and representing a broad range of health industry and other clients about policy design, drafting, administration, business associate and other contracting, risk assessments, audits and other risk prevention and mitigation, investigation, reporting, mitigation and resolution of known or suspected violations or other incidents and responding to and defending investigations or other actions by plaintiffs, DOJ, OCR, FTC, state attorneys’ general and other federal or state agencies, other business partners, patients and others.

A lead policy advisor to the Government of Bolivia on its pension privitization project and involved in U.S. federal and state as well as cross border workforce, pension, health care, Social Security, immigration, and tax regulatory and statutory reform throughout her adult life, Ms. Stamer also is widely sought out for her thoughtleadership and assistance with domestic and international public policy concerns in Pensions, healthcare, workforce, immigration, tax, education and other areas.

Ms. Stamer also is a highly popular lecturer, symposium and chair, faculty member and author, who publishes and speaks extensively on health and managed care industry, human resources, employment and other privacy, data security and other technology, regulatory and operational risk management for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, Insurance Thought Leadership and many other prominent publications and speaks and conducts training for a broad range of professional organizations.

For more information about Ms. Stamer or her experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | 4980D, 4980H, 6039D, ACA, board of directors, Brokers, Cafeteria Plans, church plan, Civil Monetary Penalties, Civil Rights, Claims Administration, compliance, Corporate Compliance, corporate governance, directors, employee, Employee Benefits, Employer, Employment, ERISA, Fair Labor Standards Act, fiduciary duty, Fiduciary Responsibility, health benefit, Health Benefits, health Care, health insurance, health insurance marketplace, health plan, health reform, HR, Human Resources, Insurance, insurers, Internal Controls, IRC, Management, Mental Health, Mental Health Parity, Obamacare, Patient Empowerment, Patient Protection & Affordable Care Act, Premium Subsidies, preventive care, Reporting & Disclosure, SBC, Uncategorized, Wellness Programs | Tagged: Americas Health Care Act, Employee Benefits, Employer, Health Benefits, Health Care Reform, Health Plans, Obamacare, Trump Care | Permalink
Posted by Cynthia Marcotte Stamer

Latest HIPAA Resolution Agreement Drives Home Importance Of Maintaining Current, Signed Business Associate Agreements

April 24, 2017

Health plans, their fiduciaries and sponsors, health insurers, health care providers, health care clearinghouses (“covered entities”) and their business associates must get and keep your business associate (BA) agreements (BAAs) in place, up-to-date, and readily available for inspection in accordance with the Health Insurance Portability & Accountability Act (HIPAA) Privacy Rule, 45 C.F.R. Part 160 and Subparts A and E of Part 164 (Privacy Rule). That’s the clear message to covered entities and their business associates in the April 17, 2017 HIPAA Resolution Agreement just announced by the Department of Health & Human Services (HHS) Office of Civil Rights (OCR) with the Center for Children’s Digestive Health (CCDH).

While the Resolution Agreement relates to breaches of the BAA requirements of a small pediatric practice, all health plans, health care providers and other covered entities and business associates should focus on the adequacy of their BAAs and their BAA record keeping. HIPAA compliance surveys reflect deficiencies with the BAA rules are common throughout the industry. These findings and the involvement of BAs in data breaches or other OCR enforcement activities suggest a high probability that many other covered entities and business associates may be sitting ducks for similar sanctions. See e.g., HIPAA Compliance Survey Churns Up Many Business Associate Problems (January 3, 2017). Consequently, all covered entities and business associates generally should treat the CCDH Resolution Agreement as a message to review and correct as necessary their organizations’ compliance and recordkeeping to minimize their exposure to potential sanctions from violations of the HIPAA business associate rules.

The HIPAA Business Associate Agreement Requirements

OCR’s announcement of the CCDH Resolution Agreement is the latest in a growing series of HIPAA enforcement actions showing the growing risk covered entities and their business associates face for failing to take appropriate steps to comply with the BAA and other Privacy Rule requirements of HIPAA.

