The Department of Justice is suing three of the nation’s largest health insurance companies — Aetna Inc. and affiliates, Elevance Health Inc. (formerly known as “Anthem”), and Humana Inc., CVS Health Corporation, and three large insurance broker organizations — eHealth, Inc. and an affiliate, GoHealth, Inc., and SelectQuote Inc. for violating the False Claims Act (“FCA”) and Antikickback Statute. In the second complaint of its kind in recent months, the Justice Department complaint in ex rel. Shea v. eHealth, et al., No. 21-cv-11777 (D. Mass. May 5, 2025) accuses the defendants of paying or receiving kickbacks to steer Medicare Advantage enrollees to the defendant insurers.
Under the Medicare Advantage (“MA”) Program, also known as Medicare Part C, Medicare beneficiaries may choose to enroll in health care plans (MA plans) offered by private insurance companies, like defendants Aetna, Anthem, and Humana. Many Medicare beneficiaries rely on insurance brokers to help them choose an MA plan that best meets their individual needs.
Under the FCA, private parties can file an action on behalf of the United States and receive a portion of the recovery. The FCA permits the United States to intervene in and take over the action, as it has done here. If a defendant is found liable for violating the FCA, the United States may recover three times the amount of its losses plus applicable penalties
In a lawsuit originally filed by a former eHealth employee as a qui tam whistleblower complaint, the Justice Department charges that the defendant insurers paid hundreds of millions of dollars in illegal kickbacks to the defendant brokers in exchange for enrollments into the insurers’ Medicare Advantage plans from 2016 through at least 2021. Rather than acting as unbiased stewards, the Justice Department charges that the defendant brokers allegedly directed Medicare beneficiaries to the plans offered by insurers that paid brokers the most in kickbacks, regardless of the suitability of the MA plans for the beneficiaries.
According to the complaint, the broker organizations incentivized their employees and agents to sell plans based on the insurers’ kickbacks, set up teams of insurance agents who could sell only those plans, and at times refused to sell MA plans of insurers who did not pay sufficient kickbacks.
The Justice Department also alleges that Aetna and Humana each conspired with the broker defendants to discriminate against Medicare beneficiaries with disabilities whom they perceived to be less profitable. Aetna and Humana allegedly did so by threatening to withhold kickbacks to pressure brokers to enroll fewer disabled Medicare beneficiaries in their plans.
The Justice Department further alleges that, in response to these financial incentives from Aetna and Humana, the defendant brokers or their agents rejected referrals of disabled beneficiaries and strategically directed disabled beneficiaries away from Aetna and Humana plans.
Commonwealth Care Alliance Prior Kickback Settlement
The eHealth suit against the defendants is not first of its kind. In January, 2025, the Justice Department announced that MA Program insurer Commonwealth Care Alliance, Inc. (“CCA”) agreed to pay $520,355.65 to resolve allegations that Reliance HMO, Inc. (“Reliance”), a company CCA acquired in 2022, violated the FCA by providing cash payments to induce the referral of Medicare beneficiaries to enroll in Reliance’s Medicare Advantage Plan in violation of the Anti-Kickback Statute after CCA voluntarily self-disclosed the conduct to the U.S. Attorney’s Office.
In April 2019, CMS authorized Reliance to operate a MA plan for Medicare beneficiaries in Michigan, with beneficiaries receiving coverage starting in January 2020. On March 31, 2022, CCA announced the completion of its acquisition of a 70% stake in Reliance. After the acquisition, CCA identified concerns regarding certain marketing-related outreach and payments that Reliance agents had made to personnel at physician practices. In particular, CCA disclosed two schemes.
First, from April 12, 2019, through December 22, 2020, Reliance provided cash payments to healthcare professionals and administrative staff in physician practices, in exchange for providing Reliance with the contact information for patients who had agreed, through executing so-called “permission to contact” cards, to be contacted by Reliance regarding its MA plan offerings.
Second, in November 2019, prior to Reliance’s MA plan becoming active, Reliance paid each of four physicians and physician practices $2,500, which Reliance characterized as advances on “coordination of care” services to be provided by the physicians to beneficiaries when the MA plan became active in 2020.
The Justice Department alleged these payments were intended to induce the referral, recommendation, or arrangement of enrollment of Medicare beneficiaries in Reliance’s MA plan. Such payments, the United States alleges, were impermissible kickbacks in violation of the False Claims Act.
The CCA settlement resolved these charges. The settlement gave CCA credit for voluntarily self-disclosing this conduct to the Justice Department; taking remedial measures, including terminating the employees directly involved with the decision to offer the prohibited payments; and providing the United States with a detailed written statement describing its investigation, along with other supplemental information to assist the United States in its investigation.
Medicare Advantage insurers also are under investigation by the Justice Department for other alleged abuses. The Justice Department recently has investigated certain Medicare Advantage insurers for alleged manipulation of risk data to increase their capitated payments from Medicare. For Instance, the Justice Department recently sued MA Program insurer Independent Health Association and its affiliate, Independent Health Corporation (collectively, “Independent Health”) for allegedly illegally manipulating risk data used to set risk adjustment rates paid by Medicare to their Medicare Advantage plans in United States ex rel. Ross v. Independent Health Association et al., No. 12-CV-0299(S) (WDNY). To settle the litigation, Independent Health agreed to pay up to $98 million to resolve allegations that it violated the False Claims Act by knowingly submitting or causing the submission of invalid diagnosis codes to Medicare for Medicare Advantage Plan enrollees to increase payments that Independent Health received from Medicare. Under the terms of the settlement, Independent Health promised to make guaranteed payments of $34,500,000 and contingent payments of up to $63,500,000 on behalf of itself and DxID, which ceased operations in 2021. Its Chief Executive Officer separately agreed to pay $2,000,000. In addition, Independent Health entered into a five-year corporate integrity agreement (“CIA”) with HHS-OIG that requires among other things, that Independent Health hire an Independent Review Organization to annually review a sample of Independent Health’s Medicare Advantage patients’ medical records and associated internal controls to help ensure appropriate risk adjustment payments.
The Justice Department touts all of these and other investigations and enforcement actions against Medicare Advantage insurers as demonstrating its commitment to hold Medicare Advantage insurers and brokers accountable for kickbacks or other misconduct. In the Justice Department’s press release about the e-Health litigation, Deputy Assistant Attorney General Michael Granston of the Justice Department’s Civil Division. “We are committed to rooting out illegal practices by Medicare Advantage insurers and insurance brokers that undermine the interests of federal health care programs and the patients they serve.”
Risks For Insurers, Brokers, Health Plans & Fiduciaries
These and other actions send a strong warning to insurers and brokers to abstain from prohibited risk adjustment, kickbacks, or other prohibited conduct. Brokers and insurers also should keep in mind that these activities- whether in connection with the sale of Medicare Advantage or other insurance products Past history demonstrates that these activities carry risks beyond the Antikickback Statute and False Claims Act. They also can create exposures under other federal or state laws. The 2004 bid rigging prosecution of Marsh & McClennon by then New York Attorney General Elliott Spitzer is illustrative. On October 14, 2004, then New York State Attorney General Eliot Spitzer sued Marsh & McClennan and Marsh, Inc. (“Marsh”) for bid rigging and violation of various other state laws through its compensation arrangements between Marsh and several insurance companies, and bidding manipulation by Marsh. The largest U.S. insurance broker at the time, Marsh agreed in January 2005 to pay $850 million and end improper bid-rigging in a civil settlement with Spitzer. Attorney General Spitzer also brought criminal charges against individuals involved, some of which produced several guilty pleas. The last of these criminal prosecutions dragged on until 2011, when the New York Attorney General finally dismissed the remaining criminal charges against former Marsh executive marketing director William Gilman and former Marsh global placement director Edward McNenney. Marsh and others also faced charges in other states and private litigation from the scandal.
Kickbacks or other inappropriate compensation arrangements between insurers, brokers or other plan service providers also can create issues for health plan fiduciaries, sponsors, brokers and advisors. Self-insured health plan sponsors, fiduciaries, administrators and their consultants, brokers and insurers also should keep in mind that practices like those challenged in the Justice Department actions also are likely to raise concerns under the fiduciary responsibility and prohibited transaction rules of the Employee Retirement Income Security Act of 1974 (“ERISA”). Consequently, employer and other plan sponsors, their fiduciaries, and their brokers and advisors may wish to visit with experienced legal counsel about the advisability of conducting due diligence into the past, current, or future plan vendor relationships with their own programs.
The Justice Department is touting the lawsuit as an example of its commitment to hold Medicare Advantage insurers and brokers accountable for kickbacks or other misconduct. In the Justice Department’s press release about the action, Deputy Assistant Attorney General Michael Granston of the Justice Department’s Civil Division. “We are committed to rooting out illegal practices by Medicare Advantage insurers and insurance brokers that undermine the interests of federal health care programs and the patients they serve.”
More Information Or Help
We hope this update is helpful. For more information about these or other health or other employee benefits, human resources, insurance, or health care legal developments, please contact the author, Cynthia Marcotte Stamer, via e-mail or telephone at (214) 452-8297.
Solutions Law Press, Inc. invites you to receive future updates by registering on our Solutions Law Press, Inc. Website and participating in and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.
About the Author
Cynthia Marcotte Stamer is a Martindale-Hubble AV-Preeminent (highest/top 1%) practicing attorney recognized as a “Top Woman Lawyer,” “Top Rated Lawyer,” and “LEGAL LEADER™” in Health Care Law and Labor and Employment Law; among the “Best Lawyers In Dallas” in “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law recognized for her experience, scholarship, thought leadership and advocacy on health and other employee benefits, insurance, healthcare, workforce, HIPAA and other data and technology and other compliance in connection with her work with health care and life sciences, employee benefits, insurance, education, technology and other highly regulated and performance-dependent clients.
Board certified in labor and employment law by the Texas Board of Legal Specialization and a Fellow in the American College of Employee Benefits Counsel, Ms. Stamer is nationally recognized for her decades of leading edge experience on the design, sponsorship, administration and defense of health and other employee benefit, workforce, insurance, healthcare , data and technology and other operations to promote legal and operational compliance, reduce regulatory and other liability and promote other operational goals.
Along with her decades of legal and strategic consulting experience, Ms. Stamer also contributes her leadership and experience to many professional, civic and community organizations. She currently serves as Co-Chair of the ABA Real Property Trusts and Estates (“RPTE”) Section Welfare Plan Committee, Co-Chair of the ABA International Section International Employment Law Committee and its Annual Meeting Program Planning Committee, Chair Emeritus and Vice Chair of the ABA Tort Trial and Insurance (“TIPS”) Section Medicine and Law Committee, and Chair of the ABA Intellectual Property Section Law Practice Management Committee. She also has served as Scribe for the Joint Committee on Employee Benefits (“JCEB”) annual agency meetings with the Department of Health and Human Services and JCEB Council Representative, International Section Life Sciences Committee Chair, RPTE Section Employee Benefits Group Chair and a Substantive Groups Committee Member, Health Law Section Managed Care & Insurance Interest Group Chair, as TIPS Section Medicine and Law Committee Chair and Employee Benefits Committee and Workers Compensation Committee Vice Chair, Tax Section Fringe Benefit Committee Chair, and in various other ABA leadership capacities. Ms. Stamer also is a former Southwest Benefits Association Board Member and Continuing Education Chair, SHRM National Consultant Board Chair and Region IV Chair, Dallas Bar Association Employee Benefits Committee Chair, former Texas Association of Business State, Regional and Dallas Chapter Chair, a founding board member and Past President of the Alliance for Healthcare Excellence, as well as in the leadership of many other professional, civic and community organizations. She also is recognized for her contributions to strengthening health care policy and charitable and community service resolving health care challenges performed under PROJECT COPE Coalition For Patient Empowerment initiative and many other pro bono service involvements locally, nationally and internationally.
Ms. Stamer is the author of many highly regarded works published by leading professional and business publishers, the ABA, the American Health Lawyers Association, and others. Ms. Stamer also frequently speaks and serves on the faculty and steering committee for many ABA and other professional and industry conferences and conducts leadership and industry training for a wide range of organizations.
For more information about Ms. Stamer or her health industry and other experience and involvements, see http://www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press™
Solutions Law Press™ provides health care, insurance, human resources and employee benefit, data and technology, regulatory and operational performance, and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education. These include extensive resources on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press™ resources or training.
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general information and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation considering the specific facts and circumstances presented in their unique circumstances at the particular time. No comment or statement in this publication is to be construed as legal advice or admission. Solutions Law Press and its authors reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law constantly and often evolves, subsequent developments that could impact the currency and completeness of this discussion are likely. Solutions Law Press and its authors disclaim and have no responsibility to provide any update or otherwise notify anyone of any fact or law-specific nuance, change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
The $350,000 paid by Northeast Radiology, P.C. (“NERAD”) provides the latest warning to health plans, health care providers, healthcare clearinghouses (“Covered Entities”) and their business associates (collectively “Regulated Entities”) they risk costly fines and other costs for failing to maintain the up-to-date risk assessments required by the Health Insurance Portability & Accountability Act (“HIPAA”).
Following up on the five other previous Risk Analysis Initiative enforcement actions and settlements recently announced by the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) and OCR’s publication of proposed rules to significantly tighten HIPAA’s Risk Analysis and other requirements, the settlement with medical imaging center NERAD sends a strong warning to health plans and other Regulated Entities to clean up and strengthen their Risk Analysis and other HIPAA Security Rule compliance.
$350,000 NERAD Risk Analysis Settlement Latest Product Of New Enforcement Initiative
The sixth Risk Analysis Initiative enforcement action announced by OCR in recent months, the NERAD settlement resolves an OCR Risk Analysis Initiative enforcement action arising from OCR’s investigation of a breach of ePHI stored on NERAD’s Picture Archiving and Communication System (“PACS”) server for storing, retrieving, managing, and accessing radiology images.
OCR initiated its investigation of NERAD after receiving a NERAD breach report about a breach of unsecured ePHI in March 2020. NERAD reported that between April 2019 and January 2020, unauthorized individuals accessed radiology images stored on NERAD’s PACS server. NERAD notified the 298,532 patients whose information was potentially accessible on the PACS server of this breach. OCR’s investigation found that NERAD had failed to conduct an accurate and thorough Risk Analysis to determine the potential risks and vulnerabilities to the ePHI in NERAD’s information systems.
To avoid potentially much greater HIPAA civil monetary penalties under the terms of the resolution agreement, NERAD paid OCR $350,000 and agreed to implement a corrective action plan that OCR will monitor for two years. Under the corrective action plan, NERAD will take steps to improve its compliance with the HIPAA Security Rule and protect the security of ePHI, including:
Conducting an accurate and thorough Risk Analysis to determine the potential risks and vulnerabilities to the confidentiality, integrity, and availability of its ePHI;
Developing and implementing a risk management plan to address and mitigate security risks and vulnerabilities identified in its Risk Analysis;
Developing and implementing a written process to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports;
Developing, maintaining, and revising, as necessary, its written policies and procedures to comply with the HIPAA Rules; and
Augmenting its existing HIPAA and security training program to all of its workforce members who have access to PHI.
OCR Turns Up Heat On HIPAA Risk Analysis Requirements & Enforcement
The HIPAA Privacy, Security, and Breach Notification Rules set forth the requirements that Regulated Entities must follow to protect the privacy and security of protected health information. Since the HIPAA Security Rule first took effect, risk analysis is one of the four required implementation specifications the Security Rule requires to fulfill its Security Management Process Standard’s requirement that regulated entities “[i]mplement policies and procedures to prevent, detect, contain, and correct security violations.”
Written Risk Analysis Longstanding Requirement
Although OCR only recently formally adopted a Risk Analysis Initiative, OCR’s regulatory guidance and enforcement actions have communicated clearly the necessity for each Regulated Entity to possess and maintain an adequate documented Risk Analysis. OCR guidance since has required Regulated Entities to conduct and document the required Risk Analysis to safeguard ePHI and avoid liability under the HIPAA Rule. The importance of fulfillment of the Risk Analysis requirement is driven home by OCR’s recent identification of Risk Analysis inadequacies as a basis for its assessment of civil monetary penalties or required resolution payments to settle HIPAA Security Rule violations following a breach of ePHI.
While the Security Rule does not currently dictate how frequently a regulated entity must perform Risk Analysis, a proposed rule published by OCR on December 27, 2024 seeks to amend the existing Security Rule to expand the requirement to require regulated entities to develop and revise a technology asset inventory and a network map that illustrates the movement of ePHI throughout the regulated entity’s electronic information system(s) on an ongoing basis, at least once every 12 months and in response to a change in the regulated entity’s environment or operations that may affect ePHI. Although OCR has not adopted this and other changes contained in the proposed rule, substantial evidence exists that it already regularly administers the Risk Analysis requirement with the expectation that regulated entities will perform Risk Analysis at least this frequently. For instance, current OCR resolution agreements require impacted organizations to conduct Risk Analysis to identify and address vulnerabilities at least annually, and more frequently as needed in response to signs of potential breach or susceptibility.
To fulfill the “Risk Analysis” implantation specification, the Security Management Process Standard requires Regulated Entities maintain appropriate administrative, physical, and technical safeguards for the confidentiality, integrity, and security of electronic protected health information (“ePHI”) based on an up-to-date conduct of an up-to-date accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of ePHI held by that organization (“Risk Analysis”).
The Security Rule requires Regulated Entities to document each Risk Analysis in writing, to maintain their Risk Analysis documentation for six years, and to make available Risk Analysis documentation to OCR upon request.
Among other things, the Risk Analysis implementation standard requires regulated entities adequately to:
Identify where ePHI is located in the organization, including how ePHI enters, flows through, and leaves the organization’s information systems.
Integrate Risk Analysis and risk management into the organization’s business processes.
Ensure that audit controls are in place to record and examine information system activity.
Implement regular reviews of information system activity.
Utilize mechanisms to authenticate information to ensure only authorized users are accessing ePHI.
Encrypt ePHI in transit and at rest to guard against unauthorized access to ePHI when appropriate.
Incorporate lessons learned from incidents into the organization’s overall security management process.
Provide workforce members with regular HIPAA training that is specific to the organization and to the workforce members’ respective job duties.
OCR Heightens Risk Analysis Enforcement While Proposing Heightened Risk Analysis And Other Security Requirements
The proposed rule published by OCR on December 27, 2024 seeks to significantly broaden these original requirements of the Risk Assessment implementation standard. Under the proposed rule, a Regulated Entity’s Risk Analysis also would be required to include:
Require the development and revision of a technology asset inventory and a network map that illustrates the movement of ePHI throughout the regulated entity’s electronic information system(s) on an ongoing basis, at least once every 12 months and in response to a change in the regulated entity’s environment or operations that may affect ePHI.
Require greater specificity for conducting a risk analysis, including a written assessment that contains, among other things:
A review of the technology asset inventory and network map;
Identification of all reasonably anticipated threats to the confidentiality, integrity, and availability of ePHI;
Identification of potential vulnerabilities and predisposing conditions to the regulated entity’s relevant electronic information systems;
An assessment of the risk level for each identified threat and vulnerability, based on the likelihood that each identified threat will exploit the identified vulnerabilities; and
A review of the technology asset inventory and network map.
Other changes included in the proposed rule would further heighten the Risk Analysis and other Security Standard requirements for Regulated Entities. For instance, the proposed rule would require Regulated Entities:
To establish written procedures to restore the loss of certain relevant electronic information systems and data within 72 hours;
To perform an analysis of the relative criticality of their relevant electronic information systems and technology assets to determine the priority for restoration;
To establish written security incident response plans and procedures documenting how workforce members are to report suspected or known security incidents and how the regulated entity will respond to suspected or known security incidents;
To implement written procedures for testing and revising written security incident response plans;
To conduct a compliance audit at least once every 12 months to ensure their compliance with the Security Rule requirements;
To require business associates to verify at least once every 12 months for covered entities (and that business associate contractors verify at least once every 12 months for business associates) that they have deployed technical safeguards required by the Security Rule to protect ePHI through a written analysis of the business associate’s relevant electronic information systems by a subject matter expert and a written certification that the analysis has been performed and is accurate;
To encrypt ePHI at rest and in transit, with limited exceptions;
To establish and deploy technical controls for configuring relevant electronic information systems, including workstations, in a consistent manner including deployment of anti-malware protection, removal of extraneous software, and disabling network ports in accordance with the regulated entity’s risk analysis;
Use of multi-factor authentication, with limited exceptions;
Vulnerability scanning at least every six months and penetration testing at least once every 12 months;
Network segmentation;
Separate technical controls for backup and recovery of ePHI and relevant electronic information systems;
To review and test the effectiveness of certain security measures at least once every 12 months, in place of the current general requirement to maintain security measures;
Business associates to notify covered entities (and subcontractors to notify business associates) upon activation of their contingency plans without unreasonable delay, but no later than 24 hours after activation;
Group health plans to include in their plan documents requirements for their group health plan sponsors to: comply with the administrative, physical, and technical safeguards of the Security Rule; ensure that any agent to whom they provide ePHI agrees to implement the administrative, physical, and technical safeguards of the Security Rule; and notify their group health plans upon activation of their contingency plans without unreasonable delay, but no later than 24 hours after activation.
To help Regulated Entities understand and fulfill these responsibilities, OCR alone and in conjunction with the Office of the National Coordinator for Health Information Technology (“ONC”) also has published guidance like the HIPAA Security Risk Assessment (SRA) Tool. OCR guidance reflects that fulfillment of the Tool can help Regulated Entities may help defend but does not guarantee fulfillment of the Risk Assessment requirements, as the adequacy of the Risk Assessment always depends upon the unique facts and circumstances of the Regulated Entity at a particular time. This guidance confirms the importance of conducting timely and appropriate Risk Analysis in a manner that shows the Regulated Entity appropriately evaluated the risks to its e-PHI and acted reasonably in designing, administering, and updating that Risk Analysis to reasonably defend its e-PHI against breaches or other susceptibilities.
Recommended Actions For Health Plans & Other HIPAA-Regulated Entities
With the continued explosion in ransomware and other cyberthreats heightening the risk of experiencing a breach or other incident likely to draw the attention of OCR, each health plan or other Regulated Entity should take assess and confirm the adequacy of their current Risk Analysis, both to protect its ePHI and to promote its ability to defend its compliance with the HIPAA Security Rule’s Risk Analysis and other requirements in light of OCR’s heightened emphasis on Risk Analysis compliance and enforcement. For purposes of conducting this analysis, Regulated Entities generally will want to use a process like the following to structure their evaluation of their existing Risk Analysis to take advantage of the opportunity to use attorney-client privilege and other evidentiary rules to help protect discoverability of sensitive discussions about possible deficiencies in their existing Risk Analysis and discussions about potential tradeoffs considered in current or future Risk Analysis response:
Engage legal counsel experienced with HIPAA and other cybersecurity-related risks and liabilities to advise and assist your organization in designing and administering your Risk Analysis processes and response within the scope of attorney-client privilege;
Appoint and designate leadership and technical leadership for team responsible for design and administration of your organization’s initial and ongoing cybersecurity Risk Analysis and response (“Cyber-Risk Team”) and process for board and senior management reporting of the Cyber-Risk Team;
Select and engage outside consulting service providers, cyber-liability insurers and other risk service providers expected to participate in the process; work with qualified legal counsel to contract with these business associates to include the business associate agreement and other reassurances required by the HIPAA Privacy, Security and Breach Notification Rule and other performances, cooperation to provide and back services in accordance with agreed-upon protocols in the contract;
Train Cyber-Risk Team in the appropriate processes for working with internal teams, outside service providers, leadership, and designated legal counsel to conduct Risk Analysis, investigation and response using attorney-client privilege and other evidentiary tools and processes to maximize defensibility;
Require the Cyber-Risk Team conduct an updated, document assessment of cyber-risk within scope of attorney-client privilege and work with legal counsel to develop a documented cyber-risk policy that captures analysis and determinations for your justification for the size, scope and timing of your periodic Risk Analysis and rules and processes for interim risk identification, reassessments and response in reaction to potential cyber-risk signs between periodic Risk Analysis for presentation and approval by the Board taking into account the insights from published final and proposed guidance, enforcement actions and industry standards;
Require, oversee and enforce Cyber-Risk Team’s documented administration of the initial and subsequently required Risk Analysis and response pursuant to the adopted cyber-risk policy to identify vulnerabilities and work with legal counsel within the scope of privilege to document your analysis and justifications for addressing identified vulnerabilities and other required actions in response to identified susceptibilities or event;
Review adequacy of incident detection and response arrangements, including reporting and response mechanisms, insurance and indemnification protection, and other critical elements for mitigation and recovery; and
Other actions as warranted based on advice of counsel taking into account emerging threats, guidance, and risk susceptibility.
The author of this update, Cynthia Marcotte Stamer is an American College of Employee Benefits Counsel Fellow and attorney board certified in Labor and Employment Law by the Texas Board of Legal Specialization, nationally known and celebrated for her experience providing advice and representation on HIPAA and other risk management and compliance to employers and other health plan sponsors, health plans, health plan fiduciaries and administrators, health and other insurers, third party administrators, health care and other managed care providers and organizations, human resources and health plan technology, and other businesses about health plan design, administration, and other compliance, risk management and operational matters. If you have questions or need advice or help evaluating or addressing these or other compliance, risk management, or other concerns, contact her.
For More Information
We hope this update is helpful. For more information about these or other health or other employee benefits, human resources, or health care developments, please contact the author, Cynthia Marcotte Stamer, via e-mail or telephone at (214) 452-8297.
Solutions Law Press, Inc. invites you to receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.
About the Author
A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation; Cynthia Marcotte Stamer is an attorney board certified in labor and employment law by the Texas Board of Legal Specialization, management consultant, author, public policy advocate and lecturer sought out by clients and industry and government leaders for her more than 35 years of health, insurance, employment and employee benefits and other industry management work, thought leadership, public policy and regulatory affairs advocacy, coaching, teaching, and publications on health and other employee benefits, health care, insurance, workforce and other risk management and compliance.
Along with her decades of legal and strategic consulting experience, Ms. Stamer also contributes her leadership and experience to many professional, civic and community organizations. Along with currently serving as Co-Chair of the ABA Real Property Trusts and Estates (“RPTE”) Section Welfare Plan Committee, Co-Chair of the ABA International Section International Employment Law Committee and its Annual Meeting Program Planning Committee, Chair Emeritus and Vice Chair of the ABA Tort Trial and Insurance (“TIPS”) Section Medicine and Law Committee, and Chair of the ABA Intellectual Property Section Law Practice Management Committee, her previous ABA leadership roles include more than a decade of service as a Scribe for the Joint Committee on Employee Benefits (“JCEB”) annual agency meetings with the Department of Health and Human Services and JCEB Council Representative, International Section Life Sciences Committee Chair, RPTE Section Employee Benefits Group Chair and a Substantive Groups Committee Member, Health Law Section Managed Care & Insurance Interest Group Chair, as TIPS Section Medicine and Law Committee Chair and Employee Benefits Committee and Workers Compensation Committee Vice Chair, Tax Section Fringe Benefit Committee Chair, and in various other ABA leadership capacities. Ms. Stamer also is a former Southwest Benefits Association Board Member and Continuing Education Chair, SHRM National Consultant Board Chair and Region IV Chair, Dallas Bar Association Employee Benefits Committee Chair, former Texas Association of Business State, Regional and Dallas Chapter Chair, a founding board member and Past President of the Alliance for Healthcare Excellence, as well as in the leadership of many other professional, civic and community organizations. She also is recognized for her contributions to strengthening health care policy and charitable and community service resolving health care challenges performed under PROJECT COPE Coalition For Patient Empowerment initiative and many other pro bono service involvements locally, nationally and internationally.
Ms. Stamer is the author of many highly regarded works published by leading professional and business publishers, the ABA, the American Health Lawyers Association, and others. Ms. Stamer also frequently speaks and serves on the faculty and steering committee for many ABA and other professional and industry conferences and conducts leadership and industry training for a wide range of organizations.
For more information about Ms. Stamer or her health industry and other experience and involvements, see http://www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press™
Solutions Law Press™ provides health care, insurance, human resources and employee benefit, data and technology, regulatory and operational performance, and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education. These include extensive resources on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press™ resources or training.
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general information and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation considering the specific facts and circumstances presented in their unique circumstances at the particular time. No comment or statement in this publication is to be construed as legal advice or an admission. Solutions Law Press and its authors reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law constantly and often rapidly evolves, subsequent developments that could impact the currency and completeness of this discussion are likely. Solutions Law Press and its authors disclaim and have no responsibility to provide any update or otherwise notify anyone of any fact or law-specific nuance, change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
New Guidance Broadens Availability Of Website Alternative To All Health Plans
All health insurers and health plan administrators can now fulfill their obligation under the Patient Protection and Affordable Care Act (“ACA”) to send annual minimum essential coverage statements (“MEC Statements”) by timely posting a notice of the availability of the statements in lieu of providing the MEC statements by sending Internal Revenue Service (“IRS”) Forms 1095-B and 1095-C” to covered persons under guidance issued in IRS Notice 2025-15 on February 21, 2025.As part of the ACA minimum essential coverage mandates, Internal Revenue Code (“Code”) Section 6055 generally requires each health plan providing minimum essential coverage to any individual during a calendar year to notify the covered person named on an application who enrolls one or more individuals in the minimum essential coverage a statement that identifies each covered individual and the individual’s months of coverage. See Treas. Reg. § 1.6055–1(b)(11). While Section 6055 sets the statutory deadline to provide the MEC Notice as the January 31 immediately following the close of the plan year when the plan provides the coverage, Treasury Regulation § 1.6055-1(g)(4) provides an automatic 30-day extension of time in which to furnish these statements. As a result, covered health plans and health insurers must fulfill the annual MEC Statement requirement within 61 days of the close of the calendar year to which the MEC statement applies.
Internal Revenue Service (“IRS”) regulations generally require health plans to use Forms 1095-B and 1095-C to provide the MEC Statement to responsible individuals unless the health plan qualifies under Treasury Regulation § 1.6055-1(g)(4)(ii)(B) to provide the statement in the “alternative manner” of a qualifying website posting described in that Regulation.
Before February 21, 2025, Treasury Regulation § 1.6055-1(g)(4)(ii)(B) only allowed health plans to use the website posting alternative to fulfill their MEC Statement obligations if the individual shared responsibility payment amount under Code section 5000A(c) for the calendar year in which minimum essential coverage is provided is zero. Under IRS Notice 2025-15, however, all health plans and health insurers are permitted to use the alternative manner of a website posting to fulfill the MEC Statement mandate for all post-2023 plan years including the 2024 calendar notices without regard to the amount of the individual shared responsibility payment.
Health plans and health insurers wishing to use the to use the “alternative manner” of a website posting in lieu of Forms 1095-B and 1095-C to fulfill the MEC Statement requirement for 2024 or a subsequent calendar year must post in a location reasonably accessible to all responsible individuals a clear and conspicuous notice stating that responsible individuals may receive a copy of their statement upon request. Additionally, if an individual requests a statement, the health plan must deliver the requested statement within 30 days of the date the health plan receives the request.
The author of this update, Cynthia Marcotte Stamer is an American College of Employee Benefits Counsel Fellow and attorney board certified in Labor and Employment Law by the Texas Board of Legal Specialization, with decades of experience advising employers and other health plan sponsors, health plans, health plan fiduciaries and administrators, health and other insurers, third party administrators, managed care organizations, health plan technology, and other businesses about health plan design, administration, and other compliance, risk management and operational matters. If you have questions or need advice or help evaluating or addressing these or other compliance, risk management, or other concerns, contact her.
For More Information
We hope this update is helpful. For more information about these or other health or other employee benefits, human resources, or health care developments, please contact the author, Cynthia Marcotte Stamer, via e-mail or telephone at (214) 452-8297.
Solutions Law Press, Inc. invites you to receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.
About the Author
A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation; Cynthia Marcotte Stamer is an attorney board certified in labor and employment law by the Texas Board of Legal Specialization, management consultant, author, public policy advocate and lecturer sought out by clients and industry and government leaders for her more than 35 years of health, insurance, employment and employee benefits and other industry management work, thought leadership, public policy and regulatory affairs advocacy, coaching, teaching, and publications on health and other employee benefits, health care, insurance, workforce and other risk management and compliance.
Along with her decades of legal and strategic consulting experience, Ms. Stamer also contributes her leadership and experience to many professional, civic and community organizations. Along with currently serving as Co-Chair of the ABA Real Property Trusts and Estates (“RPTE”) Section Welfare Plan Committee, Co-Chair of the ABA International Section International Employment Law Committee and its Annual Meeting Program Planning Committee, Chair Emeritus and Vice Chair of the ABA Tort Trial and Insurance (“TIPS”) Section Medicine and Law Committee, and Chair of the ABA Intellectual Property Section Law Practice Management Committee, her previous ABA leadership roles include more than a decade of service as a Scribe for the Joint Committee on Employee Benefits (“JCEB”) annual agency meetings with the Department of Health and Human Services and JCEB Council Representative, International Section Life Sciences Committee Chair, RPTE Section Employee Benefits Group Chair and a Substantive Groups Committee Member, Health Law Section Managed Care & Insurance Interest Group Chair, as TIPS Section Medicine and Law Committee Chair and Employee Benefits Committee and Workers Compensation Committee Vice Chair, Tax Section Fringe Benefit Committee Chair, and in various other ABA leadership capacities. Ms. Stamer also is a former Southwest Benefits Association Board Member and Continuing Education Chair, SHRM National Consultant Board Chair and Region IV Chair, Dallas Bar Association Employee Benefits Committee Chair, former Texas Association of Business State, Regional and Dallas Chapter Chair, a founding board member and Past President of the Alliance for Healthcare Excellence, as well as in the leadership of many other professional, civic and community organizations. She also is recognized for her contributions to strengthening health care policy and charitable and community service resolving health care challenges performed under PROJECT COPE Coalition For Patient Empowerment initiative and many other pro bono service involvements locally, nationally and internationally.
Ms. Stamer is the author of many highly regarded works published by leading professional and business publishers, the ABA, the American Health Lawyers Association, and others. Ms. Stamer also frequently speaks and serves on the faculty and steering committee for many ABA and other professional and industry conferences and conducts leadership and industry training for a wide range of organizations.
For more information about Ms. Stamer or her health industry and other experience and involvements, see http://www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press™
Solutions Law Press™ provides health care, insurance, human resources and employee benefit, data and technology, regulatory and operational performance, and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education. These include extensive resources on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press™ resources or training.
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general information and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation considering the specific facts and circumstances presented in their unique circumstances at the particular time. No comment or statement in this publication is to be construed as legal advice or an admission. Solutions Law Press and its authors reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law constantly and often rapidly evolves, subsequent developments that could impact the currency and completeness of this discussion are likely. Solutions Law Press and its authors disclaim and have no responsibility to provide any update or otherwise notify anyone of any fact or law-specific nuance, change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Solutions Law Press publisher and attorney Cynthia Marcotte Stamer will discuss tobacco cessation class actions, health plan PBM, excessive fee, antitrust and other selected emerging health and disability plan litigation trends to watch in 2025 as part of the Welfare Plan Update at the American Bar Association Real Property, Probate and Trust Section Employee Plans and Executive Compensation Group will host during its free committee call on January 17, 2025, at 11:30 AM Central Time.
Along with Ms. Stamer’s comments, the Update also will include updates on the mental health partiy final rules and implications of the January 1, 2025 expiration of high deductible health plan telemedicine relief by her fellow Welfare Benefit Committee Co-Chair Jacquelyn M. Abbott and Committee Vice Chair Julia Mader.
Members interested in the meeting are invited to use the following Zoom credentials to connect to the meeting:
Board Certified in Labor and Employment Law by the Texas Board of Legal Specialization and a Fellow in the American College of Employee Benefits Counsel, Stamer is recognized for her decades of work on leading edge employee benefits, employment, health care and insurance concerns with recognition as a Martindale Hubble “Top Rated Lawyer” and “Legal Leader” in Health Care and Labor and Employment Law; as among the D Magazine “Best Lawyers In Dallas” in Labor & Employment, Tax: ERISA & Employee Benefits, Health Care and Business and Commercial Law.
Stamer has more than 35 years of experience guiding employers, health and other employee benefit and insurance programs and their fiduciaries, managed care, TPAs, PBMs, health care clearinghouses and their service providers; and other managed care and other health and health plan industry clients on program, product, systems and process design, administration, and defense; government and regulatory investigations and affairs; HIPAA and other data and systems privacy, cybersecurity and other integrity; workforce and other service provider credentialing, contracting, and management; government and private investigations, disputes, audits and enforcement; and other compliance, risk management and operations concerns in a wide range of contexts. Her work, and the interests of her clients are enhanced by her continuous involvement in federal and state legislative advocacy, regulatory affairs and government relations on these and other related concerns throughout her career.
In the course of this work, Stamer frequently advises and represents and defends health and other employee benefit plans, their fiduciaries, third party administrators, brokers, insurers, trustees and other plan service providers, debtor plan sponsors and their leaders, auditors, creditors and creditor committees, bankruptcy trustees, on prevention and mitigation of claims, fiduciary, licensing, prompt pay and other contractual, regulatory and other risks and liabilities arising from underfunded or distressed companies and employee benefit plans. She also advises employers, their boards, investors and management, third party administrators, preferred provider organizations, insurers and other plan service providers and others in fiduciary, claims and other audits, investigations and enforcement actions by private litigants, the Department of Labor, Department of Health & Human Services, Internal Revenue Service, Department of Justice, Federal Trade Commission, state insurance, attorneys’ general or other regulator, contractual arising out of workforce and staffing, employee benefit and insurance practices and programs in ongoing operations, corporate or credit transactions, bankruptcy or other situations and serves as special or consulting counsel for bankruptcy and other human resources, benefits, insurance, health care and regulatory compliance and investigation concerns. Stamer also counsels, represents and defends third party administrators, preferred provider and other managed care organizations, brokers and other regulated parties in state insurance and other regulators notice and reporting, investigations, audits, discipline and other enforcement actions.
Past Chair of the ABA RPTE Employee Benefit and Other Compensation Group, the Health Law Section Managed Care and Insurance Interest Group, and the Tort Trial and Insurance Section Medicine and Law Committee, Stamer also contributes her experience and knowledge by serving as Scribe for the American Bar Association (“ABA) Joint Committee on Employee Benefits (“JCEB”) annual agency meeting with the Department of Health and Human Services as well as a leader of employee benefits, human resources, health as an industry thought leader, Stamer also publishes and speaks extensively on health and other employee benefits, compensation, workforce, health care and related regulatory compliance and risk management matters.Her insights on these and other matters appear in publications of the American Bar Association, Bloomberg/BNA, Modern Healthcare, Aging In Place, Spencer Publications, the Wall Street Journal, the Dallas Business Journal, the Houston Business Journal, and many other national and local publications. For additional information about Stamer, her speaking, legal, consulting and other experience and services, or to access other publications by Stamer see CynthiaStamer.comor contact Stamer directly via e-mailor telephone (214) 452-8287.
For more details about the Real Property Probate and Trust Section Employee Benefits and Other Compensation Committee or other employee benefits related committees and activities of the American Bar Association, see the American Bar Association website here.
To receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile hereand connect with Stamer on Linkedin. For important information concerning this communication click here. If you do not wish to receive these updates in the future, unsubscribe by updating your profile here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides health care, insurance, human resources and employee benefit, data and technology, regulatory and operational performance, and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education. These include extensive resources on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources.
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general information and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation considering the specific facts and circumstances presented in their unique circumstances at the particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law constantly and often rapidly evolves, subsequent developments that could impact the currency and completeness of this discussion are likely. The author and Solutions Law Press, Inc. disclaim and have no responsibility to provide any update or otherwise notify anyone of any fact or law-specific nuance, change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS. ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN.
Health plans and insurers, health care providers and other Southern California organizations impacted by the California fires may qualify for temporary waivers or modification of certain Department of Health and Human Services (“HHS”) regulatory requirements under the Declarations of a Public Health Emergency (“PHE”) published by HHS today.
An extensive list of resources and guidance to help health plans, health care providers and others to understand and cope with HHS requirements in disaster or other emergency situations such as:
Health plans and other regulated entities impacted by the fire or other disasters should carefully review this guidance to understand the scope and availability of the current relief. Additionally, health plans, health care providers, business associates and other HHS-regulated entities and providers not currently impacted by today’s or another public health emergency declaration should use this guidance to plan and adopt policies and arrangements in advance of a disaster to provide for their continued ability to fulfill HHS regulatory obligations in the event of an emergency.
Health plans and other HHS-regulated entities should keep in mind the limited duration and scope of the relief provided by this PHE or any other HHS public health emergency declaration. Entities planning to rely on the PHE relief must review the scope, conditions and duration requirements and ensure their ability to defend their continued compliance taking into account these limited waivers and modifications.
Also the PHE guidance documents are not a final agency action, do not legally bind persons or entities outside the Federal government, and may be rescinded or modified in the Department’s discretion. Noncompliance with any voluntary standards (e.g., recommended practices) contained in these documents will not, in itself, result in any enforcement action.
Furthermore, health plans and other HHS regulated entities typically face a myriad of responsibilities beyond those imposed by the HHS. Health plans and other regulated entities should check other agencies disaster declaration webpages to determine whether the agency has issued any specific relief impacting their emergency in response to the broader disaster declaration issued by the Administration. Except to the extent covered by other declared disaster relief, coverage by or compliance with the HHS PHE guidance and policies does not insulate the health plan from potential liability for violating the requirements of the Employee Retirement Income Security Act or other laws creating responsibilities to plan members, providers, the Employee Benefit Security Administration or other agencies or parties other than HHS with respect to the HHS regulatory obligations for which the specific relief is provided in the PHE declaration. Accordingly, health plans, their fiduciaries, plan sponsors and service providers are urged to take necessary steps before, during and after any disaster to position themselves to demonstrate fulfillment of duties of prudence and other applicable responsibilities.
The author of this update, Cynthia Marcotte Stamer is an American College of Employee Benefits Counsel Fellow and attorney board certified in Labor and Employment Law by the Texas Board of Legal Specialization, who has decades of experience advising health care providers, health plans and insurers, third party administrators, managed care and other health care payers and providers, technology, and other businesses about crisis preparedness and response and other compliance, risk management and operational matters. If you have questions or need advice or help evaluating or addressing these or other compliance, risk management, or other concerns, contact her.
For More Information
We hope this update is helpful. For more information about these or other health or other employee benefits, human resources, or health care developments, please contact the author, Cynthia Marcotte Stamer, via e-mail or telephone at (214) 452-8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for her more than 35 years of health, insurance, employment and employee benefits and other industry management work, public policy leadership and advocacy, coaching, teachings, and publications including leading-edge work on crisis preparedness, response and recovery.
Author of many highly regarded compliance and risk management tools, training and other resources on health and other employee benefits, health care, insurance, workforce and other risk management and compliance, Ms. Stamer is widely recognized for her thought leadership and advocacy on these matters.
In addition, Ms. Stamer serves as a Scribe for the American Bar Association (“ABA”) Joint Committee on Employee Benefits annual agency meetings with OCR and shares her thought leadership as International Section Life Sciences Committee Vice Chair, and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides health care, insurance, human resources and employee benefit, data and technology, regulatory and operational performance, and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education. These include extensive resources on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources.
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general information and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation considering the specific facts and circumstances presented in their unique circumstances at the particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law constantly and often rapidly evolves, subsequent developments that could impact the currency and completeness of this discussion are likely. The author and Solutions Law Press, Inc. disclaim and have no responsibility to provide any update or otherwise notify anyone of any fact or law-specific nuance, change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
2025 surprise billing independent dispute resolution fees applicable to health plans, health insurers and health care providers will remain are holding steady.
The IDR Fees Final Rule, effective as of January 22, 2024, set forth the 2024 IDR entity fee ranges. The Departments announced these fees will remain unchanged for 2025.
The 2025 IDR entity fees now published on the NSA website are effective for disputes initiated on or after January 1, 2025. For these disputes, the administrative fee amount is $115 per party per dispute, and the certified IDR entity fee ranges are $200-$840 for single determinations and $268-$1,173 for batched determinations. The website now includes information on the fee set by each certified IDR entity within these ranges.
Along with confirming the 2025 fees, the Departments caution plans and providers to monitor the website for updates to the IDR web form to accommodate guidance-related and system enhancements. The Departments ask plans and providers who have initiated an IDR dispute previously, to clear their computer’s cache or open the IDR initiation web form in a private or incognito window at least once a week to see all the new features. The Departments warn to clear the cache or open this form in private/incognito mode could result in additional follow-up with certified IDR entities or system errors.
The author of this update, Cynthia Marcotte Stamer is an American College of Employee Benefits Counsel Fellow and attorney board certified in Labor and Employment Law by the Texas Board of Legal Specialization, who has decades of experience advising health plans and insurers, third party administrators, managed care and other health care payers and providers with surprise billing and other claims, payment and other design, administration, regulatory and other enforcement, dispute resolution, compliance, risk management and operational matters. If you have questions or need advice or help evaluating or addressing these or other compliance, risk management, or other concerns, contact her.
For More Information
We hope this update is helpful. For more information about the or other health or other employee benefits, human resources, or health care developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452-8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for her more than 35 years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications including leading edge work on workforce and other risk management and compliance.
Ms. Stamer’s work throughout her career has focused heavily on working with businesses domestically and internationally on employment, benefits, Federal Sentencing Guidelines and other workforce management, regulatory and public policy and other legal and operational concerns.
Author of many highly regarded compliance, training and other resources on health and other employee benefits, health care, insurance, workforce and other risk management and compliance, Ms. Stamer is widely recognized for her thought leadership and advocacy on these matters.
In addition, Ms. Stamer serves as a Scribe for the American Bar Association (“ABA”) Joint Committee on Employee Benefits annual agency meetings with OCR and shares her thought leadership as International Section Life Sciences Committee Vice Chair, and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources.
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general information and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation considering the specific facts and circumstances presented in their unique circumstance at the particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law constantly and often rapidly evolves, subsequent developments that could impact the currency and completeness of this discussion are likely. The author and Solutions Law Press, Inc. disclaim and have no responsibility to provide any update or otherwise notify anyone of any fact or law specific nuance, change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
The $100,000 penalty paid by a mental health facility alerts health plans, health care providers and health care clearinghouses (“covered entities”) to the perils of failing to timely deliver health records access as required by the Health Insurance Portability and Accountability Act (“HIPAA”).
The $100,000 civil monetary penalty against California mental health provider Rio Hondo Community Mental Health Center (“Rio Hondo”) announced by the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) on October 19, 202 is the fifty-first OCR enforcement action under its HIPAA Right of Access enforcement initiative.
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rules’ right of access provisions generally require covered entities to provide individuals access to their protected health information within 30 days, with the possibility of one 30-day extension and prohibits charging more than a reasonable, cost-based fee for this access.
The penalty against Rio Hondo resolves an OCR investigation into Rio Hondo over a failure to provide a patient with timely access to their medical records. OCR enforces the right of access and other requirements of the HIPAA Privacy Rule.
OCR launched an investigation after receiving a complaint from a patient that Rio Hondo did not provide timely access to their medical records, despite multiple requests in writing and by telephone.
OCR’s investigation found that it took nearly seven months from the time the patient first requested the records until Rio Hondo provided them.
The patient made multiple telephone calls in July and August 2020, regarding the status of her request, but still did not receive the requested records until it produced the records in response to the investigation.
The late delivery of the records access did not end the enforcement action. Based on the facts, OCR found that Rio Hondo failed to take timely action in response to the patient’s right of access in accordance with the HIPAA Privacy Rule.
In July 2024, OCR issued a Notice of Proposed Determination to impose a $100,000 civil monetary penalty. After Rio Hondo waived its right to a hearing and did not contest the findings of OCR’s Notice of Proposed Determination, OCR issued a Notice of Final Determination imposing the penalty.
OCR’s announcement of the penalty includes a strong warning to other covered entities to comply with HIPAA’s access requirements. It quotes OCR Director Melanie Fontes Rainer. As stating:
Ensuring patients’ rights to timely access to medical information continues to be a HIPAA enforcement priority. Healthcare providers are legally obligated to provide patients with timely access to their medical records. If they fail to provide that access, OCR will not hesitate to do everything in its power, including imposing civil monetary penalties, to ensure compliance with the law.”
While this penalty applied to a health care provider, health plans also are required to comply with the right of access rules.
With OCR promising to continue to prioritize enforcement, all covered entities should take documented steps to confirm the adequacy of their existing processes to ensure compliance with OCR’s Right of Access guidance and other applicable federal and state legal and ethical requirements like the Employee Retirement Income Security Act (“ERISA”) claims and appeals and Patient Protection and Affordable Care Act (“ACA”) adverse benefit procedures applicable to health plans and State ethical and statutory medical records delivery requirements applicable to providers. Health care providers also should consider including processes for tracking and monitoring access requests in these processes that provide for review every 30 days.Covered entities should keep records of these efforts for the six-year period required by HIPAA’s record retention rules.
Covered entities that receive follow up access requests or otherwise discover a potential failure to timely provide access should engage a HIPAA knowledgeable attorney for help and advice. Obviously, covered entities should correct any oversight promptly by delivering the records access. However legal counsel can assist by helping the covered entity assess if a violation actually occurred, avoid added violations or inflammatory communications or actions that could enhance exposures to complaints or penalties and suggest actions to help mitigate risks of an OCR investigation and penalties. For instance, past enforcement actions suggest a covered entity should consider foregoing requiring payment of charges HIPAA otherwise might allow for the records access to avoid further delay of access that could heighten penalty exposures. Covered entities also should document their delivery of access and their investigation and corrective actions addressing the source of the compliance failure.
The author of this update, Cynthia Marcotte Stamer has worked extensively with health plans on HIPAA, ERISA, the ACA on these and other HIPAA and other compliance and risk management. If you have questions or need advice or help evaluating or addressing your HIPAA compliance or other concerns, contact her.
For More Information
We hope this update is helpful. For more information about the or other health or other employee benefits, human resources, or health care developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452-8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for her more than 35 years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications including leading edge work on PBM, pharmacy and pharmaceutical and other health care, managed care, insurance, and insured and self-insured contracting, design, administration and regulation..