As compliance audits and surveys of covered entities and business associates suggest a high level of noncompliance with the business associate agreement requirements among covered entities and business associates, While the ever-growing list of Resolution Agreements and Civil Monetary Penalties announced by OCR cover a variety of categories of HIPAA violations, the CCDH Resolution Agreement highlights the importance of covered entities and their business associates ensuring that before the BA creates, accesses, receives, discloses, retains or destroys any PHI for the covered entity, a BAA meeting the Privacy Rule requirements is signed and retained for at least the six-year period the Privacy Rule requires in a manner easily producible when and if OCR or another agency asks for a copy as part of an investigation or other compliance audit. See Privacy Rule §§ 164.502(e), 164.504(e), 164.532(d) and (e).

The Privacy Rule requires that covered entities and business associates enter into a written and signed business associate agreement that contains the elements specified in Privacy Rule § 164.504(e) before the business associate creates, uses, accesses or discloses PHI of the covered entity. Meanwhile, the Privacy Rule recordkeeping requirements require that covered entities and BAs maintain copies of these BAAs for a minimum of six years.

Violations of the Privacy Rule can carry stiff civil or even criminal penalties Pursuant to amendments to HIPAA enacted as part of the HITECH Act, civil penalties typically do not apply to violations punished under the criminal penalty rules of HIPAA set forth in Social Security Act , 42 U.S.C § 1320d-6 (Section 1177).

Under Section 1177, the criminal enforcement provisions of HIPAA authorize the Justice Department to prosecute a person who knowingly in violation of the Privacy Rule (1) uses or causes to be used a unique health identifier; (2) obtains individually identifiable health information relating to an individual; or (3) discloses individually identifiable health information to another person, punishable by the following criminal sanctions and penalties:

A fine of up to $50,000, imprisoned not more than 1 year, or both;
If the offense is committed under false pretenses, a fine of up to $100,000, imprisonment of not more than 5 years, or both; and
If the offense is committed with intent to sell, transfer, or use individually identifiable health information for commercial advantage, personal gain, or malicious harm, a fine of up to $250,000, imprisoned not more than 10 years, or both.

In contrast, as amended by the HITECH Act, the civil enforcement provisions of HIPAA empower OCR to impose Civil Monetary Penalties on both covered entities and BAs for violations of any of the requirements of the Privacy or Security Rules. The penalty ranges for civil violations depends upon the circumstances associated with the violations and are subject to upward adjustment for inflation. As most recently adjusted here effective September 6, 2016, the following currently are the progressively increasing Civil Monetary Penalty tiers:

A minimum penalty of $100 and a maximum penalty of $50,000 per violation, for violations which the CE or BA “did not know, and by exercising reasonable diligence would not have known” about using “the business care and prudence expected from a person seeking to satisfy a legal requirement under similar circumstances;”
A minimum penalty of $1,000 and a maximum penalty of $50,000 per violation, for violations for “reasonable cause” which do not rise to the level of “willful neglect” where “reasonable cause” means the “circumstances that would make it unreasonable for the covered entity, despite the exercise of ordinary business care and prudence, to comply with the violated Privacy Rule requirement;”
A minimum penalty of $10,000 and a maximum penalty of $50,000 per violation, for violations attributed to “willful neglect,” defined as “the conscious, intentional failure or reckless indifference to the obligation to comply” with the requirement or prohibition; and
A minimum penalty of $50,000 and a maximum penalty of $1.5 million per violation, for violations attributed to “willful neglect” not remedied within 30 days of the date that the covered entity or BA knew or should have known of the violation.

For continuing violations such as failing to implement a required BAA, OCR can treat each day of noncompliance as a separate violation. However, sanctions under each of these tiers generally are subject to a maximum penalty of $1,500,000 for violations of identical requirements or prohibitions during a calendar year. For violations such as the failure to implement and maintain a required BAA where more than one covered entity bears responsibility for the violation, OCR an impose Civil Monetary Penalties against each culpable party. OCR considers a variety of mitigating and aggravating facts and circumstances when arriving at the amount of the penalty within each of these applicable tiers to impose.

While criminal enforcement of HIPAA remains relatively rare, a review of the OCR enforcement record in recent years makes clear that civil enforcement of HIPAA and the sanctions imposed is growing. See e.g., $400K HIPAA Settlement Shows Need To Conduct Timely & Appropriate Risk Assessments; $5.5M Memorial HIPAA Resolution Agreement Shows Need To Audit. For more examples, also see here.