Author of numerous highly regarded works on PBM and other health plan contracting and design, Immediate Past Chair of the ABA International Section Life Sciences Committee and the Tort Trial and Insurance Practice Section Medicine and Law Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and past Group Chair and current Welfare Benefit Committee Co-Chair of the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with HIPAA and other legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
As a part of this work, she has continuously and extensively worked with domestic and international health plans, their sponsors, fiduciaries, administrators, and insurers; managed care and insurance organizations; third party administrators and other health benefit service providers; hospitals, health care systems and other health care providers, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EMR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, self-insured health and other employee benefit plans, their sponsors, fiduciaries, administrators and service providers, insurers and other payers, health industry advocacy and other service providers and groups and other health and managed care industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.
Author of many highly regarded compliance, training and other resources on HIPAA and other risk management and compliance, Ms. Stamer is widely recognized for her thought leadership on HIPAA and many other health care, health plan and other health industry matters.
In addition, Ms. Stamer serves as a Scribe for the American Bar Association (“ABA”) Joint Committee on Employee Benefits annual agency meetings with OCR and shares her thought leadership as International Section Life Sciences Committee Vice Chair, and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources.
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general information and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation considering the specific facts and circumstances presented in their unique circumstance at the particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law constantly and often rapidly evolves, subsequent developments that could impact the currency and completeness of this discussion are likely. The author and Solutions Law Press, Inc. disclaim and have no responsibility to provide any update or otherwise notify anyone of any fact or law specific nuance, change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
The Departments of Health and Human Services, Labor, and the Treasury (collectively, the Departments) today announced changes to the requiredprocess for resubmitting Independent Dispute Resolution (“IDR”) disputes originally improperly batched or bundled in the Federal IDR portal.
According to the Departments’ May 1 announcement, resubmission requests for disputes originally improperly batched or bundled will come directly from the Federal IDR portal instead of from the certified IDR entity, and initiating parties now will have a unique web form they can access via a link in their resubmission email notification to complete the resubmission process.
Starting on May 1, 2024, certified IDR entities will notify parties through an email from the Federal IDR portal that a dispute is eligible for resubmission due to improper batching or bundling from auto-reply-federalidrquestions@cms.hhs.gov. If the recipient initiated the dispute, the resubmission email notification will contain a unique link to a new form called the Notice of IDR Initiation – Resubmission web form and instructions on the next steps. If the recipient did not initiate the original dispute, the email notification will be informational and will not have a link.
Initiating parties have four business days from the date of the resubmission email notification to resubmit a dispute. The resubmission link will no longer work after the four business day window has passed.
If a certified IDR entity notified the party that a dispute submitted was eligible for resubmission due to improper batching or bundling before May 1, 2024, the Departments state the recipient should resubmit the dispute as instructed in the email from its certified IDR entity through the Notice of IDR Initiation web form by May 6, 2024. For information on how to resubmit these disputes, refer to the Notice of Initiation Web Form Job Aid.
The Departments state the Notice of IDR Initiation web form will accept resubmitted disputes through May 6, 2024. After May 6, 2024, the Notice of IDR Initiation web form will no longer accept resubmitted disputes, and all resubmissions must be submitted via the Notice of IDR Initiation – Resubmission web form, as described in the paragraph below.
The following resources provide additional information and instructions on how to complete and submit the new Notice of IDR Initiation – Resubmission web form, following
Health care providers and health plans using the new IDR processes should update their processes immediately to avoid forfeiting surprise billing rights. Recipients of e-mails purportedly from the portal are cautioned to include and follow appropriate procedures to guard against malware or other cyber threats.
For More Information
We hope this update is helpful. For more information about these or other health or other legal, management, or public policy developments, please get in touch with the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
About the Author
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 35 plus years of health, employee benefits, insurance, hospitality, retail, construction and other industry management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Co-Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee and Vice-Chair and Chair Elect of its International Employment Law Committee, Chair of the ABA TIPS Section Medicine & Law Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, and Chair of the ABA Intellectual Property Section Law Practice Management Committee, Ms. Stamer has decades of experience advising employers, investigating and helping employers to defend wage and hour, worker classification, discrimination and other labor and employment, employee benefits and other compliance.
Ms. Stamer’s work throughout her career has focused heavily on working with health care and managed care, life sciences, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. Her experience includes extensive involvement advising clients about preventing, investigating and defending EEOC, DOJ, OFCCP and other Civil Rights Act, Section 1557 and other HHS, HUD, banking, and other federal and state discrimination; EBSA, IRS, and PBGC employee benefit; WHD, CAS, Davis-Bacon and other federal and state wage and hour and other compensation; OSHA and other investigations, audits, lawsuits and other enforcement actions as well as advocacy before Congress and regulators regarding federal and state equal opportunity, equity and other laws.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Laws Press, Inc.™
Solutions Law Press, Inc.™ provides health care, human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested in reviewing some of our other Solutions Law Press, Inc.™ resources available here, such as:
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and educational purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstances at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules make it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access to this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
UnitedHealthcare Group (UHG) plans to resume certain key health benefit and payment function this week that it turned off in response to a February 21, 2024 cyberattack.
Health plans, their fiduciaries, health plan sponsors and insurers, and their administrative and other service providers may find these updates helpful to plan and communicate with plan members, providers and others as part of their efforts to fulfill their own Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach Notification Rules, the claims, notice and fiduciary responsibilities under the Employee Retirement Income Security Act of 1974 (ERISA), state contract, prompt pay and other duties to health care providers or other responsibilities in response to disruptions created by UHG’s Blackcat1234 ransomware attack subsidiary Change Healthcare.
UHG Attack
On February 21, 2024, a ransomware attack executed by the Blackcat1234 ransomware group took control of and shut down the payment, revenue cycle management and related tools and systems of UHG Subsidiary Change Healthcare. Well-known for stealing sensitive data and demanding ransom for not publishing it, and other public and private cybersecurity monitoring and tracking organizations have warned heath care and other system operators to guard against Blackcat1234 and related ransomware attack risks since at least 2022. See, e.g., #StopRansomware: ALPHV Blackcat | CISA.
The Choice Health shutdown resulting from the Blackcat1234 ransomware attack has created widespread disruptions to key care authorization, billing and other pharmacy, provider and other plan and provider transactions within health care and health benefit systems nationwide due to the widespread use of the Choice Health tools.
Due to the widespread use of the Change Healthcare tools and systems as a financial clearinghouse for connecting pharmacy benefit managers, health care providers, and other key plays and health plans throughout the health care and health benefits industry, the attack has and continues to disrupt key billing, care-authorization, payment and other transactions between health care payers and pharmacies, physicians and other health care providers and health care payers and their partners across the health care industry.
The resulting shutdown and disruption to electronic payment and medical claims systems incorporating the compromised Change Healthcare tools create various legal and operational headaches for many health plans and other health care payers by preventing or obstructing the submission and processing of health care claims and other transactions between health care providers and health plans.
While UHG works to remediate and restore the operability and security of the Choice Health tools and systems, health plans, and insurers, their fiduciaries, plan sponsors, and fiduciaries should take timely and prudent steps in response to the breach and resulting disruptions to mitigate the exposure of their health plans, and themselves under HIPAA and ERISA. See Manage Health Plan HIPAA, ERISA & Other Exposures From Change Healthcare Ransomware Attack.
Timeline
In its Product Restoration Timeline posted on a UHG website, UhG projects the following timeline for restoration of the following systems:
Clearance: Benefits verification and authorization determination
MedRX: Pharmacy electronic claims for medical
Reimbursement Manager: Claim pricing
Coverage Insight: Coverage discovery
Week of 4/1
Clinical Exchange: Provider workflow enabling electronic prescribing, ordering and resulting integrated into EHR’s
Payer Connectivity Services(PCS): EDI validation and editing
Hosted Payer Services(HPS): Payer hosting service for eligibility responses to providers
Acuity / Pulse: Acuity provides revenue cycle analytics for users of Clearance and Assurance; Pulse provides RCM KPI benchmarks for institutional claims utilizing Assurance client data
Week of 4/8
Risk Manager: Supports clients in managing value-based payment contracts.
Health QX: Retrospective episode-base payment models
No Guarantees
The UHG website warns these dates are projections based on available information. Products will go through a phased reconnection process, including launch, testing and scaled reconnection. The timeline may change as UHG learns more.
Unlisted Services
The Timeline currently does not list all products and services. The UHG website states that the absence of a product from the schedule does not mean that product is more than three weeks away from resumption. Rather, it means that UHG does not yet have line of sight to the week that it expects to restore it. UHG plans to provide updated information as those timelines become clear.
For specific product updates, UHG invites interested persons to subscribe to the products of interest here.
Restoration Webinars
UHG also has shared the following series of webinary providing more information about its restoration efforts:
If you need have questions or need assistance with this or other cybersecurity, health, benefit, payroll, investment or other data, systems or other privacy or security related risk management, compliance, enforcement or management concerns, to inquire about arranging for compliance audit or training, or need legal representation on other matters, contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
About the Author
Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 35 plus years of employee benefit, managed care and other health and insurance industry, workforce and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Co-Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee and Vice-Chair Elect of its International Employment Law Committee, Chair-Elect of the ABA TIPS Section Medicine & Law Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, and Chair of the ABA Intellectual Property Section Law Practice Management Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading-edge work, scholarship and thought leadership on heath benefit and other healthcare and life science, managed care and insurance and other workforce and staffing, employee benefits, safety, contracting, quality assurance, compliance and risk management, and other legal, public policy and operational concerns in the healthcare and life sciences, employee benefits, managed care and insurance, technology and other related industries. She speaks and publishes extensively on these and other related compliance issues.
Ms. Stamer’s work throughout her career has focused heavily on working with health care and managed care, life sciences, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. Author of a multitude of highly regarded publications on HIPAA and other medical record and data privacy and scribe for the ABA JCEB Annual Meeting with the HHS Office of Civil Rights, her experience includes extensive involvement throughout her career in advising health care and life sciences and other clients about preventing, investigating and defending EEOC, DOJ, OFCCP and other Civil Rights Act, Section 1557 and other HHS, HUD, banking, and other federal and state discrimination investigations, audits, lawsuits and other enforcement actions as well as advocacy before Congress and regulators regarding federal and state equal opportunity, equity and other laws.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Laws Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested in reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and educational purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstances at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules make it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access to this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
What Health Plans, Their Fiduciaries, Vendors & Sponsors Should Be Doing Now
Health plans, their fiduciaries, health plan sponsors and insurers, and their administrative and other service providers should move quickly to understand and act to mitigate the exposures likely to arise under the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach Notification Rules, the claims, notice and fiduciary responsibilities under the Employee Retirement Income Security Act of 1974 (ERISA), state contract, prompt pay and other duties to health care providers or other responsibilities in response to disruptions created by the Blackcat1234 ransomware attack (CH/UHG Attack) experienced by UnitedHealthcare Group (UHG) subsidiary Change Healthcare.
Change Healthcare Ransomware Attack
On February 21, 2024, a ransomware attack executed by the Blackcat1234 ransomware group took control of and shut down the payment, revenue cycle management and related tools and systems of UHG Subsidiary Change Healthcare. Well-known for stealing sensitive data and demanding ransom for not publishing it, and other public and private cybersecurity monitoring and tracking organizations have warned heath care and other system operators to guard against Blackcat1234 and related ransomware attack risks since at least 2022. See, e.g., #StopRansomware: ALPHV Blackcat | CISA.
The Change Health shutdown resulting from the Blackcat1234 ransomware attack has created widespread disruptions to key care authorization, billing and other pharmacy, provider and other plan and provider transactions within health care and health benefit systems nationwide due to the widespread use of the Change Health tools.
Due to the widespread use of the Change Healthcare tools and systems as a financial clearinghouse for connecting pharmacy benefit managers, health care providers, and other key plays and health plans throughout the health care and health benefits industry, the attack has and continues to disrupt key billing, care-authorization, payment and other transactions between health plans, health care payers and pharmacies, physicians and other health care providers and health care payers and their partners across the health care industry.
As UHG has worked to recover from the Change Health attack, the resulting shutdown and disruption to electronic payment and medical claims systems incorporating the compromised Change Healthcare tools create various legal and operational headaches for many health plans and other health care payers by preventing or obstructing the submission and processing of health care claims and other transactions between health care providers and health plans. While UHG works to remediate and restore the operability and security of the Choice Health tools and systems, health plans, and insurers, their fiduciaries, plan sponsors, and fiduciaries should take timely and prudent steps in response to the breach and resulting disruptions to mitigate the exposure of their health plans, and themselves under HIPAA and ERISA.
While most health care providers and health plans expect Change Health and other UHG entities to face potential data breach and breach notification responsibilities and liabilities under HIPAA and other federal and state data privacy and cybersecurity laws, many health plan fiduciaries, sponsors, insurers, and administrative or other service providers have given limited consideration to how the February 21, 2024, cyber event impacted their HIPAA responsibilities and exposures. Guidance published by the U.S. Department of Health and Human Services Office for Civil Rights (OCR) on March 13, 2023, alerts health plans and health insurers, their fiduciaries and plan sponsors, health care providers, health care clearinghouses, and their business associates (covered entities) against overlooking their own potential HIPAA responsibilities arising from the February 21 Choice Health attack or other similar events.
HIPAA requires covered entities and their business associates to protect the privacy and security of protected health information, to have and enforce HIPAA-compliant business associate agreements, to conduct timely documented risk assessments in response to known or foreseeable security threats, and to provide notice of a breach to OCR, affected individuals and for breaches affecting more than 500 individuals.
Under the HIPAA Security Rule, covered entities must conduct documented risk assessments to evaluate and monitor their electronic personal health information (EPHI) and associated systems for potential breaches and other threats that expose EPHA to unauthorized use, access, disclosure, destruction or other compromise.
To fulfill this requirement, the Security Rule requires covered entities and business associates to conduct documented risk assessments impacting their EPHI and to update these risk assessments in response to internal or external events impacting the adequacy of their risk assessments or security safeguards.
While the responsibility of covered entities and business associates to protect EPHI against unauthorized use, access and disclosure from cybercriminals and others receives the most attention, the Security Rule also includes often less discussed responsibility to protect EPHI and related operating systems against destruction or other disruptions from a wide range of threats including ransomware attacks.
OCR guidance makes clear that OCR views safeguarding EPHI against ransomware and other cybersecurity threats as encompassed in this duty. As part of these efforts, OCR and other cybersecurity agencies have recommended among other things that covered entities and business associates:
Routinely take inventory of assets and data to identify authorized and unauthorized devices and software;
Prioritize remediation of known exploited vulnerabilities’
Enable and enforce multifactor authentication with strong passwords;
Close unused ports and remove applications not deemed necessary for day-to-day operations.
Furthermore, when a breach of results in an unauthorized use, access, disclosure or destruction of EPHI, the HIPAA Breach Notification Rule requires covered entities and their business associates to provide timely notification of the breach to subjects of the breached EPHI and OCR, and if the breach affects more than 500 subjects, to the media. Concurrently, the HIPAA Security Rule requires health plans and other covered entities to evaluate through documented risk assessments and take appropriate timely action to update their EPHI security as necessary to respond to breaches, potential breaches and other evolving threats to their EPHI and related systems.
On March 13, 2024, the Office of Civil Rights (OCR) released a “Dear Colleague letter” that warns the February 21, 2024 CH/UHG data breach is likely to trigger HIPAA obligations and investigations for Choice Health and UHG as well as other HIPAA-covered health plans, heath care providers, heath care clearinghouses and business associates. While stating the investigation currently focuses on Change Healthcare and UHC, for instance, the Dear Colleague Letter warns that OCR anticipates that its response to the February 21, 2024 CH/UHG Attack eventually also will include “secondary” investigations of other health plans, health care providers, health care clearinghouses and business associates “tied to or impacted by this attack.”
In light of these anticipated secondary investigations, OCR’s Dear Colleague letter warns health plans, health care providers, health care clearinghouses, business associates to ensure they timely and properly handle their own potential HIPAA responsibilities arising from the CH/UHG Attack. The Dear Colleague letter expressly alerts health plans, health care providers and other covered entities and business associates “that have partnered with Change Healthcare and UHG” in anticipation of OCR’s expected secondary investigations to ensure that their own ability to demonstrate their organization meet all required HIPAA responsibilities including that:
All required “business associate agreements are in place;
All required breach notifications are provided to HHS, affected persons and in the event of a large breach affecting more than 500 individuals, to the media; and
All security and other HIPAA responsibilities are met.
The Dear Colleague Letter also directed covered entities and their business associates to the following previously released OCR resources for assistance in understanding their responsibilities for guarding EPHI against ransomware and other cybersecurity threats:
The OCR HIPAA Security Rule Guidance Material webpage;
OCR Video on How the HIPAA Security Rule Protects Against Cyberattacks;
OCR Webinar on HIPAA Security Rule Risk Analysis Requirement;
HHS Security Risk Assessment Tool;
Factsheet: Ransomware and HIPAA; and
Healthcare and Public Health (HPH) Cybersecurity Performance Goals.
Standing alone, the Dear Colleague Letter makes clear that all covered entities partnered with or impacted by disruptions from the CH/UHG attack need to take documented steps to reevaluate and tighten the adequacy of their existing security safeguards as well as their processes for monitoring and responding to evolving ransomware and other cybersecurity threats in anticipation of becoming the target of potential “secondary” OCR investigations arising from the CH/UHG Attack.
While the Dear Colleague Letter specifically references covered entities and business associates “partnered” with Choice Health, OCR’s previously issued guidance warning all covered entities and their business associates to safeguard their EPHI against ransomware and other cybersecurity threats, strongly suggest that all covered entities and business associates should consider the advisability of reevaluating the adequacy of their own EPHI safeguards in light of the heightened ransomware and other cyber threat illustrated by the CH/UHG Attack. Consequently, all covered entities and business associates partnered with or impacted by the CH/UHG Attack or its resulting distributions specifically, as well as covered entities and business associates generally should work with experienced legal counsel to conduct documented risk assessments of their systems, exposures, responsibilities and risks taking into account these developments as soon as possible in anticipation of complaint or audit driven investigations arising from the Choice Health and other malware events and threats.
ERISA-Covered Health Plan Data Security & Breach Related Fiduciary Duties
In addition to any applicable HIPAA responsibilities, fiduciaries and sponsors of employer or union sponsored health plans subject to the Employee Retirement Income Security Act (ERISA) also should consider whether the CH/UHG Attack or the heightened ransomware and other cyber security threats any additional actions are prudently necessary to protect the health plan data, assets or operations.
ERISA generally requires individuals or entities named as fiduciaries or otherwise possessing functional discretionary authority or responsibility or authority over a plan or its assets (fiduciaries) to act prudently to protect and administer the plan and its assets. Department of Labor Employee Benefit Security Administration (EBSA) guidance published in April, 2021 first officially confirmed its interpretation of ERISA’s duty of prudence as including a duty to utilize prudent cybersecurity safeguards. Since EBSA published this cybersecurity guidance EBSA also has also added cybersecurity inquiries to its plan fiduciary audits. As a result, in addition to complying with HIPAA, ERISA-covered health plan fiduciaries and sponsors also should be prepared to demonstrate plan fiduciaries acted prudently to comply with HIPAA as well as the following actions to safeguard health and other employee benefit plan data and systems against cybersecurity threats:
Tips for Hiring a Service Provider: Helps plan sponsors and fiduciaries prudently select a service provider with strong cybersecurity practices and monitor their activities, as ERISA requires.
Online Security Tips: Offers plan participants and beneficiaries who check their retirement accounts online basic rules to reduce the risk of fraud and loss.
In light of this OCR and EBSA guidance, health plan sponsors, fiduciaries and vendors and other HIPAA covered entities and business associates are urged to take documented steps to audit and strengthen as needed their safeguards against hacking and other cybersecurity threats including:
In the case of any health plan or health plan vendor, taking well documented steps to assess and tighten as necessary their health plan systems and data security to meet or exceed the recommendation outlined in the EBSA cybersecurity guidance or otherwise necessary to prudently guard their plans and plan data and systems against cybersecurity threats.
Reviewing and monitoring on a documented, ongoing basis the adequacy and susceptibilities of existing practices, policies, safeguards of their own organizations, as well as their business associates and their vendors within the scope of attorney-client privilege taking into consideration data available from OCR, data regarding known or potential susceptibilities within their own operations as well as in the media, and other developments to determine if additional steps are necessary or advisable.
Updating policies, privacy and other notices, practices, procedures, training and other practices as needed to promote compliance and defensibility.
Renegotiating and enhancing service provider agreements to detail the specific compliance, audit, oversight and reporting rights, workforce and vendor credentialing and access control, indemnification, insurance, cooperation and other rights and responsibilities of all entities and individuals that use, access or disclose, or provide systems, software or other services or tools that could impact on security; to clarify the respective rights, procedures and responsibilities of each party in regards to compliance audits, investigation, breach reporting, and mitigation; and other relevant matters.
Verifying and tightening technological and other tracking, documentation and safeguards and controls to the use, access and disclosure of protected health information and systems.
Conducting well-documented training as necessary to ensure that members of the workforce of each covered entity and business associate understand and are prepared to comply with the expanded requirements of HIPAA, understand their responsibilities and appropriate procedures for reporting and investigating potential breaches or other compliance concerns, and understand as well as are prepared to follow appropriate procedures for reporting and responding to suspected violations or other indicia of potential security concerns.
Tracking and reviewing on a systemized, well-documented basis actual and near miss security threats to evaluate, document decision-making and make timely adjustments to policies, practices, training, safeguards and other compliance components as necessary to identify and resolve risks.
Establishing and providing well-documented monitoring of compliance that includes board level oversight and reporting at least quarterly and sooner in response to potential threat indicators.
Establishing and providing well-documented timely investigation and redress of reported violations or other compliance concerns.
Establishing contingency plans for responding in the event of a breach.
Establishing a well-documented process for monitoring and updating policies, practices and other efforts in response to changes in risks, practices and requirements.
Preparing and maintaining a well-documented record of compliance, risk, investigation and other security activities.
Pursuing other appropriate strategies to enhance the covered entity’s ability to demonstrate its compliance commitment both on paper and in operation.
Because susceptibilities in systems, software and other vendors of business associates, covered entities and their business associates should use care to assess and manage business associate and other vendor associated risks and compliance as well as tighten business associate and other service agreements to promote the improved cooperation, coordination, management and oversight required to comply with the new breach notification and other HIPAA requirements by specifically mapping out these details.
Furthermore, while the preemption provisions of ERISA generally insulate health plans and their sponsors from responsibility or liability for complying with state insurance, data security, breach notification or other state law cybersecurity and cyber breach and breach notification laws and rules, health insurers and other health plan service providers generally remain subject to these state law requirements. Consequently, health insurers, administrative service providers and other health plan vendors also should act promptly to evaluate and ensure their fulfillment of all applicable cybersecurity and data breach mandates under relevant state law.
Leaders of covered entities or their business associates also are cautioned that while HIPAA itself does not generally create any private right of action for victims of breach under HIPAA, breaches may create substantial liability for their organizations or increasingly, organizational leaders under state data privacy and breach, negligence or other statutory or common laws. In addition, physicians and other licensed parties may face professional discipline or other professional liability for breaches violating statutory or ethical standards. Meanwhile, the Securities and Exchange Commission has indicated that it plans to pursue enforcement against leaders of public health care or other companies that fail to use appropriate care to ensure their organizations comply with privacy and data security obligations and the Employee Benefit Security Administration recently has issued guidance recognizing prudent data security practices as part of the fiduciary obligations of health plans and their fiduciaries.
Finally, health plans and other covered entities are reminded that appropriate strategic planning and use of attorney-client privilege and other evidentiary tools can critically impact the defensibility of pre-breach, breach investigation and post-breach investigation and decision-making. Because HIPAA, EBSA and other rules typically require prompt investigation and response to known or suspected hacking or other cybersecurity threats, health plans and other covered entities or business associates should seek the assistance of experienced legal counsel to advise and assist in these activities to understand the potential availability and proper use of these and other evidentiary rules as part of the compliance planning process as well as to prepare for appropriate use in the event of a known or suspected incident to avoid unintentional compromise of these protections.
ERISA & Other Risks From Untimely Timely Acceptance & Processing of Health Plan Eligibility & Benefit Provisions
Since Change Health shut down its tools and systems CH/UHG Attack has created and continues to cause nationwide disruptions in the ability of pharmacy, physician and other health care providers to submit, and health plans and insurers to receive and process a wide range of health care billing, claims and other transactions because of the widespread integration and use of Choice Health tools in systems health care providers and payers use for the submission, receipt, and processing of health care provider eligibility, billing and other health benefits.
Along with the liabilities and headaches that the ransomware attack and resulting disruptions create for Choice Healthcare and UHG, delays and other disruptions in the handling of health benefit eligibility, claims processing, notifications and payment by health plans and their administrative services providers arising from can create a host of additional liability headaches health plans, health insurers, their fiduciaries and administrative services providers in addition to those arising directly from the HIPAA and other cybersecurity breach itself.
For ERISA-covered health plans, ERISA generally holds health plans and their fiduciaries accountable for the prudent, timely administration of health plan eligibility, claims and other administrative functions in accordance with the terms of the plan and within the applicable time frames and other requirements of ERISA’s reasonable claims procedure and adverse benefit determination rules. Health plans and their ERISA plan administrators generally must receive and process claims transactions required by the adverse claim determination regulations and provide participants or beneficiaries with detailed written notifications for any claims not processed and paid within the relevant 72-hour, 15-day or 30-day time period specified by the adverse claim determination rules. Noncompliance with these requirements both undermines the defensibility of the health plan’s denial of coverage and subjects the plan administrator to liability for EBSA penalties and/or discretionary awards of penalties plus attorneys’ fees and other costs of enforcement to plan participants or beneficiaries for failures to deliver timely notification of the denial. To the extent that EBSA or a court determines that the failure to timely and appropriately process and pay benefits resulted from a lack of prudence or other breach of ERISA fiduciary duties, fiduciaries are at risk for incurring personal liability for actual damages to the plan or its participants plus attorneys’ fees and other costs of enforcement; EBSA penalties for engaging in a breach of fiduciary duty under ERISA section 502(l); or both.