CCDH Sanctions For Violation Of HIPAA Business Associate Agreement Rules

The CCDH Resolution Agreement arises from violations of this requirement that OCR says it discovered as a result of a compliance review conducted in response to an OCR investigation of a CCDH business associate, FileFax, Inc. According to OCR, OCR found from the compliance review of CCDH triggered by OCR’s investigation of FileFax that while CCDH began disclosing PHI to Filefax in 2003 and that Filefax stored records containing protected health information (PHI) for CCDH, neither CCDH nor Filefax could produce a signed Business Associate Agreement (BAA) covering their relationship for any period before October 12, 2015.

Based on the resulting investigation, OCR concluded:

CCDH failed to obtain a BAA providing written assurances from Filefax that it would appropriately safeguard the PHI in Filefax’s possession or control satisfactory assurances as required by Privacy Rule §164.502(e); and
Because CCDH failed to secure the required BAA, it violated the Privacy Rule by impermissibly disclosing the PHI of at least 10,728 individuals to Filefax when CCDH transferred the PHI to Filefax without obtaining the requisite BAA from Filefax (Covered Conduct).

In the Resolution Agreement, CCDH agrees to pay HHS $31,000.00 (Resolution Amount) and enter into and comply with a Corrective Action Plan (CAP) in return for OCR’s release of CCDH from liability for “any actions it may have against CCDH under the HIPAA Rules” for the Covered Conduct. The Resolution Agreement only settles the civil monetary penalty and other OCR enforcement liabilities of CCDH with respect to the Covered Conduct. Its provisions expressly state the Resolution Agreement does not affect any exposures of CCDH to CCDH to OCR civil monetary penalties or other enforcement for any HIPAA violations other than the Covered Conduct.

Perhaps even more noteworthy given the HITECH Act’s provisions coordinating the civil and criminal sanctions of HIPAA, while the Resolution Agreement provides no clear indication that the Justice Department might be considering criminally prosecuting CCDH or any other party in relation to the Covered Conduct, the Resolution Agreement also expressly states that its provisions do not affect CCDH’s potential exposure, if any, to criminal prosecution by the Justice Department for a criminal violation of the Privacy Rules under Section 1177 of the Social Security Act.

Implications For Covered Entities & Business Associates

Covered entities and their business associates should heed the CCDH Resolution Agreement as a strong message from OCR to ensure their organizations are complying with HIPAA’s BAA and other requirements. The Resolution Agreement makes clear that the starting point of this compliance effort must be obtaining and maintaining the requisite BAAs for each BA relationship.

To position their organizations to withstand potential investigation by OCR, covered entities and BAs should start by conducting a well-documented audit within the scope of attorney-client privilege both to verify that an appropriate, signed BAA is in place for each BA relationship as well as adequacy of processes for identifying business associate relationships, ensuring that signed BAAs are in effect before BAs access any PHI, and for investigating, reporting and resolving any breaches of the HIPAA Privacy or Security Rules that may arise in the course of operations.

Conducting this audit as soon as possible is particularly important in light of reported findings of widespread compliance concerns. See HIPAA Compliance Survey Churns Up Many Business Associate Problems (January 3, 2017). As the audit process could identify potential violations or other legally sensitive concerns, covered entities and business associates generally will want to arrange for this audit and evaluation to be conducted under the supervision of legal counsel experienced with HIPAA within or pursuant to processes structured with the assistance of legal counsel within the scope of attorney-client privilege.

Beyond confirming all necessary BAAs are in place, covered entities and business associates also generally will want to evaluate the adequacy of BAs’ processes and procedures for maintaining compliance with the Privacy and Security Rules as well as processes and procedures for responding to audits, investigations and complaints, reporting and addressing breaches of electronic and other PHI and other possible compliance concerns under HIPAA and other related laws. In many instances, parties may n wish to revise and strengthen existing BAAs to more specifically define these policies and procedures more specifically as well as indemnification, cyber or other liability coverage requirements and other contractual provisions for allocating potential costs and liabilities arising from breaches, audits, investigations and other expenses associated with the administration of these provisions.

About The Author

In the course of this work, Ms. Stamer has accumulated extensive experience helping health industry clients manage workforce, medical staff, vendors and suppliers, medical billing, reimbursement, claims and other provider-payer relations, business partners, and their recruitment, performance, discipline, compliance, safety, compensation, benefits, and training, board, medical staff and other governance; compliance and internal controls; strategic planning, process and quality improvement; change management; assess, deter, investigate and address staffing, quality, compliance and other performance; meaningful use, EMR, HIPAA and other data security and breach and other health IT and data; crisis preparedness and response; internal, government and third-party reporting, audits, investigations and enforcement; government affairs and public policy; and other compliance and risk management, government and regulatory affairs and operations concerns.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also has extensive health care reimbursement and insurance experience advising and defending health care providers, payers, and others about Medicare, Medicaid, Medicare and Medicaid Advantage, Tri-Care, self-insured group, association, individual and group and other health benefit programs and coverages including but not limited to advising public and private payers about coverage and program design and documentation, advising and defending providers, payers and systems and billing services entities about systems and process design, audits, and other processes; provider credentialing, and contracting; providers and payer billing, reimbursement, claims audits, denials and appeals, coverage coordination, reporting, direct contracting, False Claims Act, Medicare & Medicaid, ERISA, state Prompt Pay, out-of-network and other nonpar, insured, and other health care claims, prepayment, post-payment and other coverage, claims denials, appeals, billing and fraud investigations and actions and other reimbursement and payment related investigation, enforcement, litigation and actions.

In connection with this work, Ms. Stamer has worked extensively with health care providers, health plans, health care clearinghouses, their business associates, employers and other plan sponsors, banks and other financial institutions, and others on risk management and compliance with HIPAA, FACTA, trade secret and other information privacy and data security rules, including the establishment, documentation, implementation, audit and enforcement of policies, procedures, systems and safeguards, investigating and responding to known or suspected breaches, defending investigations or other actions by plaintiffs, OCR and other federal or state agencies, reporting known or suspected violations, business associate and other contracting, commenting or obtaining other clarification of guidance, training and and enforcement, and a host of other related concerns. Her clients include public and private health care providers, health insurers, health plans, technology and other vendors, and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Leave a Comment » | ARRA, Attorney-Client Privilege, Cafeteria Plans, church plan, Civil Monetary Penalties, Civil Rights, Claims, Consumer Protection, Corporate Compliance, corporate governance, Cybercrime, Data Breach, Data Security, employee, Employee Benefits, Employer, Employers, Employment, HIPAA, HR, Human Resources, Identity Theft, Insurance, insurers, Internal Controls, Internal Investigations, Patient Empowerment, Physician, Plan Admistrator, Privacy, Professional Liability, Protected Health Information, Provider, Risk Management, Uncategorized | Tagged: Business Associate, Health Care, Health Insurer, Health Plans, HIPAA, HIPAA OCR, HIPAA Privacy, HITECH, Insurer, Technology, tpa | Permalink
Posted by Cynthia Marcotte Stamer

Consider Access In Prudent Investment Broker Selection

April 19, 2017

https://videopress.com/embed/3futNZyv?hd=0&autoPlay=0&permalink=0&loop=0
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating or updating your profile here.©2017. Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc. All other rights reserved.

Leave a Comment » | Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Health Reform: Tell Congress Until It Listens

April 19, 2017

https://videopress.com/embed/MqUiaSs1?hd=0&autoPlay=0&permalink=0&loop=0

Leave a Comment » | Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

YOU ARE FOLLOWING THIS BLOG

You are following this blog, along with 737 other amazing people (manage).
PAGES
RECENT POSTS
ARCHIVES
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- March 2016
- February 2016
- January 2016
- December 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- May 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- January 2014
- December 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
SHARE THIS BLOG
May 2017

S M T W T F S

« Apr

1 2 3 4 5 6

7 8 9 10 11 12 13

14 15 16 17 18 19 20

21 22 23 24 25 26 27

28 29 30 31
BLOGROLL
SOLUTIONS LAW
- Cynthia Stamer.com
- stamerchadwickstamer.com
SOLUTIONS LAW PRESS HR & BENEFITS UPDATE

May 2017
S	M	T	W	T	F	S
« Apr
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30	31