Beyond these ERISA-related risks, delays in processing and payment of health care provider claims also create potential additional liability for health insurers, health plans and their administrators to the extent the disruptions prevent the timely payment and processing of health benefit claims in violation of health care provider rights under managed care or other provider contracts, prompt pay and surprise billing or other provider legal rights. Unlike member claims assigned to providers, ERISA generally does not preempt these nonderivative provider rights and claims or the additional state law damages, penalties or other remedies arising under state law against health insurers, health plans and plan administrators found to violate these rules. Consequently, delays in payments to providers also could substantially increase the costs and liabilities that health insurers, health plans, their fiduciaries, administrators, and employers and other sponsors obligated under the plan terms or vendor contracts to pay these costs.
In light of these and other potential risks, health insurers and health plans, their employer, union and other sponsors, fiduciaries, administrative services providers and other vendors should act quickly to investigate and ensure proper management of the fallout from the CH/UHG Attack and the heightened ransomware and other cybersecurity threats it represents.
Along with working with qualified legal counsel to address the potential HIPAA, ERISA and other responsibilities the health plan or insurer, its fiduciaries, service providers and sponsor bear from the CH/UHG Attack and other cyber risks, most parties also will want to evaluate obligations to notify cybersecurity and other liability insurers, seek indemnification from Choice Healthcare, UHG or other potentially culpable parties and evaluate other sensitive data and strategies for mitigation of their health plan and their own resulting liabilities, costs and other consequences.
If you need have questions or need assistance with this or other cybersecurity, health, benefit, payroll, investment or other data, systems or other privacy or security related risk management, compliance, enforcement or management concerns, to inquire about arranging for compliance audit or training, or need legal representation on other matters, contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
About the Author
Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 35 plus years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Co-Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee and Vice-Chair Elect of its International Employment Law Committee, Chair-Elect of the ABA TIPS Section Medicine & Law Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, and Chair of the ABA Intellectual Property Section Law Practice Management Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading-edge work, scholarship and thought leadership on heath benefit and other healthcare and life science, managed care and insurance and other workforce and staffing, employee benefits, safety, contracting, quality assurance, compliance and risk management, and other legal, public policy and operational concerns in the healthcare and life sciences, employee benefits, managed care and insurance, technology and other related industries. She speaks and publishes extensively on these and other related compliance issues.
Ms. Stamer’s work throughout her career has focused heavily on working with health care and managed care, life sciences, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. Author of a multitude of highly regarded publications on HIPAA and other medical record and data privacy and scribe for the ABA JCEB Annual Meeting with the HHS Office of Civil Rights, her experience includes extensive involvement throughout her career in advising health care and life sciences and other clients about preventing, investigating and defending EEOC, DOJ, OFCCP and other Civil Rights Act, Section 1557 and other HHS, HUD, banking, and other federal and state discrimination investigations, audits, lawsuits and other enforcement actions as well as advocacy before Congress and regulators regarding federal and state equal opportunity, equity and other laws.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Laws Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested in reviewing some of our other Solutions Law Press, Inc.™ resources available here, such as:
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and educational purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstances at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules make it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access to this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Attorney Cynthia Marcotte Stamer and Allison Moody are scheduled to present a “Health Plan Claim Denials Update” for the American Bar Association Real Property Probate and Trust Section Employee Benefits and Executive Compensation Group on Friday, January 19, 2024 from 11:30 AM – 12:30 PM Central Time. Group members and other interested persons are invited to join this complimentary Zoom call.
Employee Retirement Income Security Act (“ERISA”)-covered group health and disability plan participants and beneficiaries increasingly successfully overcome health plan benefit denials and receive ERISA § 502(c) awards based on federal court’s rulings plan fiduciaries or administrators failed to fulfill the Employee Benefit Security Administration (“EBSA”) adverse benefit determination regulations.
During the “Health Plan Claims Denials Update, attorneys Cynthia Marcotte Stamer and Allison Moody will share an update on the precedent driving this emerging trend, how the new No Surprises Act rules interface with ERISA adverse benefit determination regulations, and discuss implications and best practices for health plan fiduciaries, administrators, and their advisors should consider to strengthen the defensibility of their plans’ adverse benefit determinations and mitigate risks in light of this trend to the American Bar Association Real Property Probate and Trust Section Employee Benefits and Executive Compensation Group monthly membership Zoom call on Friday, January 19, 2024.
Participation in this and other RPTE Section Employee Benefit and Other Compensation Group calls is complimentary. Members and other interested persons can join the call using the following Zoom credentials:
One tap mobile: +13126266799,,91796395033# US (Chicago)
About the Presenters
Allison Moody. Allison Moody is a highly experienced legal consultant, licensed to practice law, specializing in advising on complex health and welfare benefit laws. With a deep understanding of the legal and regulatory landscape, Allison provides expert guidance to employers, brokers, and members in various states, ensuring their compliance with ever-evolving requirements. Allison has built a reputation for helping organizations navigate the intricacies of employee benefits laws and delivering practical and effective solutions. She also negotiates contracts, provides legal review of proposed legislation, regulations, and bulletins, and assists with audits and investigations.
Allison previously served as Vice President and General Counsel of a third-party administrator. In her position there, she advised organizations on legal and business issues and finding ways to minimize risk. She also represented the company in various administrative and legal proceedings and hired and managed Outside Counsel in matters involving litigation or arbitration.
Allison has served in leadership roles in many benefits organizations over her career, including the Society of Professional Benefit Administrators (SPBA), Texas Professional Benefit Administrators (TPBA), RPTE Employee Benefits and Executive Compensation Committee, and the National Association of Health Insurance Professionals (NAHIP). She is also a member of the ABA Tort and Insurance Practice Section, where she serves on the Medicine and Law and Life, Health and Disability, and Cybersecurity Committees. In her spare time, she volunteers for Brother Bills Helping Hand and enjoys her French bulldogs.
Allison received her Juris Doctorate degree from Tulane Law School and graduated Magna Cum Laude in Communications/Political Science from Texas Tech.
Cynthia Marcotte Stamer. Cynthia Marcotte Stamer is a Fellow in the American College of Employee Benefits Counsel and Board Certified in Labor and Employment law by the Texas Board of Legal Specialization, recognized for her decades of prolific legal and operational work, legislative and regulatory advocacy, scholarship, and thought leadership on insured and self-insured managed care and other health care, disability and other employee benefit, insurance, health care and workforce programs, practices, and policies as a “Top Rated Lawyer,” and “LEGAL LEADER™” in Health Care Law and Labor and Employment Law; “Best Lawyer” in “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “HealthCare” and “Business and Commercial Law.”
For 35-plus years, “Cindy” has guided and represented self-insured and insured health and managed care, disability, and other employee benefit plans; employers; plan sponsors; fiduciaries’ administrative services, technology, and other vendors; insurers; brokers and consultants; health care providers;; governments; and others on the design, administration, and defense of claims and appeals and other plan provisions, practices, systems and technologies; the prevention, evaluation, mitigation, and defense of fiduciary, participant and beneficiary, health care provider, government and other claims, disputes, and other enforcement actions arising out of the operation of these programs; contracting, technology and product development; fiduciary responsibility, market conduct and other operating standards; health care fraud; privacy and data security; innovation and change management; government relations and investigations; and a diverse range of other employee benefits, insurance, employment, compensation, and health care operations, risk management, and compliance concerns.
Cindy also contributes her knowledge and leadership as the American Bar Association (“ABA”) RPTE Employee Benefits and Executive Compensation Group Chair and current Welfare Committee Co-Chair; current ABA Joint Committee on Employee Benefits (“JCEB”) HHS Agency Meeting Scribe and former JCEB Council Representative and Marketing Committee Chair; current ABA TIPS Section Medicine and Law Committee Chair, Employment Committee Diversity Vice Chair, and former Employee Benefits Committee Vice Chair; current ABA International Section International Life Sciences and Health Committee Chair and International Employment Committee Vice Chair; former ABA Health Law Section Managed Care & Insurance Group Chair; former SHRM National Consultant’s Board and Regional Chair; former board member, Programs Committee Chair and Treasurer of the Southwest Benefits Association; founding Board Member and Past President of the Alliance for Health Care Excellence and founder of its Health Care Heroes and Patient Empowerment Programs; past National Board Member and Dallas Chapter President of Web Network of Benefit Professionals; former Texas Association of Business BACPAC Chair, Board Member, Regional Chair, Dallas Chapter Chair and Health Care Task Force Leader; and in many other professional and civic leadership roles.
A continuous learner, prolific author, and popular public speaker, Cindy also has authored hundreds of highly regarded publications on employee benefits and other workforce, health care, managed care, privacy and data security, technology, and other related compliance, risk management, and public policy concerns. Her thought leadership on these and other concerns often is quoted in the professional and public media and sought out by legislative, regulatory, and industry leaders.
About The Employee Plans and Executive Compensation Group
The January 19, 2024 Zoom call is part of a monthly series of membership calls hosted over Zoom by the Employee Benefits and Executive Compensation Group as a free member benefit. The Employee Plans & Executive Compensation Group is comprised of 249 attorneys with an interest in or focus on employee benefits, ERISA and executive compensation issues. The Group includes six substantive committees: Fiduciary Responsibility, Administration, and Litigation; Welfare Benefit Plans; Plan Transactions and Terminations; Qualified Plans; Non-Qualified Deferred Compensation; and IRAs and Plan Distributions. Membership in the Group and the American Bar Association is open to attorney and other interested individuals
[1]The purpose of this discussion is to enable individuals to share and exchange their personal views on topics and issues of importance to the legal profession. All comments that appear are solely those of the individual, and do not reflect ABA positions or policy. The ABA endorses no comments made herein.
Got issues with the most recent articulation of the proposed rule on “Federal Independent Dispute Resolution (IDR) Operations” (“Rule”) that governs the independent dispute resolution process for resolving to disputes over out-of-network claims between health plans and heath care providers under the No Surprises Act?
The Departments of Health and Human Services, Labor, and the Treasury (the “Departments”) and the Office of Personnel Management intend to reopen the comment period for submitting comments on the proposed rule “Federal Independent Dispute Resolution (IDR) Operations.”
Concerned persons should begin preparing comments to submit while awaiting the Departments publication of official notice in the Federal Register of the reopening of the comment period.
For More Information
We hope this update is helpful. For more information about these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
About the Author
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 35 plus years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Co-Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee and Vice-Chair Elect of its International Employment Law Committee, Chair-Elect of the ABA TIPS Section Medicine & Law Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, and Chair of the ABA Intellectual Property Section Law Practice Management Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading-edge work, scholarship and thought leadership on heath benefit and other healthcare and life science, managed care and insurance and other workforce and staffing, employee benefits, safety, contracting, quality assurance, compliance and risk management, and other legal, public policy and operational concerns in the healthcare and life sciences, employee benefits, managed care and insurance, technology and other related industries. She speaks and publishes extensively on these and other related compliance issues.
Ms. Stamer’s work throughout her career has focused heavily on working with health care and managed care, life sciences, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. Scribe for the ABA JCEB Annual Meeting with the HHS Office of Civil Rights, her experience includes extensive involvement throughout her career in advising health care and life sciences and other clients about preventing, investigating and defending EEOC, DOJ, OFCCP and other Civil Rights Act, Section 1557 and other HHS, HUD, banking, and other federal and state discrimination investigations, audits, lawsuits and other enforcement actions as well as advocacy before Congress and regulators regarding federal and state equal opportunity, equity and other laws.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested in reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:
Group health plans and individual and group health insurance subject the federal No Surprises Act (“NSA”) are likely to experience continued delays in their ability to finalize certain claims liability determinations and pay providers for health claims submitted for arbitration under the NSA-established Federal Independent Dispute Resolution (“IDR”) medical claims review process as a result of an August 3, 2023 federal court ruling even as the federal agencies responsible for implementing and enforcing those rules announce new fees for seeking IDR dispute resolution under those rules.
The current rules governing the IDR process are defined by regulations implementing the NSA jointly issued by the Department of Health and Human Services (HHS), the Department of Labor (DOL), and the Department of the Treasury (collectively, the “Departments”). These rules define the process for out-of-network providers, facilities, and providers of air ambulance services, and group health plans, health insurance issuers in the individual and group markets, and Federal Employee Health Benefits (“FEHB”) carriers (“disputing parties”) to determine the out-of-network rate for out-of-network emergency services and certain items and services provided by out-of-network providers at in-network facilities and out-of-network air ambulance services under the NSA.
IDR Process Suspended
The IDR process currently is suspended following the August 3 , 2023 ruling by the United States District Court for the Eastern District of Texas in Texas Medical Association v. United States Department of Health and Human Services, Case No. 6:23-cv-59-JDK, vacating certain portions of 45 C.F.R. § 149.510, 26 C.F.R. § 54.9816-8T, and 29 C.F.R. § 2590-716-8, which are parallel provisions governing the Federal IDR.
The Court granted summary judgement on August 3, 2023 to the Texas Medical Association and other provider plaintiffs challenging these federal IDR rules for arbitration of health coverage disputes between payers and providers under the No Surprises Act. The Court agreed with the health care providers that the rules violated federal law by failing to take into account the full range of factors Congress directed be considered when enacting the IRO rules as part of the NSA.
Immediately following the Court’s entry of the order, the Departments temporarily suspended the federal IDR medical claims review process including the ability to initiate new disputes and directed certified IDR entities to pause all IDR-related activities in response an the ruling. As a result of the suspension, the Patient-Provider Dispute Resolution Portal also temporarily ceased accepting new initiated disputes.
When announcing the suspension, the Departments said they would review the court’s decision to evaluate changes to current IDR processes, templates, and system updates necessary to comply with the court’s order. The Departments said they will issue updates to these processes in the near future and will provide specific directions to certified IDR entities for resuming all IDR-related activities in a manner consistent with the court’s judgment and order “soon.” Until then, arbitration of disputes between payers and providers under covered employment based group health plans and individual and group health insurance subject to the law will be delayed.
The FAQs are not announcing the reopening of the Federal IDR portal to initiate new disputes. Accordingly, the IDR process remains in suspension pending further action by the Departments. In the meantime, however, the FAQs clarify the administrative fee amount that each disputing party will be required to pay to engage in the Federal IDR process when the IDR process suspension resumes as a result of the Texas Medical Association opinion and order.
What To Do Now
For health plans and their sponsors and administrators, for example, delays due to the suspension obviously delay payments to providers as many self-insured health plans, their sponsors, fiduciaries, administrators and stop-loss reinsurers approaching year end. Many stop-loss policies and other funding arrangements limit or exclude coverage for plan claims not paid with the policy period or, if the policy includes run off coverage, that brief period following the policy year end. Delays in payment also could complicate year end underwriting for renewals. Employers and unions, their brokers, administrators, fiduciaries and reinsurers should evaluate, monitor and begin strategizing about their response to these developments to prepare for their upcoming renewals and enrollment seasons.
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
For More Information
We hope this update is helpful. For more information about these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 35+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications. As a significant part of her work, Ms. Stamer has worked extensively domestically and internationally with business, government and community leaders to prepare for and deal with pregnancy, disability and other discrimination, leave, health and safety, and other workforce, employee benefit, health care and other operations planning, preparedness and response for more than 35 years. As a part of this work, she regularly advises businesses and government leaders on an on-demand and ongoing basis about preparation of workforce, health care and other business and government policies and practices to deal with management in a wide range of contexts ranging from day to day operations, through times of change and in response to complaints, investigations and enforcement.
Author of a multitude of other highly regarded publications and presentations on MHPAEA and other and health and other benefits, workforce, compliance, workers’ compensation and occupational disease, business disaster and distress and many other topics, Ms. Stamer has worked with health plans, employers, insurers, government leaders and others on these and other health benefit, workforce and performance and other operational and tactical concerns throughout her adult life.
A former lead advisor to the Government of Bolivia on its pension privatization project, Ms. Stamer also has worked domestically and internationally as an advisor to business, community and government leaders on health, severance, disability, pension and other workforce, health care and other reform, as well as regularly advises and defends organizations about the design, administration and defense of their organization’s workforce, employee benefit and compensation, safety, discipline and other management practices and actions.
Board Certified in Labor and Employment Law By the Texas Board of Legal Specialization, Scribe for the ABA JCEB Annual Agency Meeting with OCR, Chair-Elect of the ABA TIPS Medicine and Law Committee, Chair of the ABA International Section Life Sciences Committee, and Past Group Chair and current Welfare Plan Committee Chair of the ABA RPTE Employee Benefits & Other Compensation Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Group health plans and individual and group health insurance subject the federal No Surprises Act may experience delays in their ability to finalize liability determinations and pay providers for health claims submitted for arbitration under federal surprise billing rules as a result of an August 3, 2023 federal court ruling.
Effective August 3, 2023, the Departments of Health and Human Services Centers for Medicare and Medicaid Services, Department of Labor Employee Benefit Security Administration and Department of Treasury (“Departments”) temporarily suspended the Federal Independent Dispute Resolution (IDR) medical claims review process including the ability to initiate new disputes and directed certified IDR entities to pause all IDR-related activities in response an August 3, 2023, federal court ruling. As a result of the suspension, the Patient-Provider Dispute Resolution Portal also temporarily ceased accepting new initiated disputes.
Earlier in the day, the U.S. District Court for the Eastern District of Texas issued a judgment and order in Texas Medical Association, et al. v. United States Department of Health and Human Services, Case No. 6:23-cv-59-JDK (TMA IV), vacating certain portions of 45 C.F.R. § 149.510, 26 C.F.R. § 54.9816-8T, and 29 C.F.R. § 2590-716-8, which are parallel provisions governing the Federal IDR.
The order of the Court grants summary judgement to the Texas Medical Association and other provider plaintiffs challenge to federal rules for arbitration of health coverage disputes between payers and providers under the No Surprises Act. The Court agreed with the health care providers that the rules violated federal law by failing to take into account the full range of factors Congress directed be considered when enacting the IRO rules as part of the No Surprises Act.
When announcing the suspension, the Departments said currently they are reviewing the court’s decision and evaluating current IDR processes, templates, and system updates necessary to comply with the court’s order. The Departments say they will issue updates in the near future and will provide specific directions to certified IDR entities for resuming all IDR-related activities in a manner consistent with the court’s judgment and order.
Until then, arbitration of disputes between payers and providers under covered employment based group health plans and individual and group health insurance subject to the law will be delayed.
A lengthy delay in the Departments’ correction of their rules could spell headaches for both payers and providers. Delays in claim resolutions due to the suspension obviously delays determination of plan liabilities can particularly impact self-insured health plans, their sponsors, fiduciaries, administrators and stop-loss reinsurers of plans approaching year end. Many stop-loss policies and other funding arrangements limit or exclude coverage for plan claims not paid with the policy period or, if the policy includes run off coverage, that brief period following the policy year end. Delays in payment also could complicate year end underwriting for renewals. Employers and unions, their brokers, administrators, fiduciaries and reinsurers should evaluate, monitor and begin strategizing about their response to these developments to prepare for their upcoming renewals and enrollment seasons.
For More Information
We hope this update is helpful. For more information about these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Solutions Law Press, Inc. invites you to receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.
About the Author
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 35+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications. As a significant part of her work, Ms. Stamer has worked extensively domestically and internationally with business, government and community leaders to prepare for and deal with pregnancy, disability and other discrimination, leave, health and safety, and other workforce, employee benefit, health care and other operations planning, preparedness and response for more than 35 years. As a part of this work, she regularly advises businesses and government leaders on an on-demand and ongoing basis about preparation of workforce, health care and other business and government policies and practices to deal with management in a wide range of contexts ranging from day to day operations, through times of change and in response to complaints, investigations and enforcement.
Author of a multitude of other highly regarded publications and presentations on MHPAEA and other and health and other benefits, workforce, compliance, workers’ compensation and occupational disease, business disaster and distress and many other topics, Ms. Stamer has worked with health plans, employers, insurers, government leaders and others on these and other health benefit, workforce and performance and other operational and tactical concerns throughout her adult life.
A former lead advisor to the Government of Bolivia on its pension privatization project, Ms. Stamer also has worked domestically and internationally as an advisor to business, community and government leaders on health, severance, disability, pension and other workforce, health care and other reform, as well as regularly advises and defends organizations about the design, administration and defense of their organization’s workforce, employee benefit and compensation, safety, discipline and other management practices and actions.
Board Certified in Labor and Employment Law By the Texas Board of Legal Specialization, Scribe for the ABA JCEB Annual Agency Meeting with OCR, Chair-Elect of the ABA TIPS Medicine and Law Committee, Chair of the ABA International Section Life Sciences Committee, and Past Group Chair and current Welfare Plan Committee Chair of the ABA RPTE Employee Benefits & Other Compensation Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Out-of-state employers, insurers, employee benefit plan vendors, and other businesses registered to do business in Pennsylvania, Georgia, Iowa, Kansas, Minnesota, or another state that requires that out-of-state businesses consent to jurisdiction as a condition of their registration to do business in the state face a heightened risk of getting hauled into court in the consent to jurisdiction state following last month’s Supreme Court decision in Mallory v. Norfolk Southern Railway Company, 600 U. S. ____ (2023) even if none of the events giving rise to the lawsuit took place in that state.
The Mallory ruling arose from a state lawsuit filed in Pennsylvania state court seeking damages by Robert Mallory (“Mallory”) to recover damages for cancer the argued was caused by the negligence of his former employer, Norfolk Southern Railroad (“Norfolk”) pursuant to the Federal Employers’ Liability Act workers’ compensation scheme that permits railroad employees to sue for injuries caused by employer negligence. Mallory filed the suit in Pennsylvania, a jurisdiction with no real connection to the claims but noted for its favorability to plaintiffs even though he never worked for Norfolk in Pennsylvania. Mallory only worked for Norfolk in Ohio and Virginia, was a Virginia resident at the time of the suit, and only briefly lived in Pennsylvania after leaving Norfolk’s employment before returning to live in Virginia. Given the lack of connection of Pennsylvania to the parties and events giving rise to the claim, Virginia-based Norfolk Southern moved for the dismissal of the Pennsylvania lawsuit for lack of the requisite “substantial minimum contacts” generally required to support personal jurisdiction.
While courts generally recognize and enforce contractual agreements by a party to consent to jurisdiction, mere registration of an out-of-state business to do business in a state historically has not been recognized as creating the necessary “substantial minimum contacts” that the Due Process clause of the United States Constitution generally requires exist to provide the general personal jurisdiction that must exist for a state court to possess jurisdiction to decide a lawsuit over the out-of-state business under the Supreme Court precedent first articulated in International Shoe Co. v. Washington, 326 U. S. 310 (1945)
Because Pennsylvania is one of five states that currently requires all out-of-state businesses registering to do business in the State to consent to be sued in the state as a condition of registration, however, Mallory argued and the Supreme Court agreed in Mallory that Norfolk waived its ability to object to personal jurisdiction when it registered to do business in the Commonwealth.
In Mallory, the Supreme Court Majority ruled that any corporation registered to do business in a state which requires out-of-state businesses to consent to general personal jurisdiction waives its right to assert a Due Process challenge to jurisdiction in that state. Accordingly, businesses registering to do business in a consent-to-jurisdiction registration state should anticipate that their mere registration with the state likely subjects the business to the jurisdiction of courts in that state even if the business has not entered into a contractual agreement to submit to that state’s jurisdiction or otherwise engage in other actions establishing the required substantial minimum contacts to satisfy the International Shoe Due Process standards even if none of the events underlying the lawsuit took place in that state.
Given the Supreme Court’s Mallory decision, businesses should take into account the potential risks of being subjected to out-of-state litigation and regulation anytime the business expands operations into, registers to do business as an out-of-state business or signs an agreement consenting to jurisdiction into a state other than their primary place of business. As evidenced by Mallory, businesses generally should consider and take steps to manage the risks of allowing the creation of jurisdiction against their business in states other than the primary location in which the business operates. Businesses subject to jurisdiction in a state generally become subject to laws, regulations, and lawsuits in that state. Aside from added obligations and costs associated with being subject to the laws of another state and conducting litigation in an unfamiliar state, businesses subject to the jurisdiction of laws in courts in multiple states open the door for opposing parties to strengthen their position by foreign shopping. Like Mallory, disgruntled current or former employees, plan members, or other opposing parties in disputes may choose to file their lawsuit in the state with the laws, rules, or precedent most favorable to their position even where the dispute does not arise out of events occurring in the chosen state. Along with assessing when their organization may be subject to liability in other states, businesses should review their insurance coverage and applications to ensure that their insurance and other risk management arrangements take into account the added risks and liabilities that could arise from the additional state law jurisdiction. Consequently, businesses choosing to operate, to register to do business in a consent-to-jurisdiction state, or contractually to agree to submit to jurisdiction in any states should be prepared for the possibility that their organization could subject themselves to regulations, lawsuits, investigations and enforcement actions in that state.
More Information
We hope this update is helpful. For more information about these or other health or other legal, management, or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Solutions Law Press, Inc. invites you to receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.
About the Author
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 35+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications. As a significant part of her work, Ms. Stamer has worked extensively domestically and internationally with business, government, and community leaders to prepare for and deal with pregnancy, disability, and other discrimination, leave, health and safety, and other workforce, employee benefit, health care and other operations planning, preparedness and response for more than 35 years. As a part of this work, she regularly advises businesses and government leaders on an on-demand and ongoing basis about the preparation of workforce, health care, and other business and government policies and practices to deal with management in a wide range of contexts ranging from day-to-day operations, through times of crisis or change, and in response to complaints, investigations and enforcement.
Author of a multitude of other highly regarded publications and presentations on MHPAEA and other health and other benefits, workforce, compliance, workers’ compensation and occupational disease, business disaster and distress, and many other topics, Ms. Stamer has worked with health plans, employers, insurers, government leaders and others on these and other health benefit, workforce and performance and other operational and tactical concerns throughout her adult life.
A former lead advisor to the Government of Bolivia on its pension privatization project, Ms. Stamer also has worked domestically and internationally as an advisor to business, community, and government leaders on health, severance, disability, pension, and other workforce, health care and other reform, as well as regularly advises and defends organizations about the design, administration, and defense of their organization’s workforce, employee benefit and compensation, safety, discipline, and other management practices and actions.
Board Certified in Labor and Employment Law By the Texas Board of Legal Specialization, Scribe for the ABA JCEB Annual Agency Meeting with OCR, Chair-Elect of the ABA TIPS Medicine and Law Committee, Chair of the ABA International Section Life Sciences Committee, and Past Group Chair and current Welfare Plan Committee Chair of the ABA RPTE Employee Benefits & Other Compensation Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training, and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls, and operational concerns. If you find this of interest, you also be interested in reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Employer and other health plan sponsors, fiduciaries and plan members hear a lot about about health care quality and its measures. However few understand what the quality data and ratings relied upon by health plans, Medicare or Medicaid, accreditation agencies or others making assertions about health care quality or how that data is measured.
While quality measures and meanings take many forms, one key measure used by Medicare, Medicaid and many other health plans, lawmakers, health quality commentators and others evaluating health care provider “quality” is the Department of Health and Human Services Office of the National Coordinator for Healthcare Information (“ONC”) electronic clinical quality measures (“eCQMs”) that the Centers for Medicare & Medicaid Services (“CMS”) requires many health care providers participating in Medicare or Medicaid to report for purposes of program participation and reimbursement.
eCQMs As Measure of HealthCare Quality
Electronic clinical quality measures or “eCQMs” are tools that ONC develops with stakeholder input to help Medicare and Medicaid measure and track the quality of health care services that eligible hospitals and critical access hospitals (CAHs) provide, as generated by a provider’s electronic health record (EHR). CMS Measuring and reporting eCQMs helps to ensure that our health care system is delivering effective, safe, efficient, patient-centered, equitable, and timely care. CMS’ eCQMs measure many aspects of patient care, including:
Patient and Family Engagement
Patient Safety
Care Coordination
Population/Public Health
Efficient Use of Healthcare Resources
Clinical Process/Effectiveness
To successfully participate in the Medicare and Medicaid Promoting Interoperability Programs, the Centers for Medicare and Medicaid Services (“CMS”) requires eligible providers, eligible hospitals, critical access hospitals and dual-eligible hospitals electronically to report on eCQMs determined by CMS that require the use of data from the provider’s certified electronic health record (“EHR”) technology (CEHRT) or other health information technology systems to measure and report quality measures in a standardized manner. For calendar year (CY) 2022, Medicare Promoting Interoperability Program participants arerequired to report on three self-selected eCQMs and the Safe Use of Opioids – Concurrent PrescribingeCQM from the set of nine available for at least three self-selected quarters of CY 2022 data. To report eCQMs successfully, health care providers must use an EHR and adhere to the requirements identified by the CMS quality program. Failing to meet these eCQM reporting requirements can prevent the provider from meeting meaningful use requirements and trigger reductions in reimbursements for care.
Health care quality, credentialing, accreditation, and other provider, health plan and other organizations also use the eCQMs data alone or with other quality measures and tools to set standards and assess and enforce quality goals and performances.
2022 eCQMs Updates
Each year, CMS makes updates to the eCQMs approved for CMS programs to reflect changes in:
Evidence-based Medicine
Code Sets
Measure Logic
Conducted annually as part of OCN’s eCQM Issue Tracker project, the CRP provides eCQM users the opportunity to review and comment on draft changes to the eCQM specifications and supporting resources under consideration by the measure stewards. The goal of the CRP is for eCQM implementers to comment on the potential impact of draft changes to eCQMs so CMS and measure stewards can make improvements to meet CMS’s intent of minimizing provider and vendor burden in the collection, capture, calculation, and reporting of eCQMs.
Every Fall, health care providers, health plans and insurers and other stakeholders concerned about these eCQMs have the opportunity to review and comment on draft changes to the eCQM specifications and supporting resources under consideration by ONC as part of ONC’s 2022 Change Review Process (CRP) for the ONC Project Tracking System. Interested stakeholders must monitor the posting of issues and act quickly to share their feedback, however, as stakeholders have only two weeks to comment after a ONC posts a new proposed eCQm change.
Stakeholders with an account on the ONC Project Tracking System can monitor, review and comment on proposed eCQM changes through the eCQM Issue Tracker project during the two week period following the date the issue is posted in the eCQM Issue Tracker. To participate in the CRP, users must have an ONC Project Tracking System account. New users can create an account via the ONC Project Tracking System website.
The following table reflects the eCQM issues open on the eCQM Issue Tracker as of September 14, 2022 and their scheduled comment closing dates
Issues Open for Public Comment As of 9/14/2022
CMS eCQM Identifier and Measure Title
CRP Issue Title
Issue Number and Link
Issue Type
Goal of Review
Public Comment Open Date
Public Comment Close Date
Multiple measures
Incorporate ‘Diagnosis’ datatype to capture Hospice Care
CMS128: Anti-depressant Medication Management; CMS136: Follow-Up Care for Children Prescribed ADHD Medication (ADD); CMS156: Use of High-Risk Medications in Older Adults
Update Cumulative Medication Duration function to calculate maximum daily frequency
eCQM Issue Tracker Open Issues As Of September 14, 2022
As proposed eCQM changes are posted for public comment as CRP issues. ONC informs eCQM accountholders of the proposed change or eCQM issue by posting for review in the ONC Project Tracking System. Accountholders only have two weeks after ONC posts a proposed eCQM to comment on the posted issue. Stakeholders interested in commenting on a particular issue must submit their comment in accordance with the directions within this two week period.
Depending on the nature of the proposed change, the proposed changing could impact the meaning, or significance of a eCQM by changing the way it is measured, the level or reporting or other aspects of the data and its magnitude. Consequently, understanding both what a eCQM measures and how that measurement is made and reported is important both to understand what actually is measured and to distinguish between changes in the measure resulting from a change in the actual delivery of the care the measure purports to measure versus changes in the result impacted by changes in measurement or reporting. For this reason, employer and other health plan sponsors, fiduciaries, insurers, administrators and other impacted stakeholders should use care to critically evaluate the eCQM and othe quality claims armed with a clear understanding both of the elements of the measurement and of any changes made to the measures across time that could influence the reported data and its significance in measuring and reporting quality and quality trends.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Act Promptly To Comment On Proposed Changes To ONC’s Electronic Clinical Quality Measures
Employer and other health plan sponsors, fiduciaries and plan members hear a lot about about health care quality and its measures. However few understand what the quality data and ratings relied upon by health plans, Medicare or Medicaid, accreditation agencies or others making assertions about health care quality or how that data is measured.
While quality measures and meanings take many forms, one key measure used by Medicare, Medicaid and many other health plans, lawmakers, health quality commentators and others evaluating health care provider “quality” is the Department of Health and Human Services Office of the National Coordinator for Healthcare Information (“ONC”) electronic clinical quality measures (“eCQMs”) that the Centers for Medicare & Medicaid Services (“CMS”) requires many health care providers participating in Medicare or Medicaid to report for purposes of program participation and reimbursement.
eCQMs As Measure of Health Care Quality
Electronic clinical quality measures or “eCQMs” are tools that ONC develops with stakeholder input to help Medicare and Medicaid measure and track the quality of health care services that eligible hospitals and critical access hospitals (CAHs) provide, as generated by a provider’s electronic health record (EHR). CMS Measuring and reporting eCQMs helps to ensure that our health care system is delivering effective, safe, efficient, patient-centered, equitable, and timely care. CMS’ eCQMs measure many aspects of patient care, including:
Patient and Family Engagement
Patient Safety
Care Coordination
Population/Public Health
Efficient Use of Healthcare Resources
Clinical Process/Effectiveness
To successfully participate in the Medicare and Medicaid Promoting Interoperability Programs, the Centers for Medicare and Medicaid Services (“CMS”) requires eligible providers, eligible hospitals, critical access hospitals and dual-eligible hospitals electronically to report on eCQMs determined by CMS that require the use of data from the provider’s certified electronic health record (“EHR”) technology (CEHRT) or other health information technology systems to measure and report quality measures in a standardized manner. For calendar year (CY) 2022, Medicare Promoting Interoperability Program participants arerequired to report on three self-selected eCQMs and the Safe Use of Opioids – Concurrent PrescribingeCQM from the set of nine available for at least three self-selected quarters of CY 2022 data. To report eCQMs successfully, health care providers must use an EHR and adhere to the requirements identified by the CMS quality program. Failing to meet these eCQM reporting requirements can prevent the provider from meeting meaningful use requirements and trigger reductions in reimbursements for care.
Health care quality, credentialing, accreditation, and other provider, health plan and other organizations also use the eCQMs data alone or with other quality measures and tools to set standards and assess and enforce quality goals and performances.
2022 eCQMs Updates
Each year, CMS makes updates to the eCQMs approved for CMS programs to reflect changes in:
Evidence-based Medicine
Code Sets
Measure Logic
Conducted annually as part of OCN’s eCQM Issue Tracker project, the CRP provides eCQM users the opportunity to review and comment on draft changes to the eCQM specifications and supporting resources under consideration by the measure stewards. The goal of the CRP is for eCQM implementers to comment on the potential impact of draft changes to eCQMs so CMS and measure stewards can make improvements to meet CMS’s intent of minimizing provider and vendor burden in the collection, capture, calculation, and reporting of eCQMs.
Every Fall, health care providers, health plans and insurers and other stakeholders concerned about these eCQMs have the opportunity to review and comment on draft changes to the eCQM specifications and supporting resources under consideration by ONC as part of ONC’s 2022 Change Review Process (CRP) for the ONC Project Tracking System. Interested stakeholders must monitor the posting of issues and act quickly to share their feedback, however, as stakeholders have only two weeks to comment after a ONC posts a new proposed eCQm change.
Stakeholders with an account on the ONC Project Tracking System can monitor, review and comment on proposed eCQM changes through the eCQM Issue Tracker project during the two week period following the date the issue is posted in the eCQM Issue Tracker. To participate in the CRP, users must have an ONC Project Tracking System account. New users can create an account via the ONC Project Tracking System website.
Issues Open for Public Comment As of 9/14/2022
The following table reflects the eCQM issues open on the eCQM Issue Tracker as of September 14, 2022 and their scheduled comment closing dates:
CMS eCQM Identifier and Measure Title
CRP Issue Title
Issue Number and Link
Issue Type
Goal of Review
Public Comment Open Date
Public Comment Close Date
Multiple measures
Incorporate ‘Diagnosis’ datatype to capture Hospice Care
CMS128: Anti-depressant Medication Management; CMS136: Follow-Up Care for Children Prescribed ADHD Medication (ADD); CMS156: Use of High-Risk Medications in Older Adults
Update Cumulative Medication Duration function to calculate maximum daily frequency
eCQM Issue Tracker Open Issues As Of September 14, 2022
As proposed eCQM changes are posted for public comment as CRP issues. ONC informs eCQM accountholders of the proposed change or eCQM issue by posting for review in the ONC Project Tracking System. Accountholders only have two weeks after ONC posts a proposed eCQM to comment on the posted issue. Stakeholders interested in commenting on a particular issue must submit their comment in accordance with the directions within this two week period.
Depending on the nature of the proposed change, the proposed changing could impact the meaning, or significance of a eCQM by changing the way it is measured, the level or reporting or other aspects of the data and its magnitude. Consequently, understanding both what a eCQM measures and how that measurement is made and reported is important both to understand what actually is measured and to distinguish between changes in the measure resulting from a change in the actual delivery of the care the measure purports to measure versus changes in the result impacted by changes in measurement or reporting. For this reason, employer and other health plan sponsors, fiduciaries, insurers, administrators and other impacted stakeholders should use care to critically evaluate the eCQM and othe quality claims armed with a clear understanding both of the elements of the measurement and of any changes made to the measures across time that could influence the reported data and its significance in measuring and reporting quality and quality trends.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
As companies that purchased health insurance and their employees or other individuals who received health insurance from certain Blue Cross Blue Shield entities wait to hear how to claim their share of the $2.67 billion In re: Blue Cross Blue Shield Antitrust Litigation private federal class action civil antitrust lawsuit settlement (“Settlement”) finally approved August 9, 2022 against the Blue Cross Blue Shield Association (“BCBSA”) and other settling individual Blue Cross Plans, employers and other plan sponsors, health care systems and providers, health insurers, pharmacy benefit managers, brokerages, and other health and health insurance market participants need to keep in mind that the private antitrust judgements are not their only exposure under federal antitrust laws. Health insurance and health industry market participants that engage in anticompetitive conduct or business transactions also risk investigation and prosecution under federal antitrust laws by the U.S. Department of Justice, the Federal Trade Commission and state regulators or attorneys general.
Market participants and others with health or health insurance industry market competitiveness concerns or interests should register and attend the September 8, 2022 Justice Department Health Industry Antitrust Enforcement Update to learn about key federal antitrust statutes regulating or prohibiting anticompetitive conduct and business transactions and hear how the Department of Justice uses these laws to promote market competition in the health care and health insurance marketplaces.
Hosted by the American Bar Association Joint Committee on Employee Benefits, the webinar will feature a discussion by U.S. Department of Justice Civil Division Healthcare and Consumer Products Section Antitrust Attorney Natalie Melada of basic federal antitrust rules and principles the Justice Department relies upon to safeguard market competitiveness and discusses selected Justice Department antitrust litigation and other compliance and enforcement initiatives the Department of Justice has undertaken to protect competition in the healthcare industry. Attorney and Solutions Law Press, Inc. editor and author Cynthia Marcotte Stamer also will provide an update on the In re: Blue Cross Blue Shield Antitrust Litigation and resulting $2.67 billion settlement approved August 9.
For more details and to register for the program, see here.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, Vice Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and managed care industry legal, public policy and operational concerns.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. Her experience includes substantial work, publications and presentations on health care, health and managed care, employee plan and purchasing groups, noncompetition and other antitrust compliance concerns.
For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation considering the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
The Agency for Healthcare Research and Quality (AHRQ) issued a brief called “Evaluation of Mental Health Mobile Applications” to help healthcare experts pick out mental health mobile health applications. Along with choosing mental Health applications and other health plan mental health benefit design, plan sponsors, fiduciaries, administrators and insurers also must ensure their overall plan design and all features comply with federal mental health parity mandates.
The report covers three areas: risk and mitigation strategies, functions, and mental health app features.
AHRQ hopes the tips will help providers, patients, and payers in selecting mental health mobile applications and seeking the best fit based on various features.
The report is part of a growing list of resources and enforcement efforts federal and state agencies have initiated over the past year as part of growing concerns about mental health.
Along with educational outreach and tools, the Employee Benefit Security Administration and Department of Health and Human Services also are ratcheting up audits and enforcement of federal mental health parity mandates. Given this heightened scrutiny, employer and other health plan sponsors, fiduciaries, administrators and insurers using mobile applications or other virtual mental health solutions in their health plans should arrange for a compliance review of their health plan compliance with these mandates within the scope of attorney client privilege to mitigate liability risks.
In a recent American Bar Association Joint Committee on Employee Benefits webinar moderated by Cynthia Marcotte Stamer, the EBSA’s Director of Health Plan Compliance and Enforcement Amber Rivers emphasized her agency is prioritizing mental health parity compliance a free recent audits showed widespread noncompliance with the requirement for parity in nonqualitative mental health conditions.
More Information.
For additional information about the requirements or concerns discussed in this article, republication or other related matters, please contact the author, employment lawyer Cynthia Marcotte Stamer via e-mail, via telephone at (214) 452 -8297 or on LinkedIn.
Solutions Law Press, Inc. invites you to receive future updates by registering here and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
About the Author
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for management work, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, well-known for her extensive work with health and other employee benefits, health care and life sciences, insurance, financial services, technology, and other highly regulated and performance reliant organizations and their leadership, Ms. Stamer works with these and other businesses and their management, employee benefit plans, insurers, health care and life sciences, governments and other organizations deal with all aspects of health care, human resources and workforce, internal controls and regulatory compliance, change management and other performance and operations management and compliance. Her day-to-day work encompasses both labor and employment issues, as well as independent contractor, outsourcing, employee leasing, management services and other nontraditional service relationships. She supports her clients both on a real-time, “on demand” basis and with longer term basis to deal with all aspects for workforce and human resources management, including, recruitment, hiring, firing, compensation and benefits, promotion, discipline, Form I-9 and other compliance, trade secret and confidentiality, noncompetition, privacy and data security, safety, daily performance and operations management, internal controls, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy. her more than 30 years’ of experience encompasses domestic and international businesses of all types and sizes.
Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service as a practicing attorney, as well as as an industry, policy management consultant, and policy strategist as well through her leadership participation in professional and civic organizations. Examples of her many leadership involvements include service as the Vice President and Executive Director of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment; Vice Chair of the ABA International Law Section Life Sciences and Health Committee; Vice Chair of the ABA Tort & Insurance Practice Section Medicine and Law Committee and former Vice Chair of its Employee Benefits Committee and its Worker’s Compensation Commitee; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; ABA Real Property Probate and Trust (RPTE) Section former Employee Benefits Group Chair, current Welfare Committee Co-Chair and past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative, and Defined Contribution Committee Co-Chair, past Welfare Benefit Committee Chair and current Employee Benefits Group Fiduciary Responsibility Committee Co-Chair, Substantive and Group Committee member, Membership Committee member and RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; a member and policy adviser to the National Physicians’ Council for Healthcare Policy and others.
Ms. Stamer also is a widely published author, highly popular lecturer, and serial symposia chair, who publishes and speaks extensively on human resources, labor and employment, employee benefits, compensation, occupational safety and health, and other leadership, performance, regulatory and operational risk management, public policy and community service concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at SolutionsLawPress.com including the following:
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
June 6, 2022 is the deadline for health plans, their sponsors, fiduciaries, administrative and other business associates and others to provide input to the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) that OCR says it seeks to help shape how it defines and implements the “recognized security standards” requirements of the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act), as amended in 2021 for purposes of its administration and enforcement of civil monetary penalty and other provisions of of the Health Insurance Portability and Accountability Act (“”HIPAA”). The regulatory and enforcement decisions that OCR makes could significantly impact the civil monetary penalty liability, compliance, audit and recordkeeping responsibilities that health plans, health care providers, health care clearinghouses and their business associates (“Covered Entities”) face under the HIPAA Security and Breach Notification Rules.
The definition and administration of the “recognized security practice” factor the HITECH Act requires OCR to consider when assessing audit results, civil monetary penalty and settlement amounts and other HIPAA Security and Breach Rule enforcement; and
The rules that OCR will follow to determine when and how OCR will share portions of amounts it receives from civil monetary penalties or settlements with individuals harmed by breaches of electronic protected health information,
Recognized Security Practices
Section 13412 of the HITECH Act requires HHS to take into consideration certain recognized security practices of covered entities (health plans, health care clearinghouses, and most health care providers) and business associates1 when determining potential fines, audit results, or other remedies for resolving potential violations of the HIPAA Security Rule pursuant to an investigation, compliance review, or audit.
A primary goal of the requirement, which took effect January 5, 2021, is to encourage covered entities and business associates to do “everything in their power to safeguard patient data.”
The RFI solicits comment on how covered entities and business associates are implementing “recognized security practices,” how they anticipate adequately demonstrating that recognized security practices are in place, and any implementation issues they would like OCR to clarify through future guidance or rulemaking.
Civil Money Penalty (CMP) and Settlement Sharing
Section 13410(c)(3) of the HITECH Act requires HHS to establish by regulation a methodology under which an individual harmed by a potential violation of the HIPAA Privacy, Security, and/or Breach Notification Rules may receive a percentage of any CMP or monetary settlement collected with respect to that offense.
Section 13140(d)(1) of HITECH requires that OCR base determinations of appropriate penalty amounts on the nature and extent of the violation and the nature and extent of the harm resulting from such violation. The HITECH Act does not define “harm,” nor does it provide direction to aid HHS in defining the term.
The RFI solicits public comment on the types of harms that should be considered in the distribution of CMPs and monetary settlements to harmed individuals, discusses potential methodologies for sharing and distributing monies to harmed individuals, and invites the public to submit alternative methodologies.
Comments Due 6/6
Health plan and other Covered Entity input could significantly impact how OCR implements and administers these two important aspects of the HIPAA Security Rule going forward. As these decisions are likely to significantly impact the policies, practices, recordkeeping, breach investigation and other obligations that Covered Entities would need to meet in the event of an audit, breach or other investigation or enforcement, timely, thoughtful input from all Covered Entities and affected stakeholders is important. In addition, its decisions on how to distribute CMPs.
For more information about the RFI or instructions for submitting comments, see here.
Health Plan Security & Breach Exposures Beyond HIPAA
These are just some of the emerging health plan compliance risks and responsibilities that health plan, their fiduciaries, sponsors, administrators, service providers and insurers need to watch and manage. Amber M. Rivers, Director of the Employee Benefit Security Administration Office of Health Plan Standards and Compliance will discuss these and other risks during the “Department of Labor Health Plan Compliance and Enforcement Update” at a virtual program hosted by the American Bar Association Joint Committee on Employee Benefits from Noon to 1:30 p.m. Central Time on May 5, 2022 to be moderated by Solutions Law Press, Inc. author and publisher, attorney Cynthia Marcotte Stamer will moderate the program.
For additional information about or to register for this program, see here.
More Information.
For additional information about the requirements or concerns discussed in this article, republication or other related matters, please contact the author, employment lawyer Cynthia Marcotte Stamer via e-mail, via telephone at (214) 452 -8297 or on LinkedIn.
Solutions Law Press, Inc. invites you to receive future updates by registering here and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
About the Author
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for management work, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, well-known for her extensive work with health and other employee benefits, health care and life sciences, insurance, financial services, technology, and other highly regulated and performance reliant organizations and their leadership, Ms. Stamer works with these and other businesses and their management, employee benefit plans, insurers, health care and life sciences, governments and other organizations deal with all aspects of health care, human resources and workforce, internal controls and regulatory compliance, change management and other performance and operations management and compliance. Her day-to-day work encompasses both labor and employment issues, as well as independent contractor, outsourcing, employee leasing, management services and other nontraditional service relationships. She supports her clients both on a real-time, “on demand” basis and with longer term basis to deal with all aspects for workforce and human resources management, including, recruitment, hiring, firing, compensation and benefits, promotion, discipline, Form I-9 and other compliance, trade secret and confidentiality, noncompetition, privacy and data security, safety, daily performance and operations management, internal controls, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy. her more than 30 years’ of experience encompasses domestic and international businesses of all types and sizes.
Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service as a practicing attorney, as well as as an industry, policy management consultant, and policy strategist as well through her leadership participation in professional and civic organizations. Examples of her many leadership involvements include service as the Vice President and Executive Director of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment; Vice Chair of the ABA International Law Section Life Sciences and Health Committee; Vice Chair of the ABA Tort & Insurance Practice Section Medicine and Law Committee and former Vice Chair of its Employee Benefits Committee and its Worker’s Compensation Commitee; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; ABA Real Property Probate and Trust (RPTE) Section former Employee Benefits Group Chair, current Welfare Committee Co-Chair and past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative, and Defined Contribution Committee Co-Chair, past Welfare Benefit Committee Chair and current Employee Benefits Group Fiduciary Responsibility Committee Co-Chair, Substantive and Group Committee member, Membership Committee member and RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; a member and policy adviser to the National Physicians’ Council for Healthcare Policy and others.
Ms. Stamer also is a widely published author, highly popular lecturer, and serial symposia chair, who publishes and speaks extensively on human resources, labor and employment, employee benefits, compensation, occupational safety and health, and other leadership, performance, regulatory and operational risk management, public policy and community service concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications.
As part of these involvements, Ms. Stamer is scheduled to moderate the discussion of “Department of Labor Health Plan Compliance and Enforcement Update” with Amber M. Rivers, Director of the Employee Benefit Security Administration Office of Health Plan Standards and Compliance that the ABA Joint Committee on Employee Benefits is hosting on May 5, 2022. For additional information about or to register for this program, see here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at SolutionsLawPress.com including the following:
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
The Health Insurance Marketplaces 2022 Open Enrollment Report (“Report”) published by the Centers for Medicare and Medicaid Services last month reveals the 2022 Open Enrollment Period (“2022 OEP”) produced the highest enrollment in health care marketplace plans since passage of the Patient Protection and Affordable Care Act (“ACA”) 12 years ago.