Comments Off on SHOP Marketplace Still Health Coverage Option For Small Employers; All Employers Should Confirm Health Plan Compliance | 105(h), 4980D, 4980H, 6039D, ACA, Affordable Care Act, Bankruptcy, board of directors, Brokers, Cafeteria Plans, Claims, Claims Administration, COBRA, compensation, compliance, conflict of interest, Contraception, Corporate Compliance, corporate governance, EBSA, employee, Employee Benefits, Employer, Employers, Employment, Employment Tax, ERISA, Excise Tax, Excise Taxes, Exempt, Fiduciary Responsibility, Form 5500, health benefit, Health Benefits, health Care, health insurance, health insurance marketplace, health plan, Health Plans, health reform, HIPAA, HIPAA, HR, Human Resources, Uncategorized | Tagged: ACA, Employer, Health Benefits, Health Insurance, Health Plan, Obamacare, shop marketplace | Permalink
Posted by Cynthia Marcotte Stamer

Tell Congress Pass AHCA Today

May 4, 2017

The US House of Representatives is scheduled to vote again tonight on the revised Majority-leadership lead first step healthcare reform legislation seeking to provide Americans and American business with some initial relief from the soaring premium and health care costs, care access barriers and regulatory and other burdens that have resulted under the ObamaCare law and regulations. Every American should call, e-mail or fax the leaders and their Congressperson as soon as possible today and tell them to pass this legislation and get busy passing the next set of reforms with no further delay, the get and stay II formed and involved until it gets it done starting with the House hearing and vote slated tonight starting at 8:30 Eastern. Get details here.

Health care and its reform is a complex challenge. Americans and American businesses, health payers, and States and their healthcare needs are highly diverse. The ambitious but far from successful Obamacare law shows the dangers of well-meaning but unrealistic To try to fix these challenges with a sweeping, one shot fix.

While passage of this legislative package won’t magically fix these challenges, it will provide quick relief for some of the ObamaCare expense and restrictions and expand the choices that Americans, American business, payers, providers and States while Congress works with American to identify and pursue legislative, regulatory, marketplace and other improvements.

Let’s get things going in the right direction!

Comments Off on Tell Congress Pass AHCA Today | 4980D, 4980H, 6039D, ACA, Affordable Care Act, board of directors, Cafeteria Plans, Claims Administration, Consumer Protection, Contraception, Corporate Compliance, directors, EBSA, employee, Employee Benefits, Employer, Employers, Employment, Employment Tax, ERISA, Excepted Benefits, exchange, Excise Tax, Excise Taxes, Fair Labor Standards Act, fiduciary duty, Fiduciary Responsibility, health benefit, Health Benefits, health Care, health insurance, health insurance marketplace, health plan, Health Plans, health reform, HR, Human Resources, Insurance, insurers, Internal Revenue Code, IRC, King V. Burwell, Leadership, Management, Managment, MEWA, Non-Exempt, Obamacare, Overtime, Patient Empowerment, Patient Protection & Affordable Care Act, Patient Protection and Affordabel Care Act, Patient Protection and Affordable Care Act, Pay, Payroll Tax, Physician, Plan Admistrator, Premium Subsidies, preventive care, Provider, Public Policy, Reporting & Disclosure, SBC, Tax, Wellness, Wellness Programs, Worker Classification, Workforce | Tagged: Affordable Care Act, American Health Care Act, Health Plans, health reform, HSA | Permalink
Posted by Cynthia Marcotte Stamer

About the Author

About Solutions Law Press, Inc.™

About Solutions Law Press, Inc.™

About Solutions Law Press, Inc.™

About the Author

About Solutions Law Press, Inc.™

About the Author

Continuing Fallout of 2015 Data Breach Provides Many Lessons For Other Businesses & Their Health Plans

“2017 Federal Group Health Plan Mental Health Rules Update”

YOU ARE FOLLOWING THIS BLOG

PAGES

RECENT POSTS

ARCHIVES

SHARE THIS BLOG

BLOGROLL

SOLUTIONS LAW

SOLUTIONS LAW PRESS HR & BENEFITS UPDATE

Email Subscription

Pages

Recent Posts

Archives

Share this blog

Solutions Law Press HR & Benefits Update