A review of the data reveals a number of possible explanations for the increased enrollment including but not limited to Biden Administration emphasis on outreach, the expansion of the enrollment period and availability of subsidies, and more. Businesses sponsoring health plans, insurers and other payers, government and community leaders, taxpayers and other others may wish to evaluate this data and these implications further to assess their short term and long term implications on their health plan concerns and existing and proposed practices, governmental policy proposals and other planning considerations.
Reported Key Findings
The Report found that 14.5 million consumers selected or automatically re-enrolled in marketplace health care coverage through HealthCare.gov during the 2022 OEP, 2.5 million more consumers than signed up for marketplace coverage during the 2021 OEP. This reflects a 21 percent increase in enrollment over 2021 OEP enrollment.
Other findings highlighted in the Report include the following:
In HealthCare.gov states, 10.3 million consumers enrolled in health coverage during the 2022 OEP between November 1, 2021 and January 15, 2022.
Across the 18 SBMs, 4.3 million enrollees signed up for health coverage during the 2022 OEP from November 1, 2021 through the end of their respective reporting periods.
Nationwide, the number of new consumers signing up for Marketplace coverage during the 2022 OEP increased by 20 percent, to 3.1 million, from 2.5 million in the 2021 OEP.
Among consumers who attested to a race or ethnicity, 19 percent identified as Hispanic/Latino in the 2022 OEP, compared to 18 percent in the 2021 OEP, and the percent of consumers with a known race or ethnicity who identified as Black increased to 9 percent in the 2022 OEP, from 8 percent in the 2021 OEP.
Nationwide, 2.8 million more consumers are receiving APTC in 2022 compared to 2021. Additionally, 1.1 million consumers reported household incomes over 400% FPL during the 2022 OEP, who would not have been eligible for APTC without the American Rescue Plan (ARP). The average monthly premium after APTC fell by 19 percent, from $164 in 2021 to $133 in 2022, and 28 percent of consumers selected a plan for $10 or less per month after APTC during the 2022 OEP.
The percentage of all Marketplace consumers who received costsharing reductions (CSRs) increased slightly from the 2021 OEP to the 2022 OEP, from 47 percent to 49 percent, respectively.
The average monthly 2022 premium for HealthCare.gov enrollees was $111. If consumers had not received the additional APTC provided by the ARP, the average monthly premium after APTC for HealthCare.gov consumers would have been 53 percent higher, or $170.
The Report findings summarize data about health plan selections through the individual Marketplaces during the 2022 2022 OEP and includes OEP data for the 33 states with Marketplaces that use the HealthCare.gov eligibility and enrollment platform for the 2022 plan year (HealthCare.gov states), as well as for the 18 State-based Marketplaces (SBMs) that use their own eligibility and enrollment platforms. For purposes of the Report, the 2022 OEP for the Health Insurance Marketplaces ran between November 1, 2021 and January 15, 2021 for the 33 states that used HealthCare.gov. For the 18 State-based Marketplace (SBMs) states using their own platforms, the reporting period reflects plan selection and Marketplace activity from the beginning of OE on November 1, 2021, to the end of each SBM’s respective OEP and any run-out period. Any renewals processed before November 1, 2021, are also included.
Data Underlying Report
For those interested in evaluating the 2022 OEP enrollment results and trends, CMS has prepared a number of Public Use Files (PUFs) summarizing plan selection activity during the applicable OEPs in more detail including:
2022 OEP State-Level Public Use File: The state-level PUF includes total health plan selections in all 50 states plus the District of Columbia. The PUF provides state-level data on metrics such as average monthly premium, financial assistance, age, gender, metal level, self-reported race and ethnicity, rural location, household income as a percent of the federal poverty level (FPL), and plan switching behavior among consumers with a plan selection. In addition, the state-level PUF includes data on dental plan selections and Basic Health Plan (BHP) enrollments. Certain data elements are only available for the 33 HC.gov states in 2022.
2022 OEP State, Metal Level, and Enrollment Status Public Use File: The state, metal level, and enrollment status PUF contains data with stratifications by state, metal level and enrollment status. It includes total health plan selections in all 50 states plus the District of Columbia and state, metal level, and enrollment status-level data on enrollment status, average monthly premium, financial assistance, age, gender, self-reported race and ethnicity, rural location, metal level, and household income as percent FPL. Certain data elements are only available for the 33 HC.gov states in 2022.
2022 OEP County-Level Public Use File: The county-level PUF includes total health plan selections, as well as data such as average monthly premium, financial assistance, age, gender, metal level, self-reported race and ethnicity, household income as a percent of the FPL, and plan switching behavior. In addition, the county-level PUF includes data on dental plan selections. This PUF only includes data for consumers with a plan selection in the 33 states that used the HC.gov platform in 2022.
2022 OEP ZIP Code-Level Public Use File: The ZIP code-level PUF includes total health plan selections, the count of consumers with APTC, and average APTC among consumers with APTC. This PUF only includes data for consumers with a plan selection in the 33 states that used the HC.gov platform in 2022.
2022 OEP Snapshot Public Use File: The Snapshot PUF presents data that CMS released during the 2022 OEP. It includes total health plan selections, including a breakdown of new and returning consumers, consumers on submitted applications, call center volume, and website usage. State-level health plan selection counts are also included.
Supplemental HC.gov Data: Data on availability and plan selections of Health Savings Account (HSA)-eligible plans and average and median deductibles of plans selected during the 2014-2022
Amber M. Rivers, Director of the Employee Benefit Security Administration Office of Health Plan Standards and Compliance will discuss “Department of Labor Health Plan Compliance and Enforcement Update” at a virtual program hosted by the American Bar Association Joint Committee on Employee Benefits from Noon to 1:30 p.m. Central Time on May 5, 2022. Solutions Law Press, Inc. author and publisher Cynthia Marcotte Stamer will moderate the program.
During the program, Ms. Rivers will the provide updates on the health plan eligibility, COVID emergency orders, surprise billing, mental health parity and other Department of Labor regulatory, compliance, audit, enforcement priorities and other health plan projects and developments.
For additional information about or to register for this program, see here.
More Information.
For additional information about the requirements or concerns discussed in this article, republication or other related matters, please contact the author, employment lawyer Cynthia Marcotte Stamer via e-mail, via telephone at (214) 452 -8297 or on LinkedIn.
Solutions Law Press, Inc. invites you to receive future updates by registering here and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
About the Author
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for management work, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, well-known for her extensive work with health and other employee benefits, health care and life sciences, insurance, financial services, technology, and other highly regulated and performance reliant organizations and their leadership, Ms. Stamer works with these and other businesses and their management, employee benefit plans, insurers, health care and life sciences, governments and other organizations deal with all aspects of health care, human resources and workforce, internal controls and regulatory compliance, change management and other performance and operations management and compliance. Her day-to-day work encompasses both labor and employment issues, as well as independent contractor, outsourcing, employee leasing, management services and other nontraditional service relationships. She supports her clients both on a real-time, “on demand” basis and with longer term basis to deal with all aspects for workforce and human resources management, including, recruitment, hiring, firing, compensation and benefits, promotion, discipline, Form I-9 and other compliance, trade secret and confidentiality, noncompetition, privacy and data security, safety, daily performance and operations management, internal controls, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy. her more than 30 years’ of experience encompasses domestic and international businesses of all types and sizes.
Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service as a practicing attorney, as well as as an industry, policy management consultant, and policy strategist as well through her leadership participation in professional and civic organizations. Examples of her many leadership involvements include service as the Vice President and Executive Director of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment; Vice Chair of the ABA International Law Section Life Sciences and Health Committee; Vice Chair of the ABA Tort & Insurance Practice Section Medicine and Law Committee and former Vice Chair of its Employee Benefits Committee and its Worker’s Compensation Commitee; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; ABA Real Property Probate and Trust (RPTE) Section former Employee Benefits Group Chair, current Welfare Committee Co-Chair and past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative, and Defined Contribution Committee Co-Chair, past Welfare Benefit Committee Chair and current Employee Benefits Group Fiduciary Responsibility Committee Co-Chair, Substantive and Group Committee member, Membership Committee member and RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; a member and policy adviser to the National Physicians’ Council for Healthcare Policy and others.
Ms. Stamer also is a widely published author, highly popular lecturer, and serial symposia chair, who publishes and speaks extensively on human resources, labor and employment, employee benefits, compensation, occupational safety and health, and other leadership, performance, regulatory and operational risk management, public policy and community service concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications.
As part of these involvements, Ms. Stamer is scheduled to moderate the discussion of “Department of Labor Health Plan Compliance and Enforcement Update” with Amber M. Rivers, Director of the Employee Benefit Security Administration Office of Health Plan Standards and Compliance that the ABA Joint Committee on Employee Benefits is hosting on May 5, 2022. For additional information about or to register for this program, see here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at SolutionsLawPress.com including the following:
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
The Health Insurance Marketplaces 2022 Open Enrollment Report (“Report”) published by the Centers for Medicare and Medicaid Services last month reveals the 2022 Open Enrollment Period (“2022 OEP”) produced the highest enrollment in health care marketplace plans since passage of the Patient Protection and Affordable Care Act (“ACA”) 12 years ago.
A review of the data reveals a number of possible explanations for the increased enrollment including but not limited to Biden Administration emphasis on outreach, the expansion of the enrollment period and availability of subsidies, and more. Businesses sponsoring health plans, insurers and other payers, government and community leaders, taxpayers and other others may wish to evaluate this data and these implications further to assess their short term and long term implications on their health plan concerns and existing and proposed practices, governmental policy proposals and other planning considerations.
Reported Key Findings
The Report found that 14.5 million consumers selected or automatically re-enrolled in marketplace health care coverage through HealthCare.gov during the 2022 OEP, 2.5 million more consumers than signed up for marketplace coverage during the 2021 OEP. This reflects a 21 percent increase in enrollment over 2021 OEP enrollment.
Other findings highlighted in the Report include the following:
In HealthCare.gov states, 10.3 million consumers enrolled in health coverage during the 2022 OEP between November 1, 2021 and January 15, 2022.
Across the 18 SBMs, 4.3 million enrollees signed up for health coverage during the 2022 OEP from November 1, 2021 through the end of their respective reporting periods.
Nationwide, the number of new consumers signing up for Marketplace coverage during the 2022 OEP increased by 20 percent, to 3.1 million, from 2.5 million in the 2021 OEP.
Among consumers who attested to a race or ethnicity, 19 percent identified as Hispanic/Latino in the 2022 OEP, compared to 18 percent in the 2021 OEP, and the percent of consumers with a known race or ethnicity who identified as Black increased to 9 percent in the 2022 OEP, from 8 percent in the 2021 OEP.
Nationwide, 2.8 million more consumers are receiving APTC in 2022 compared to 2021. Additionally, 1.1 million consumers reported household incomes over 400% FPL during the 2022 OEP, who would not have been eligible for APTC without the American Rescue Plan (ARP). The average monthly premium after APTC fell by 19 percent, from $164 in 2021 to $133 in 2022, and 28 percent of consumers selected a plan for $10 or less per month after APTC during the 2022 OEP.
The percentage of all Marketplace consumers who received costsharing reductions (CSRs) increased slightly from the 2021 OEP to the 2022 OEP, from 47 percent to 49 percent, respectively.
The average monthly 2022 premium for HealthCare.gov enrollees was $111. If consumers had not received the additional APTC provided by the ARP, the average monthly premium after APTC for HealthCare.gov consumers would have been 53 percent higher, or $170.
The Report findings summarize data about health plan selections through the individual Marketplaces during the 2022 2022 OEP and includes OEP data for the 33 states with Marketplaces that use the HealthCare.gov eligibility and enrollment platform for the 2022 plan year (HealthCare.gov states), as well as for the 18 State-based Marketplaces (SBMs) that use their own eligibility and enrollment platforms. For purposes of the Report, the 2022 OEP for the Health Insurance Marketplaces ran between November 1, 2021 and January 15, 2021 for the 33 states that used HealthCare.gov. For the 18 State-based Marketplace (SBMs) states using their own platforms, the reporting period reflects plan selection and Marketplace activity from the beginning of OE on November 1, 2021, to the end of each SBM’s respective OEP and any run-out period. Any renewals processed before November 1, 2021, are also included.
Data Underlying Report
For those interested in evaluating the 2022 OEP enrollment results and trends, CMS has prepared a number of Public Use Files (PUFs) summarizing plan selection activity during the applicable OEPs in more detail including:
2022 OEP State-Level Public Use File: The state-level PUF includes total health plan selections in all 50 states plus the District of Columbia. The PUF provides state-level data on metrics such as average monthly premium, financial assistance, age, gender, metal level, self-reported race and ethnicity, rural location, household income as a percent of the federal poverty level (FPL), and plan switching behavior among consumers with a plan selection. In addition, the state-level PUF includes data on dental plan selections and Basic Health Plan (BHP) enrollments. Certain data elements are only available for the 33 HC.gov states in 2022.
2022 OEP State, Metal Level, and Enrollment Status Public Use File: The state, metal level, and enrollment status PUF contains data with stratifications by state, metal level and enrollment status. It includes total health plan selections in all 50 states plus the District of Columbia and state, metal level, and enrollment status-level data on enrollment status, average monthly premium, financial assistance, age, gender, self-reported race and ethnicity, rural location, metal level, and household income as percent FPL. Certain data elements are only available for the 33 HC.gov states in 2022.
2022 OEP County-Level Public Use File: The county-level PUF includes total health plan selections, as well as data such as average monthly premium, financial assistance, age, gender, metal level, self-reported race and ethnicity, household income as a percent of the FPL, and plan switching behavior. In addition, the county-level PUF includes data on dental plan selections. This PUF only includes data for consumers with a plan selection in the 33 states that used the HC.gov platform in 2022.
2022 OEP ZIP Code-Level Public Use File: The ZIP code-level PUF includes total health plan selections, the count of consumers with APTC, and average APTC among consumers with APTC. This PUF only includes data for consumers with a plan selection in the 33 states that used the HC.gov platform in 2022.
2022 OEP Snapshot Public Use File: The Snapshot PUF presents data that CMS released during the 2022 OEP. It includes total health plan selections, including a breakdown of new and returning consumers, consumers on submitted applications, call center volume, and website usage. State-level health plan selection counts are also included.
Supplemental HC.gov Data: Data on availability and plan selections of Health Savings Account (HSA)-eligible plans and average and median deductibles of plans selected during the 2014-2022
For additional information about the requirements or concerns discussed in this article, republication or other related matters, please contact the author, employment lawyer Cynthia Marcotte Stamer via e-mail, via telephone at (214) 452 -8297 or on LinkedIn.
Solutions Law Press, Inc. invites you to receive future updates by registering here and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
About the Author
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for management work, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, well-known for her extensive work with health and other employee benefits, health care and life sciences, insurance, financial services, technology, and other highly regulated and performance reliant organizations and their leadership, Ms. Stamer works with these and other businesses and their management, employee benefit plans, insurers, health care and life sciences, governments and other organizations deal with all aspects of health care, human resources and workforce, internal controls and regulatory compliance, change management and other performance and operations management and compliance. Her day-to-day work encompasses both labor and employment issues, as well as independent contractor, outsourcing, employee leasing, management services and other nontraditional service relationships. She supports her clients both on a real-time, “on demand” basis and with longer term basis to deal with all aspects for workforce and human resources management, including, recruitment, hiring, firing, compensation and benefits, promotion, discipline, Form I-9 and other compliance, trade secret and confidentiality, noncompetition, privacy and data security, safety, daily performance and operations management, internal controls, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy. her more than 30 years’ of experience encompasses domestic and international businesses of all types and sizes.
Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service as a practicing attorney, as well as as an industry, policy management consultant, and policy strategist as well through her leadership participation in professional and civic organizations. Examples of her many leadership involvements include service as the Vice President and Executive Director of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment; Vice Chair of the ABA International Law Section Life Sciences and Health Committee; Vice Chair of the ABA Tort & Insurance Practice Section Medicine and Law Committee and former Vice Chair of its Employee Benefits Committee and its Worker’s Compensation Commitee; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; ABA Real Property Probate and Trust (RPTE) Section former Employee Benefits Group Chair, current Welfare Committee Co-Chair and past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative, and Defined Contribution Committee Co-Chair, past Welfare Benefit Committee Chair and current Employee Benefits Group Fiduciary Responsibility Committee Co-Chair, Substantive and Group Committee member, Membership Committee member and RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; a member and policy adviser to the National Physicians’ Council for Healthcare Policy and others.
Ms. Stamer also is a widely published author, highly popular lecturer, and serial symposia chair, who publishes and speaks extensively on human resources, labor and employment, employee benefits, compensation, occupational safety and health, and other leadership, performance, regulatory and operational risk management, public policy and community service concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications.
As part of these involvements, Ms. Stamer is scheduled to moderate the discussion of “Department of Labor Health Plan Compliance and Enforcement Update” with Amber M. Rivers, Director of the Employee Benefit Security Administration Office of Health Plan Standards and Compliance that the ABA Joint Committee on Employee Benefits is hosting on May 5, 2022. For additional information about or to register for this program, see here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at SolutionsLawPress.com including the following:
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
The U.S. Department of Justice along with the Minnesota and New York Attorneys General (collectively “Justice Department”) have filed a civil antitrust lawsuit to stop UnitedHealth Group Incorporated (“United”) from acquiring Change Healthcare Inc. (“Change”) on February 24, 2022 in an announced $13 billion transaction that the Justice Department claims will harm self-insured employer health plan innovation and competition in the commercial health insurance market. The suit is the latest in a series of Justice Department suits that seek to prevent continued consolidation of the health industry giants following decades of industry consolidation.
United, headquartered in Minnetonka, Minnesota, is an integrated health care enterprise that includes, among other subsidiaries, UnitedHealthcare, the largest health insurer in the United States; Optum Health, a large network of health care providers located throughout the country; OptumRx, a large pharmacy benefit manager; and OptumInsight, a health care technology business. United’s revenues were $288 billion in 2021.
Change Healthcare Inc. headquartered in Nashville, Tennessee, is a leading independent health care technology company providing health care analytics, software, services and data to health care providers, health insurers and other software and services firms in the health care industry. Today, Change markets itself as a partner to a wide variety of other health care ecosystem organizations including United’s major health insurance competitors as providing vital software and services need for innovation and problem solving. These services include electronic data interchange (EDI) clearinghouse services, which transmit claims and payment information between insurers and providers, and first-pass claims editing solutions, which review claims under the health insurer’s policies and relevant treatment protocols. Change’s revenues were $3.4 billion in 2021.
In the civil antitrust complaint filed in the U.S. District Court for the District of Columbia on February 24, 2022, the Justice Department charges United’s acquisition of this neutral player would allow United to tilt the playing field in its favor, harming current competition and allowing United to control and distort the course of innovation in this industry for the foreseeable future.
Among other things, the Justice Department alleges allowing United to eliminate a significant independent and innovative competitor firm by acquiring Change will undermine competition in the commercial health insurance market, stifle innovation in the employer health insurance markets and suppress competition in the market for a vital technology used by health insurers to process health insurance claims and reduce health care costs by giving United control of a critical data highway through which about half of all Americans’ health insurance claims pass each year.
As alleged in the complaint, the proposed transaction would give United, a massive company that owns the largest health insurer in the United States, access to a vast amount of its rival health insurers’ competitively sensitive information. Post-acquisition, United would be able to use its rivals’ information to gain an unfair advantage and harm competition in health insurance markets. The Justice Department also claims the proposed transaction would eliminate United’s only major rival for first-pass claims editing technology — a critical product used to efficiently process health insurance claims and save health insurers billions of dollars each year — and give United a monopoly share in the market.
A Justice Department press release about the lawsuit quotes Principal Deputy Assistant Attorney General Doha Mekki of the Justice Department’s Antitrust Division as saying, “Unless the deal is blocked, United stands to see and potentially use its health insurance rivals’ competitively sensitive information for its own business purposes and control these competitors’ access to innovations in vital health care technology. The department’s lawsuit makes clear that we will not hesitate to challenge transactions that harm competition by placing so much control of data and innovation in the hands of a single firm.”
The suit is the latest in a series of civil antitrust lawsuits challenging proposed mergers or acquisitions of between health insurance industry giants as anticompetitive in recent years. Stay tuned for more details.
More Information
We hope this update is helpful. For more information about these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications. As a significant part of her work, Ms. Stamer has worked extensively on pandemic, business and other crisis planning, preparedness and response for more than 30 years.
Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As a part of this work, she has continuously and extensively worked with domestic and international health plans, their sponsors, fiduciaries, administrators, and insurers; managed care and insurance organizations; hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EHR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, self-insured health and other employee benefit plans, their sponsors, fiduciaries, administrators and service providers, insurers and other payers, health industry advocacy and other service providers and groups and other health and managed care industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.
This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EHR, HIPAA and other technology, data security and breach and other health IT and data; STARK, ant kickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.
The American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. These include hundreds of highly regarded articles and workshops on health and other benefits, workforce, health care and insurance concerns.
For more information about these requirements, Ms. Stamer or her experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication. Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Employer-based health plans, health insurance issuers, and other group health plans should begin preparing to report prescription drug and health coverage costs data for prescription drugs covered by their programs after December 31, 2021 required by an interim final rule with request for comments issued by the Departments of Health and Human Services (HHS), Labor, the Treasury (collectively, the Departments), and the Office of Personnel Management today. Since the new rule requires covered plans and insurers to report data for prescription expenditures in 2020 and 2021 by December 27, 2022 and annually thereafter, covered plans and insurers will want complete the necessary arrangements to collect the data as soon as possible to minimize the cost and burdens of collecting and preparing the reports required at the end of the year.
The rule requires health plans, health insurance issuers offering group or individual health insurance coverage, and health benefits plans offered to federal employees to submit key data to the Departments, which will work through the HHS Assistant Secretary for Planning and Evaluation (ASPE) to publish a report on prescription drug pricing trends and rebates, as well as their impact on premiums and consumers’ out-of-pocket costs.
The interim final rule also requires plans and health insurers to provide the Departments with an annual overview of their top 50 drugs across key areas of concern annually, including:
General information regarding the plan or coverage;
Enrollment and premium information, including average monthly premiums paid by employees versus employers;
Total health care spending, broken down by type of cost (hospital care; primary care; specialty care; prescription drugs; and other medical costs, including wellness services), including prescription drug spending by enrollees versus employers and issuers;
The 50 most frequently dispensed brand prescription drugs;
The 50 costliest prescription drugs by total annual spending;
The 50 prescription drugs with the greatest increase in plan or coverage expenditures from the previous year;
Prescription drug rebates, fees, and other remuneration paid by drug manufacturers to the plan or issuer in each therapeutic class of drugs, as well as for each of the 25 drugs that yielded the highest amount of rebates; and
The impact of prescription drug rebates, fees, and other remuneration on premiums and out-of-pocket costs.
The rule provides that plan sponsors, issuers, and FEHB carriers generally will be required to submit this information aggregated at the state/market level, rather than separately for each plan. To ensure that the Departments and Office of Personnel Management are able to conduct meaningful data analysis and identify prescription drug trends, the rule also provides uniform standards and definitions, including for identifying prescription drugs regardless of the dosage strength, package size, or mode of delivery.
A CMS fact sheet published along with the rule Shares more details about how data will be collected and analyzed and other information on the data submission requirements.
The new data submission requirements will apply starting with data from the 2020 calendar year. However, the Departments are deferring enforcement of the new requirements until December 27, 2022, to give regulated entities time to come into compliance. This means the required information for 2020 and 2021 is due by December 27, 2022, although it may be submitted sooner.
The extended deadline for reporting is the result of an exercise of discretion by the Departments. Technically, the CAA requires plans and issuers to begin submitting the required information to the Departments by December 27, 2021, and to submit this information by June 1 of each year thereafter. However, the Departments are exercising discretion to provide temporary deferral of enforcement with regard to the December 27, 2021 and June 1, 2022 deadlines. Consequently, the Departments say they will not initiate enforcement action against a plan or issuer that submits the required information for 2020 and 2021 by December 27, 2022. OPM also will allow its FEHB carriers to report information for 2020 and 2021 by December 27, 2022.
The Departments anticipate releasing their first report in June 2023 and biennially thereafter.
Along with publishing the rules, the Department invited public comments on its provisions. Comments on this IFC are due at 5 p.m. on January 24, 2022.
The Departments say additional information on prescription drug rebates, fees, and other remunerations paid by drug manufacturers to plans, issuers, and pharmacy benefit managers—including the top 25 drugs generating the highest rebate amounts—will help the Departments understand and report on prescription drug costs, and how they fluctuate over time.
In addition to preparing to meet the requirements in today’s rules, plans and insurers also need to prepare to comply with two earlier interim final rules (published on July 13, 2021and October 7, 2021, respectively) and a notice of proposed rulemaking (published on September 16, 2021).
More Information
We hope this update is helpful. For more information about these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications. As a significant part of her work, Ms. Stamer has worked extensively on pandemic, business and other crisis planning, preparedness and response for more than 30 years.
Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As a part of this work, she has continuously and extensively worked with domestic and international health plans, their sponsors, fiduciaries, administrators, and insurers; managed care and insurance organizations; hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EHR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, self-insured health and other employee benefit plans, their sponsors, fiduciaries, administrators and service providers, insurers and other payers, health industry advocacy and other service providers and groups and other health and managed care industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.
This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EHR, HIPAA and other technology, data security and breach and other health IT and data; STARK, ant kickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.
The American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. These include hundreds of highly regarded articles and workshops on health and other benefits, workforce, health care and insurance concerns.
For more information about these requirements, Ms. Stamer or her experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication. Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Businesses, their employee benefit plan fiduciaries, their employer and other sponsors, their record keepers, financial advisors and other service providers and other business partners face growing pressure to shore up cyber security and cyber breach compliance and other safeguards to defend against a slew of new and ongoing federal cyber security and breach regulatory and enforcement the Biden-Harris Administration is rolling out in its effort to stem the rising tide of cybersecurity incidents.
Agencies Targeting Businesses, US Entities & Their Leaders For CyberSecurity & CyberBreach Regulation & Enforcement
The DOJ Civil Cyber-Fraud Initiative is the latest in a growing list of new regulatory and enforcement programs placing pressure on U.S. businesses and their leaders to get serious about cybersecurity. Examples of some of the more far reaching of these new or continuing programs include:
Government Contractors.
Under the Civil Cyber-Fraud Initiative, DOJ plans to use the False Claims Act to prosecute pursue cyber security related fraud by government contractors and grant recipients. According to DOJ, the initiative will hold accountable entities or individuals that put U.S. information or systems at risk by knowingly providing deficient cyber security products or services, knowingly misrepresenting their cyber security practices or protocols, or knowingly violating obligations to monitor and report cyber security incidents and breaches. Federal contractors and grant recipients submitting claims for federal funds will be considered to have filed a false claim in violation of the False Claims Act if their cyber security and cyber breach practices are not compliant with applicable federal requirements when the payment is requested.
Federal Health Program Participating Health Care Providers And Plans.
The DOJ Cyber-Fraud Initiative follows a similar interpretation of the Department of Health & Human Services (“HHS”) Office Inspector General (“OIG”) about the cybersecurity and cyberbreach compliance requirements health care providers and health plan issuers participating in Medicare and certain other federally funded health care programs (“Medicare Participating Providers”) are accountable to meet under the Conditions of Participation for those programs. HHS OIG’s construction of these Conditions of Participation as including cybersecurity and cyberbreach compliance signs that Medical Participating Providers with deficient cybersecurity practices now may risk program disqualification and False Claims Act liability along with their already well-known exposure to civil monetary penalties under the Health Insurance Portability & Accountability Act (“HIPAA”) protected health information privacy, security and data breach rules.
Health & Other Employee Benefit Plans.
Health plans and other employee benefit plans, their fiduciaries, record keepers and service providers also face growing cybersecurity responsibilities and risks. While HHS Office of Civil Rights (“OCR”) continues to clarify and expand its interpretation, investigation and enforcement of HIPAA privacy, security and data breach rules against health plans, health care providers, health care clearinghouses and their business associates, the Department of Labor Employee Benefit Security Administration is turning up the heat on employee benefit plan fiduciaries to prudently protect their employee benefit plan assets and participants against cyberthreats.
On April 14, 2021, the Department of Labor Employee Benefit Security Administration (“EBSA”) made official its interpretation of the duty of prudence applicable to employee benefit plan fiduciaries under Section 404 of the Employee Retirement Income Security Act (“ERISA”) includes a duty for ERISA-covered employee benefit plan fiduciaries to take “appropriate precautions” to mitigate risks to plan participants and assets from both internal and external cybersecurity threats. The April 14 announcement makes official EBSA’s interpretation of the duty of prudence applicable to fiduciaries of ERISA-covered employee benefit plans as extending to a duty to act prudently to safeguard plan assets and plan participants against cybersecurity threats.
Concern about cyberthreats to private employee benefit plans covered by ERISA, their participants and beneficiaries has soared as massive data breaches Federal Thrift Savings Plan, Anthem, Capital One, the Public Employees Retirement Association of New Mexico and other employee benefit plans, their vendors and service providers increasingly have impacted millions of employee benefit plans, their accounts and participants.
While Congress chose to subject health plans to the detailed health privacy, security and breach rules of HIPAA and financial and certain other employee benefit plan service providers to consumer financial disclosure and data information security requirements of laws like Gramm-Leach-Bliley Act and the Fair and Accurate Credit Transactions Act, and even employers and others conducting background and other credit checks to the Fair Credit Reporting Act, growing awareness of the cyberthreat to employee benefits has not prompted Congress to date to extend those laws or otherwise to enact express statutory requirements for employee benefit plans and their fiduciaries. However, private litigants and others increasingly have speculated that a fiduciary duty to safeguard plan asset against cyberthreats might be subsumed in the obligation of fiduciaries under Section 404 of ERISA at all times to act with “the care, skill, prudence, and diligence under the circumstances then prevailing that a prudent man acting in a like capacity and familiar with such matters would use in the conduct of an enterprise of a like character and with like aims.” See, e.g., See Record $16M Anthem HIPAA Settlement Signals Need to Tighten Your Health Plan HIPAA Compliance & Risk Management.
While EBSA has worked to formulate its recently announced positions, private litigants increasingly have begun debating the applicability and effect of ERISA on cyberbreaches involving ERISA regulated plans. See e.g., In re Anthem, Inc. Data Breach Litig., No. 15-CV-04739-LHK, 2015 WL 7443779, at *1 (N.D. Cal. Nov. 24, 2015)(holding Anthem entitled under ERISA to remove claims to federal court and refusing employee benefit plan participants’ motion to remand to state court state claims arising from data breach); In re Anthem, Inc. Data Breach Litig., No. 15-MD-02617-LHK, 2016 WL 3029783 (N.D. Cal. May 27, 2016)(refusing to dismiss participant claims against non-Anthem defendants for lack of standing), motion reconsideration denied In re Anthem, Inc. Data Breach Litig., No. 15-CV-04739-LHK, 2016 WL 324386 (N.D. Cal. Jan. 27, 2016); Bartnett v. Abbott Lab’ys, No. 20-CV-02127, 2021 WL 428820, at *5 (N.D. Ill. Feb. 8, 2021) (dismissing breach of fiduciary duty claim based on inadequate evidence); In re: Premera Blue Cross Customer Data Sec. Breach Litig., No. 3:15-MD-2633-SI, 2017 WL 539578, at *21 (D. Or. Feb. 9, 2017). While mostly unsuccessful to date for procedural or factual sufficiency reasons, the preemption issues argued in many of these cases support concerns that under the proper circumstances ERISA could apply to breaches involving plans or their participants. As these and other actions continue to wind their way through the courts, EBSA also has begun to acknowledge that ERISA plan fiduciaries duties of prudence include cybersecurity responsibilities.
EBSA’s first official recognition of a cybersecurity responsibility by plan fiduciaries appears in the Default Electronic Disclosure by Employee Pension Benefit Plans Under ERISA Final Rule (the “Electronic Disclosure Rule”), which took effect July 27, 2020 . In the discussion of its requirements regarding website-based electronic disclosures in Subpart (e)(3), the Electronic Disclosure Rule requires that “[T]he administrator must take measures reasonably calculated to ensure that the website protects the confidentiality of personal information relating to any covered individual.” Similarly, the requirements for using e-mail to provide electronic disclosures in Subsection (k)(4) of the Electronic Disclosure Rule require the plan administrator to take “measures reasonably calculated to protect the confidentiality of personal information relating to the covered individual.” While recognizing these cyber security responsibilities in the Electronic Disclosure Rule, however, EBSA explained in the Preamble to the Electronic Disclosure Rule that it decided not to include more cumbersome cybersecurity requirements in the Electronic Disclosure Rule out of concern over the cost and other burdens of such requirements. Nevertheless, the Electronic Disclosure Rule imposed a responsibility by plan fiduciaries of employee benefit plans making electronic disclosures to ensure that electronic recordkeeping systems have in place reasonable controls, adequate records management practice, and other measures calculated to protect Personally Identifiable Information.
EBSA’s April 14, 2021 reflects EBSA now views the fiduciary responsibilities of ERISA-covered employee benefit plan fiduciaries generally as including the responsibility to take “appropriate precautions” to mitigate risks to plan participants and assets from both internal and external cybersecurity threats. Beyond acknowledging a duty to take prudent steps to protect plans assets and participants against internal and external cybersecurity threats, EBSA also shared the following three resources to help plan sponsors, fiduciaries and participants to safeguard benefit plans and personal information against emerging cyber threats:
Tips for Hiring a Service Provider: Helps plan sponsors and fiduciaries prudently select a service provider with strong cybersecurity practices and monitor their activities, as ERISA requires.
Online Security Tips: Offers plan participants and beneficiaries who check their retirement accounts online basic rules to reduce the risk of fraud and loss.
Participants in Securities Markets, Market Infrastructure Providers & Vendors.
Meanwhile the Securities and Exchange Commission (“SEC”) also has made clear its expectation that all firms participating in the securities markets, market infrastructure providers and vendors will appropriately monitor, assess and manage their cybersecurity risk profiles, including their operational resiliency. Consistent with the shared understanding of best cybersecurity practices shared with the agencies, the SEC guidance makes clear its market involved and impacting regulated entities are accountable for maintaining and enforcing appropriate internal and external controls to prevent, detect and redress cybersecurity threats, including appropriate board governance and risk management, access rights and controls, data loss prevention,mobile security, incident response and resiliency, vendor management, training and awareness and other practices. See SEC Office of Compliance Inspections and Examinations Cybersecurity and Resiliency Observations. Recently announced enforcement actions demonstrate that the SEC is acting on its promise to go after SEC regulated entities that breach these expectations. See, e.g., SEC Announces Three Actions Charging Deficient Cybersecurity Procedures.
These and other recently announced federal regulatory and enforcement developments send a clear message to businesses and their leadership, employee benefit plan sponsors, fiduciaries, record keepers and other vendors, SEC securities market involved organizations and others to clean up their cybersecurity compliance and risk management. Beyond the governmental enforcement risks these developments signal, these and other emerging regulatory developments provide added fuel for the already substantial private litigant and government complaints, investigations and prosecutions against businesses, their leaders, their employee benefit plan fiduciaries, record keepers and other service providers,and others. and their leaders unable to defend the adequacy of their cybersecurity related practices.
Raise Cybersecurity Compliance & Defenses To Mitigate Risks & Liabilities
In the face of these developments, all businesses, employee benefit plan fiduciaries, their employer and other sponsors, record keepers and other vendors and their leaders should prioritize cybersecurity compliance, risk management, oversight and controls. As part of these efforts, organizations and their leaders should move quickly to position themselves to defend against potential investigation and enforcement risks created by these emerging policies. These efforts should seek to ensure compliance with all applicable statutory, regulatory and contractual requirements as well as institutionalize the necessary operational controls to protect systems, data and operations from cyber breaches and other threats, to detect and redress cyber events promptly, and to ensure that the organization otherwise can demonstrate both their compliance efforts, as well as their timely prudent detection, investigation, reporting, mitigation and remediation in response to actual or suspected cyber threats or other compliance breaches.
Efforts should begin by taking carefully crafted, well-documented documented steps to prudently evaluate and strengthen cybersecurity and breach safeguards and compliance, as well as prudently to assess and verify those of their vendors and others involved with their employee benefit plans or their administration within the scope of attorney-client privilege.
Assessments should take into account all existing required statutory, regulatory, and contractual controls and practices, documentation and other procedures. In addition, organizations should consider the advisability of adopting other “best practice” safeguards or actions taking into account relevant agency guidance and resources, government or other contracts, other industry or related standards, known and suspected breaches, “red flags” and threats, their own, their vendor and business partner and other risk profiles and experience, and other factors likely to be viewed as prudent under the circumstances.
In assessing, designing and administering the cybersecurity processes, organizations and their leaders should give due attention to assessing and addressing the adequacy of their internal and external controls to ensure the adequacy of their systems, processes, oversight and response practices and capabilities as of the time of the assessment and on an ongoing basis. Beyond establishing required policies and formal controls, organization should ensure that their organizations have in place the necessary policies and practices to monitor and control cyberthreats arising from conduct and risks created by employees and other internal workforce, vendors and other parties interacting with the business and its operations. As part of these efforts, most organizations will need to evaluate their contractual obligations and requirements for vendors, suppliers and others interacting with their businesses. Beyond general contractual compliance obligations, organizations should weigh requiring contractors, suppliers and other business partners to make specific commitments to maintain and monitor compliance and other risks, to provide timely notice and reports, to cooperate with audits and investigations necessary or advisable to respond to private or government complaints, government or other investigation, reporting or other requirements, their own compliance and risk assessments, audits and investigations and other compliance and risk management efforts. Organizations also should give careful attention and review the adequacy of protections and responsibilities arising from contractual cybersecurity and breach notice, investigation, cooperation, indemnification, insurance and other associated protections and cooperation.
Organizations also should consider establishing and administering processes for independent monitoring of regulatory, news, and other reports that could provide early warning of potential cybersecurity weaknesses, threats and breaches.
All processes should include appropriate governance, oversight and reporting to provide for ongoing monitoring and oversight necessary to identify and respond to evolving risks arising in the course of their operations as well as consistent practices for carefully documenting their compliance and risk management compliance efforts.
Because of the frequently high cost of breach investigation, response and mitigation, most organizations will want to consider securing cyber liability or other coverage, require vendors and other business partners to provide cyber liability indemnifications backed up with insurance or other adequate assurance of their ability to fulfill these financial responsibilities.
More Information
We hope this update is helpful. For more information about or assistance with these or other workforce, internal controls and compliance or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, and author of the “Medical Privacy” Chapter in the BNA/ERISA Litigation Treatise, the “Other Torts Chapter” in the BNA/ABA E-Heath & Other Torts Treatise, “Privacy and the Pandemic Workshop” for the Association of State and Territorial Health Plans, as well as a multitude of other highly regarded data privacy and security, workforce and health care change and crisis management and other highly regarded publications and presentations, Ms. Stamer is widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns.
A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with private and public employer, health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. In the course of this work, she has had extensive involvement in the design, administration and defense of payroll, employee benefit, insurance, securities, trade secret and other confidential information and other internal and external record and data systems and processes as well as investigation, reporting, redress and mitigation of cyber and other incidents.
As a part of this work, she has continuously and extensively worked with domestic and international health and other employee benefit plans, their sponsors, fiduciaries, administrators, and insurers; managed care and insurance organizations; hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EHR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, self-insured health and other employee benefit plans, their sponsors, fiduciaries, administrators and service providers, insurers and other payers, health industry advocacy and other service providers and groups and other health and managed care industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies. She also has extensive experience dealing with OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.
American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, current RPTE Welfare Benefit Committee Co-Chair and former Chair of its Fiduciary Responsibility, Plan Terminations and Distributions and Defined Contribution Plan Committees, a former JCEB Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former SHRM Consultants Board and Region IV Chair, former Texas Association of Business Board, BACPAC Board and Dallas Chapter Chair, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas.
Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
Yesterday’s release by the Departments of Labor, Health and Human Services, Treasury and the Office of Personnel Management (“Agencies”) release yesterday (September 30, 2021) an a third interim final rule (“3rd Rule”) implementing requirements applicable to health plans and health care providers enacted under the No Surprises Act (the “Act) warns health plans, their employer and other sponsors, insurers, fiduciaries and service providers time is running out to update their plans, contracts and practices to prepare to meet comply with the Act when its rules take effect in 2022.
The release of the 3rd Rule yesterday follows the Agencies’ issuance of an interim final rule on consumer protections against surprise billing (“1st Rule”) in July and a proposed rule to help collect data on the air ambulance provider industry (“2nd Rule”) earlier in September, both of which take effect on January 1, 2022.The rules implement the Act’s ban on surprise billing for emergency services and ancillary care at in-network facilities, and limit high out-of-network cost sharing for emergency and non-emergency services by prohibiting them from being higher than if such services were provided in-network. In addition to the Act’s requirements implemented by these three rule packages, health plans and health providers also need to begin preparing to comply with new rules regarding prescription drug coverages and various other requirements of the Act, as well as a plethora of regulatory and market changes impacting health plans and their administration that have emerged over the past year.
Solutions Law Press, Inc. is hosting a complimentary briefing by Cynthia Marcotte Stamer on key requirements of the Act expected to impact health plans and their administration on Monday, October 18, 2021 from 11:30 a.m. to 1:00 p.m. Central Time. Registration is limited. Persons interested in attending should e-mail here to request registration as soon as possible.
Act’s Surprise Billing Ban
The Act seeks to protect patients from surprise bills and remove them from the middle of payment disputes between out-of-network providers, facilities, or providers of air ambulance services and health plans or issuers.
The Act seeks to protect patients from surprise bills and remove them from the middle of payment disputes between out-of-network providers, facilities, or providers of air ambulance services and health plans or issuers.
The 1st Rule published on July 1, 2021 states that, beginning in 2022, patients will only be required to pay cost sharing based on in-network rates for certain out-of-network emergency services, out-of-network non-emergency services at in-network facilities and out-of-network air ambulance services.
The 3rd Rule builds on this work and details how the total payment to an out-of-network provider or facility will be determined. In some cases – based on the law – state law or application of a state All-Payer Model Agreement will determine this amount. Where neither applies, the rule sets forth the federal process that will apply for determining the amount. When a payment dispute for items/services that fall under surprise billing protections occur, either a provider, facility, or air ambulance provider or plan/issuer may initiate a 30-day open negotiation period. If open negotiation fails, either party may initiate the federal independent dispute resolution process. This rule details how this process initiates, what is eligible for this process and how independent dispute resolution entities should consider factors when determining a payment amount.
Self Pay Patient’s Good Faith Estimate Requirements
In added consumer protections, today’s 3rd Rule also outlines key requirements related to uninsured (or self-pay) individuals. Self-pay individuals are individuals who have coverage but do not choose to have their care billed to their health plan or issuer. When individuals schedule an item or service with certain providers and facilities, those providers and facilities will be required to inquire about the individual’s health coverage status, and if the individual wants their care billed to their health plan or issuer.
The provider or facility must provide a good faith estimate of expected charges for the care they are scheduling for individuals deemed uninsured (or self-pay). An uninsured (or self-pay) individual may also request a good faith estimate, without scheduling an item or services. The rule also establishes a process for uninsured (or self-pay) individuals to initiate a payment dispute resolution process if they are ultimately billed substantially in excess of the good faith estimate they received.
Time Running Short To Complete Compliance Preparations
The Act’s restrictions on balance billing of out of network and self pay services, along with new rules regarding prescription drug coverage and various other health benefit rules are scheduled to take effect under the Act beginning in January, 2022 as well as a host of other statutory, regulatory and market changes impacting health benefit programs for the upcoming year. Aside from the complexities of meeting the direct requirements of the rules, health plans and their sponsors, fiduciaries, administrators and advisors working to update their plans also will need to determine and decide how to respond to state law regulatory surprise billing and other price transparency and balance billing rules that the Act and its implementing regulations incorporate. Employer and other health plan sponsors, health plan fiduciaries and their service providers need to confirm the necessary arrangement are prepared in a timely fashion to ensure their health plans are designed and administered to comply with these requirements. In addition to updating plan documents, contracts, and processes, health plans, their sponsors, fiduciaries, administrative service providers and others likely need to review budget forecasts, stop loss and other insurance, participant and provider communications, systems, and a host of other operating features of their programs. Given the emerging nature of the guidance, meeting current deadlines are likely to prove challenging. Accordingly health plan sponsors, administrators, fiduciaries, insurers, and advisors should move quickly to begin preparations.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications. As a significant part of her work, Ms. Stamer has worked extensively on pandemic, business and other crisis planning, preparedness and response for more than 30 years.
Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As a part of this work, she has continuously and extensively worked with domestic and international health plans, their sponsors, fiduciaries, administrators, and insurers; managed care and insurance organizations; hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EHR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, self-insured health and other employee benefit plans, their sponsors, fiduciaries, administrators and service providers, insurers and other payers, health industry advocacy and other service providers and groups and other health and managed care industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.
This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EHR, HIPAA and other technology, data security and breach and other health IT and data; STARK, ant kickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.
Author of “Privacy and the Pandemic Workshop” for the Association of State and Territorial Health Plans, as well as a multitude of other health industry matters, workforce and health care change and crisis management and other highly regarded publications and presentations, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
IMPORTANT NOTICE ABOUT THIS COMMUNICATION
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access of this publication. Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Group health plans, their plan administrators and fiduciaries, employer or other sponsors, administrative services providers and insurers should act quickly to distribute required notices using the regulatory guidance just released today (April 7, 2021) and take other actions needed to comply with the Consolidated Omnibus Reconciliation Act of 1985 (“COBRA”) coverage and premium subsidy notification, enrollment and coverage continuation requirements created by Section 9501 (the “COBRA Premium Assistance Rules”) of the American Rescue Plan Act of 2021 (“ARP ”) enacted last month.
The guidance package released today by the Employee Benefit Security Administration includes model notices and other preliminary guidance on the COBRA Premium Assistance Rules, which among other things require group health plans to notify “assistance eligible individuals” no later than May 31, 2021 of right under ARP Section 9501 to enroll in free COBRA Coverage during the ARP Premium Subsidy Period that began April 1, 2021.
As the deadline for providing notification to qualified beneficiaries is May 31, 2021 and the 60 day period for enrolling in COBRA coverage under the ARP COBRA Subsidy Rules does not begin until proper notification is provided, group health plan should move quickly to prepare and distribute the notifications and make other necessary plan arrangements.
This article provides an general overview of the ARP COBRA Premium Subsidy Rules and the Model Notices published by the Department of Labor Employee Benefit Security Administration (“EBSA”) on April 7, 2021 to assist group health plans and their administrators to comply with their notification obligations under these Rules. For a more comprehensive discussion of these requirements, see here.
New COVID COBRA Premium Subsidy Rules Overview
Section 9501 of the ARP seeks to help “assistance eligible individuals” continue their health benefits by providing assistance to maintain enrollment in covered group health plans by allowing them to enroll and maintain COBRA coverage under those plans without paying their COBRA continuation coverage premiums.
Covered group health plans generally include all group health plans sponsored by private-sector employers or employee organizations (unions) subject to the COBRA rules under the Employee Retirement Income Security Act of 1974 (ERISA); group health plans sponsored by State or local governments subject to the continuation provisions under the Public Health Service Act and group health insurance required to comply with state mini-COBRA laws.
In addition to mandating the provision of COBRA Coverage at no cost, no later than May 31, 2021, the ARP requires covered group health plans to notify certain former covered employees or dependents that qualify to enroll in COBRA coverage as “assistance eligible individuals” of their right within 60 days of notification to enroll in COBRA Coverage under the group health plan at no cost from April 1, 2021 through September 30, 2021 or, if earlier, the date their COBRA eligibility otherwise end (the “Premium Subsidy Period”).
From April 1 to September 31, 2021, group health plans cannot require an assistance eligible individual to pay any premiums for COBRA Coverage during his Premium Subsidy Period. ARP requires group health plans to provide COBRA Coverage without charge to assistance eligible individuals who qualify for and elect to enroll in COBRA Coverage with premium subsidy unless individual’s eligibility for COBRA or COBRA premium assistance ends before that date. Specific notifications to qualified beneficiaries also are required.
To implement these rules, ARP also requires that no later than May 31, 2021, covered group health plan administrators notify eligible qualified beneficiaries eligible to obtain COBRA coverage with premium assistance by applying for enrollment within the 60 day period following notification.
Assistance eligible individuals who timely enroll in COBRA Coverage with premium assistance generally must receive COBRA Coverage free of charge from the group health plan for any coverage period during the period that begins on or after April 1, 2021 until the earliest of the following dates (the “Premium Subsidy Period”):[1]
The date the qualified beneficiary is eligible[2] for coverage under any other group health plan (other than coverage consisting of only excepted benefits,[3] coverage under a health flexible spending arrangement under Code Section 106(c)(2), coverage under a qualified small employer health reimbursement arrangement under Code Section 9831(d)(2) or eligible for benefits under the Medicare program under title XVIII of the Social Security Act;
The date of the expiration of the otherwise applicable maximum period of COBRA continuation coverage under Code Section 4980B (other than due to a failure to elect or discontinuation of coverage for nonpayment of COBRA premium that occurred before April 1, 2021).
Assistance eligible individuals generally are qualified beneficiaries who lost coverage under the group health plan due to an involuntary reduction in hours or termination of employment enrolled in COBRA Coverage between April 1, 2021 and September 31, 2021 including those qualifying event was an involuntary employment loss occurring during the 18-month period (29-months for individuals qualifying for extended COBRA eligibility due to disability) prior to April 1, 2021 not enrolled in COBRA as of April 1, 2021. This generally includes COBRA qualified beneficiaries whose loss of group health coverage results from an involuntary employment reduction or loss for a reason other than gross misconduct after ARP’s enactment on March 11, 2021 as well as qualified beneficiaries whose involuntary employment loss happened before the effective date who but for their previous failure to elect COBRA or to maintain COBRA Coverage would still be entitled to COBRA Coverage because less than 18 months (29 months for qualified beneficiaries disabled on the date of coverage loss who qualify for extension of the disability coverage period) has elapsed since their employment loss and an event has not occurred following the coverage termination that would terminate their COBRA eligibility before the end of such otherwise applicable maximum COBRA eligibility period. Group health plans must offer a second opportunity to enroll in COBRA Coverage with COBRA premium assistance to qualified beneficiaries eligible for premium assistance not enrolled in COBRA Coverage as of April 1, 2021.
Sponsoring employers or other plan sponsors may qualify to claim an employment tax credit for COBRA premiums paid on behalf of assistance eligible individuals. Guidance on these tax rules is pending.
Required Group Health Plan Notifications To Assistance Eligible Individuals
ARP requires group health plans to provide certain written notifications to qualified beneficiaries entitled to qualify to enroll in COBRA coverage with premium assistance. This generally includes a requirement to provide an initial notification of the availability of premium assistance for COBRA coverage to assistance eligible individuals by the later of May 31, 2021 and subsequently to provide notice of the impending termination of eligibility for the COBRA Premium Subsidy during the 30 day period that begins 45 days before eligibility for COBRA Premium Subsidy ends. ARP dictates the minimum required content of such notices. Failure to provide the required notification is a failure to meet the notice requirements under the applicable COBRA continuation provision that subjects the group health plan administer and its sponsor to liability.
While ARP allows plan administrators the option of designing their own notices and forms to fulfill this requirement, it also directed the Department of Labor in consultation with the Secretary of the Treasury and the Secretary of Health and Human Services to develop model notices for plans to use for this purpose. In response to this directive, the Department of Labor EBSA on April 7, 2021 published the following model notices and forms for group health plans to use to fulfill their ARP COBRA Premium Subsidy Rule notification requirements:
The ARP COBRA Premium Subsidy Rules are only one of a plethora of COVID health care emergency driven regulatory and enforcement changes impacting employers and their employee benefit plans. If you need assistance or would like additional information about these or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Solutions Law Press, Inc. also invites you receive future updates by registering here and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here. For specific information about the these or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
About the Author
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years working as an on demand, special project, consulting, general counsel or other basis with domestic and international business, charitable, community and government organizations of all types, sizes and industries and their leaders on labor and employment and other workforce compliance, performance management, internal controls and governance, compensation and benefits, regulatory compliance, investigations and audits, change management and restructuring, disaster preparedness and response and other operational, risk management and tactical concerns.
Most widely recognized for her work with workforce, health care, life sciences, insurance and data and technology organizations, she also has worked extensively with health plan and insurance, employee benefits, financial, transportation, manufacturing, energy, real estate, accounting and other services, public and private academic and other education, hospitality, charitable, civic and other business, government and community organizations. and their leaders.
Ms. Stamer has extensive experience advising, representing, defending and training domestic and international public and private business, charitable, community and governmental organizations and their leaders, employee benefit plans, their fiduciaries and service providers, insurers, and others has published and spoken extensively on these concerns. As part of these involvements, she has worked, published and spoken extensively on these and other federal and state wage and hour and other compensation, discrimination, performance management, and other related human resources, employee benefits and other workforce and services; insurance; workers’ compensation and occupational disease; business reengineering, disaster and distress; and many other risk management, compliance, public policy and performance concerns.
A former lead advisor to the Government of Bolivia on its pension project, Ms. Stamer also has worked internationally and domestically as an advisor to business, community and government leaders on these and other legislative, regulatory and other legislative and regulatory design, drafting, interpretation and enforcement, as well as regularly advises and represents organizations on the design, administration and defense of workforce, employee benefit and compensation, safety, discipline, reengineering, regulatory and operational compliance and other management practices and actions.
Ms. Stamer also serves in leadership of a broad range of professional and civic organizations and provides insights and thought leadership through her extensive publications, public speaking and volunteer service with a diverse range of organizations including as Chair of the American Bar Association (“ABA”) Intellectual Property Section Law Practice Management Committee, Vice Chair of the International Section Life Sciences and Health Committee, Past ABA RPTE Employee Benefits & Other Compensation Group Chair and Council Representative and current Welfare Benefit Committee Co-Chair, Past Chair of the ABA Managed Care & Insurance Interest Group, past Region IV Chair and national Society of Human Resources Management Consultant Forum Board Member, past Texas Association of Business BACPAC Chair, Regional Chair and Dallas Chapter Chair, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation and many others.
For more information about these concerns or Ms. Stamer’s work, experience, involvements, other publications, or programs, see www.cynthiastamer.com or contact Ms. Stamer via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns.
Group health plans, their plan administrators and fiduciaries, employer or other sponsors, administrative services providers and insurers should act quickly to distribute required notices using the regulatory guidance just released today (April 7, 2021) and take other actions needed to comply with the Consolidated Omnibus Reconciliation Act of 1985 (“COBRA”) coverage and premium subsidy notification, enrollment and coverage continuation requirements created by Section 9501 (the “COBRA Premium Assistance Rules”) of the American Rescue Plan Act of 2021 (“ARP ”) enacted last month.
The guidance package released today by the Employee Benefit Security Administration includes model notices and other preliminary guidance on the COBRA Premium Assistance Rules, which among other things require group health plans to notify “assistance eligible individuals” no later than May 31, 2021 of right under ARP Section 9501 to enroll in free COBRA Coverage during the ARP Premium Subsidy Period that began April 1, 2021.
As the deadline for providing notification to qualified beneficiaries is May 31, 2021 and the 60 day period for enrolling in COBRA coverage under the ARP COBRA Subsidy Rules does not begin until proper notification is provided, group health plan should move quickly to prepare and distribute the notifications and make other necessary plan arrangements.
This article provides an general overview of the ARP COBRA Premium Subsidy Rules and the Model Notices published by the Department of Labor Employee Benefit Security Administration (“EBSA”) on April 7, 2021 to assist group health plans and their administrators to comply with their notification obligations under these Rules. For a more comprehensive discussion of these requirements, see here.
New COVID COBRA Premium Subsidy Rules Overview
Section 9501 of the ARP seeks to help “assistance eligible individuals” continue their health benefits by providing assistance to maintain enrollment in covered group health plans by allowing them to enroll and maintain COBRA coverage under those plans without paying their COBRA continuation coverage premiums.
Covered group health plans generally include all group health plans sponsored by private-sector employers or employee organizations (unions) subject to the COBRA rules under the Employee Retirement Income Security Act of 1974 (ERISA); group health plans sponsored by State or local governments subject to the continuation provisions under the Public Health Service Act and group health insurance required to comply with state mini-COBRA laws.
In addition to mandating the provision of COBRA Coverage at no cost, no later than May 31, 2021, the ARP requires covered group health plans to notify certain former covered employees or dependents that qualify to enroll in COBRA coverage as “assistance eligible individuals” of their right within 60 days of notification to enroll in COBRA Coverage under the group health plan at no cost from April 1, 2021 through September 30, 2021 or, if earlier, the date their COBRA eligibility otherwise end (the “Premium Subsidy Period”).
From April 1 to September 31, 2021, group health plans cannot require an assistance eligible individual to pay any premiums for COBRA Coverage during his Premium Subsidy Period. ARP requires group health plans to provide COBRA Coverage without charge to assistance eligible individuals who qualify for and elect to enroll in COBRA Coverage with premium subsidy unless individual’s eligibility for COBRA or COBRA premium assistance ends before that date. Specific notifications to qualified beneficiaries also are required.
To implement these rules, ARP also requires that no later than May 31, 2021, covered group health plan administrators notify eligible qualified beneficiaries eligible to obtain COBRA coverage with premium assistance by applying for enrollment within the 60 day period following notification.
Assistance eligible individuals who timely enroll in COBRA Coverage with premium assistance generally must receive COBRA Coverage free of charge from the group health plan for any coverage period during the period that begins on or after April 1, 2021 until the earliest of the following dates (the “Premium Subsidy Period”):[1]
The date the qualified beneficiary is eligible[2] for coverage under any other group health plan (other than coverage consisting of only excepted benefits,[3] coverage under a health flexible spending arrangement under Code Section 106(c)(2), coverage under a qualified small employer health reimbursement arrangement under Code Section 9831(d)(2) or eligible for benefits under the Medicare program under title XVIII of the Social Security Act;
The date of the expiration of the otherwise applicable maximum period of COBRA continuation coverage under Code Section 4980B (other than due to a failure to elect or discontinuation of coverage for nonpayment of COBRA premium that occurred before April 1, 2021).
Assistance eligible individuals generally are qualified beneficiaries who lost coverage under the group health plan due to an involuntary reduction in hours or termination of employment enrolled in COBRA Coverage between April 1, 2021 and September 31, 2021 including those qualifying event was an involuntary employment loss occurring during the 18-month period (29-months for individuals qualifying for extended COBRA eligibility due to disability) prior to April 1, 2021 not enrolled in COBRA as of April 1, 2021. This generally includes COBRA qualified beneficiaries whose loss of group health coverage results from an involuntary employment reduction or loss for a reason other than gross misconduct after ARP’s enactment on March 11, 2021 as well as qualified beneficiaries whose involuntary employment loss happened before the effective date who but for their previous failure to elect COBRA or to maintain COBRA Coverage would still be entitled to COBRA Coverage because less than 18 months (29 months for qualified beneficiaries disabled on the date of coverage loss who qualify for extension of the disability coverage period) has elapsed since their employment loss and an event has not occurred following the coverage termination that would terminate their COBRA eligibility before the end of such otherwise applicable maximum COBRA eligibility period. Group health plans must offer a second opportunity to enroll in COBRA Coverage with COBRA premium assistance to qualified beneficiaries eligible for premium assistance not enrolled in COBRA Coverage as of April 1, 2021.
Sponsoring employers or other plan sponsors may qualify to claim an employment tax credit for COBRA premiums paid on behalf of assistance eligible individuals. Guidance on these tax rules is pending.
Required Group Health Plan Notifications To Assistance Eligible Individuals
ARP requires group health plans to provide certain written notifications to qualified beneficiaries entitled to qualify to enroll in COBRA coverage with premium assistance. This generally includes a requirement to provide an initial notification of the availability of premium assistance for COBRA coverage to assistance eligible individuals by the later of May 31, 2021 and subsequently to provide notice of the impending termination of eligibility for the COBRA Premium Subsidy during the 30 day period that begins 45 days before eligibility for COBRA Premium Subsidy ends. ARP dictates the minimum required content of such notices. Failure to provide the required notification is a failure to meet the notice requirements under the applicable COBRA continuation provision that subjects the group health plan administer and its sponsor to liability.
While ARP allows plan administrators the option of designing their own notices and forms to fulfill this requirement, it also directed the Department of Labor in consultation with the Secretary of the Treasury and the Secretary of Health and Human Services to develop model notices for plans to use for this purpose. In response to this directive, the Department of Labor EBSA on April 7, 2021 published the following model notices and forms for group health plans to use to fulfill their ARP COBRA Premium Subsidy Rule notification requirements:
The ARP COBRA Premium Subsidy Rules are only one of a plethora of COVID health care emergency driven regulatory and enforcement changes impacting employers and their employee benefit plans. If you need assistance or would like additional information about these or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Solutions Law Press, Inc. also invites you receive future updates by registering here and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here. For specific information about the these or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
About the Author
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years working as an on demand, special project, consulting, general counsel or other basis with domestic and international business, charitable, community and government organizations of all types, sizes and industries and their leaders on labor and employment and other workforce compliance, performance management, internal controls and governance, compensation and benefits, regulatory compliance, investigations and audits, change management and restructuring, disaster preparedness and response and other operational, risk management and tactical concerns.
Most widely recognized for her work with workforce, health care, life sciences, insurance and data and technology organizations, she also has worked extensively with health plan and insurance, employee benefits, financial, transportation, manufacturing, energy, real estate, accounting and other services, public and private academic and other education, hospitality, charitable, civic and other business, government and community organizations. and their leaders.
Ms. Stamer has extensive experience advising, representing, defending and training domestic and international public and private business, charitable, community and governmental organizations and their leaders, employee benefit plans, their fiduciaries and service providers, insurers, and others has published and spoken extensively on these concerns. As part of these involvements, she has worked, published and spoken extensively on these and other federal and state wage and hour and other compensation, discrimination, performance management, and other related human resources, employee benefits and other workforce and services; insurance; workers’ compensation and occupational disease; business reengineering, disaster and distress; and many other risk management, compliance, public policy and performance concerns.
A former lead advisor to the Government of Bolivia on its pension project, Ms. Stamer also has worked internationally and domestically as an advisor to business, community and government leaders on these and other legislative, regulatory and other legislative and regulatory design, drafting, interpretation and enforcement, as well as regularly advises and represents organizations on the design, administration and defense of workforce, employee benefit and compensation, safety, discipline, reengineering, regulatory and operational compliance and other management practices and actions.
Ms. Stamer also serves in leadership of a broad range of professional and civic organizations and provides insights and thought leadership through her extensive publications, public speaking and volunteer service with a diverse range of organizations including as Chair of the American Bar Association (“ABA”) Intellectual Property Section Law Practice Management Committee, Vice Chair of the International Section Life Sciences and Health Committee, Past ABA RPTE Employee Benefits & Other Compensation Group Chair and Council Representative and current Welfare Benefit Committee Co-Chair, Past Chair of the ABA Managed Care & Insurance Interest Group, past Region IV Chair and national Society of Human Resources Management Consultant Forum Board Member, past Texas Association of Business BACPAC Chair, Regional Chair and Dallas Chapter Chair, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation and many others.
For more information about these concerns or Ms. Stamer’s work, experience, involvements, other publications, or programs, see www.cynthiastamer.com or contact Ms. Stamer via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns.
Solutions Law Press, Inc.™ invites employers, employee benefit plan fiduciaries and vendors and other impacted business leaders participate in a complimentary briefing on the employer and employee benefit requirements of the H.R. 6379, Take Responsibility for Workers and Families Act as approved by the Ways & Means Committee as of February 12, 2021. The live Zoom briefing now will begin at 9:00 a.m. Central Time on Thursday, February 18, 2021 to avoid potential weather-related power and other disruptions associated with winter storms at its originally scheduled presentation time on Monday, February 15.
Employers and employee benefit plan fiduciaries and vendors should get up to speed on a new mandate to subsidize health coverage continuation and other requirements of the Act that the House Ways & Means Committee voted on February 11, 2021 to include in the lasted COVID-19 relief package the Democrat Majority plans to fast track through Congress. By the end of February if not before, Congress is expected to pass a final COVID-19 relief package including these employer and employee benefit plan mandates in substantially the same form as approved by the Ways and Means Committee. As these provisions will require quick action by employers and plans, employers, employee benefit plans, their fiduciaries and plan vendors should begin preparing now to comply with the anticipated new requirements
Registration & Program Details
Solutions Law Press, Inc. will host the 30-minute Zoom briefing beginning at 9:00 a.m. Central Time on Thursday, February 18, 2021 on the current provisions of the Act. The briefing will be conducted attorney Cynthia Marcotte Stamer. Participation is complimentary, but space is limited. Accordingly, registration is required and registration and participation will be granted on a first come, first serve basis here.
About Presenter Cynthia Marcotte Stamer
A Fellow in the American College of Employee Benefits Counsel, Board Certified in Labor and Employment Law by the Texas Board of Legal Specialization and recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney, 30+ years working as an on demand, special project, consulting, general counsel or other basis with domestic and international business, employee benefit plan, health care, insurance, financial service, charitable, community and government organizations of all types, sizes and industries and their leaders on labor and employment and other workforce, employee benefits and compensation, performance management, internal controls, governance, regulatory and operational compliance, investigations and audits, change management and restructuring, disaster preparedness and response and other operational, risk management and tactical concerns. Best known for her leading edge work and thought leadership on workforce management and reengineering and health and other employee benefits concerns, Ms. Stamer regularly advises and represents organizations on the design, administration and defense of workforce, employee benefit and compensation, safety, discipline, reengineering, regulatory and operational compliance and other management practices and actions. Along with advising and representing management organizations, Ms. Stamer also has worked continuously throughout her career internationally and domestically as an advisor to business, community and government leaders on health care, savings and retirement, workforce, and other legislative and regulatory design, drafting, interpretation, enforcement and other domestic and international public policy.
Ms. Stamer also serves in leadership of a broad range of professional and civic organizations and provides insights and thought leadership through her extensive publications, public speaking and volunteer service with a diverse range of organizations including as Chair of the American Bar Association (“ABA”) Intellectual Property Section Law Practice Management Committee, Vice Chair of the International Section Life Sciences and Health Committee, Past ABA RPTE Employee Benefits & Other Compensation Group Chair and Council Representative and current Welfare Benefit Committee Co-Chair, Past Chair of the ABA Managed Care & Insurance Interest Group, past Region IV Chair and national Society of Human Resources Management Consultant Forum Board Member, past Texas Association of Business BACPAC Chair, Regional Chair and Dallas Chapter Chair, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation and many others.
For more information about these concerns or Ms. Stamer’s work, experience, involvements, other publications, or programs, see www.cynthiastamer.com or contact Ms. Stamer via e-mailhere.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns.
Newly sworn in President Joe Biden chose to make an executive order outlining the core principles for his Administration’s policy for fighting COVID-19 the first signed in his new Administration shortly after he was sworn in as President as well as made public the Biden-Harris Administration’s other key policy priorities upon taking office which promise to significantly impact business and other organizations, taxpayers and others. As the Administration and new Congress get to work on these and other policies, American businesses and citizens should stay informed and provide clear and consistent input to the Administration and members of Congress about the policy and enforcement proposals and actions to help shape the law and prepare to deal with the new rules and priorities.
Key Biden-Harris Administration Policy Priorities
Shortly after being sworn into office, the Biden-Harris Administration also announced other key immediate priorities of the Biden-Harris Administration. The announcement posted on TheWhiteHouse.gov website reads as follows:
President Biden will deliver bold action and immediate relief for American families as the country grapples with converging crises. This will include actions to control the COVID-19 pandemic, provide economic relief, tackle climate change, and advance racial equity and civil rights, as well as immediate actions to reform our immigration system and restore America’s standing in the world.
COVID-19
President Biden will move quickly to contain the COVID-19 crisis by expanding testing, safely reopening schools and businesses, and taking science-driven steps to address the communities — especially communities of color — who have been hardest hit by this virus. And, President Biden will launch a national vaccination program to inoculate the U.S. population efficiently and equitably.
Read more about the Biden-Harris plan to beat COVID-19 [See below].
Climate
President Biden will take swift action to tackle the climate emergency. The Biden Administration will ensure we meet the demands of science, while empowering American workers and businesses to lead a clean energy revolution.
Racial Equity
The promise of our nation is that every American has an equal chance to get ahead, yet persistent systemic racism and barriers to opportunity have denied this promise for so many. President Biden is putting equity at the center of the agenda with a whole of government approach to embed racial justice across Federal agencies, policies, and programs. And President Biden will take bold action to advance a comprehensive equity agenda to deliver criminal justice reform, end disparities in healthcare access and education, strengthen fair housing, and restore Federal respect for Tribal sovereignty, among other actions, so that everyone across America has the opportunity to fulfill their potential.
Economy
President Biden will take bold steps to address the inequities in our economy and provide relief to those who are struggling during the COVID-19 pandemic. The President will also work with Congress to pass the American Rescue Plan to change the course of the pandemic, build a bridge towards economic recovery, and invest in racial justice. And, he will build our economy back better from the pandemic and create millions of jobs by strengthening small businesses and investing in the jobs of the future.
Health Care
President Biden will make a renewed commitment to protect and expand Americans’ access to quality, affordable health care. He will build on the Affordable Care Act to meet the health care needs created by the pandemic, reduce health care costs, and make our health care system less complex to navigate.
Immigration
President Biden will reform our long-broken and chaotic immigration system. President Biden’s strategy is centered on the basic premise that our country is safer, stronger, and more prosperous with a fair and orderly immigration system that welcomes immigrants, keeps families together, and allows people across the country—both newly arrived immigrants and people who have lived here for generations—to more fully contribute to our country.
Restoring America’s Global Standing
President Biden will take steps to restore America’s standing in the world, strengthening the U.S. national security workforce, rebuilding democratic alliances across the globe, championing America’s values and human rights, and equipping the American middle class to succeed in a global economy.
COVID-19 Plan To Beat COVID-19
The first Executive Order signed by President Biden in furtherance of these initiatives was his COVID-19: The Biden-Harris plan to beat COVID-19 Executive Oder, the text of which reads as follows:
The American people deserve an urgent, robust, and professional response to the growing public health and economic crisis caused by the coronavirus (COVID-19) outbreak. President Biden believes that the federal government must act swiftly and aggressively to help protect and support our families, small businesses, first responders, and caregivers essential to help us face this challenge, those who are most vulnerable to health and economic impacts, and our broader communities – not to blame others or bail out corporations.
The Biden-Harris administration will always:
Listen to science Ensure public health decisions are informed by public health professionals Promote trust, transparency, common purpose, and accountability in our government President Biden and Vice President Harris have a seven-point plan to beat COVID-19.
Ensure all Americans have access to regular, reliable, and free testing.
Double the number of drive-through testing sites. Invest in next-generation testing, including at home tests and instant tests, so we can scale up our testing capacity by orders of magnitude. Stand up a Pandemic Testing Board like Roosevelt’s War Production Board. It’s how we produced tanks, planes, uniforms, and supplies in record time, and it’s how we will produce and distribute tens of millions of tests. Establish a U.S. Public Health Jobs Corps to mobilize at least 100,000 Americans across the country with support from trusted local organizations in communities most at risk to perform culturally competent approaches to contact tracing and protecting at-risk populations. Fix personal protective equipment (PPE) problems for good.
President Biden is taking responsibility and giving states, cities, tribes, and territories the critical supplies they need.
Fully use the Defense Production Act to ramp up production of masks, face shields, and other PPE so that the national supply of personal protective equipment exceeds demand and our stores and stockpiles — especially in hard-hit areas that serve disproportionately vulnerable populations — are fully replenished. Build immediately toward a future, flexible American-sourced and manufactured capability to ensure we are not dependent on other countries in a crisis. Provide clear, consistent, evidence-based guidance for how communities should navigate the pandemic – and the resources for schools, small businesses, and families to make it through.
Social distancing is not a light switch. It is a dial. President Biden will direct the CDC to provide specific evidence-based guidance for how to turn the dial up or down relative to the level of risk and degree of viral spread in a community, including when to open or close certain businesses, bars, restaurants, and other spaces; when to open or close schools, and what steps they need to take to make classrooms and facilities safe; appropriate restrictions on size of gatherings; when to issue stay-at-home restrictions. Establish a renewable fund for state and local governments to help prevent budget shortfalls, which may cause states to face steep cuts to teachers and first responders. Call on Congress to pass an emergency package to ensure schools have the additional resources they need to adapt effectively to COVID-19. Provide a “restart package” that helps small businesses cover the costs of operating safely, including things like plexiglass and PPE.
Plan for the effective, equitable distribution of treatments and vaccines — because development isn’t enough if they aren’t effectively distributed.
Invest $25 billion in a vaccine manufacturing and distribution plan that will guarantee it gets to every American, cost-free. Ensure that politics plays no role in determining the safety and efficacy of any vaccine. The following 3 principles will guide the Biden-Harris administration: Put scientists in charge of all decisions on safety and efficacy; publicly release clinical data for any vaccine the FDA approves; and authorize career staff to write a written report for public review and permit them to appear before Congress and speak publicly uncensored. Ensure everyone — not just the wealthy and well-connected — in America receives the protection and care they deserve, and consumers are not price gouged as new drugs and therapies come to market.
Protect older Americans and others at high risk.
President Biden understands that older Americans and others at high-risk are most vulnerable to COVID-19.
Establish a COVID-19 Racial and Ethnic Disparities Task Force, as proposed by Vice President Harris, to provide recommendations and oversight on disparities in the public health and economic response. At the end of this health crisis, it will transition to a permanent Infectious Disease Racial Disparities Task Force. Create the Nationwide Pandemic Dashboard that Americans can check in real-time to help them gauge whether local transmission is actively occurring in their zip codes. This information is critical to helping all individuals, but especially older Americans and others at high risk, understand what level of precaution to take. Rebuild and expand defenses to predict, prevent, and mitigate pandemic threats, including those coming from China.
Immediately restore the White House National Security Council Directorate for Global Health Security and Biodefense, originally established by the Obama-Biden administration. Immediately restore our relationship with the World Health Organization, which — while not perfect — is essential to coordinating a global response during a pandemic. Re-launch and strengthen U.S. Agency for International Development’s pathogen-tracking program called PREDICT. Expand the number of CDC’s deployed disease detectives so we have eyes and ears on the ground, including rebuilding the office in Beijing. Implement mask mandates nationwide by working with governors and mayors and by asking the American people to do what they do best: step up in a time of crisis.
Experts agree that tens of thousands of lives can be saved if Americans wear masks. President Biden will continue to call on:
Every American to wear a mask when they are around people outside their household. Every Governor to make that mandatory in their state. Local authorities to also make it mandatory to buttress their state orders. Once we succeed in getting beyond this pandemic, we must ensure that the millions of Americans who suffer long-term side effects from COVID don’t face higher premiums or denial of health insurance because of this new pre-existing condition. The Biden-Harris Administration will work to ensure that the protections for those with pre-existing conditions that were won with Obamacare are protected. And, they will work to lower health care costs and expand access to quality, affordable health care through a Medicare-like public option.
Monitor & Respond To Emerging Developments & Proposals
As the new Administration and Congress get down to work, all U.S. organizations and communities, their leaders, and individual employees and citizens should carefully follow, and share their input to the Administration, members of Congress, and other federal, state and local officials on the actions and proposals taken to implement this and other policy that impact their interests.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is nationally recognized for her work and thought leadership on health and other health and employee benefit issues.
An attorney board certified in labor and employment law by the Texas Board of Legal Specialization and Fellow in the American College of Employee Benefit Counsel, Ms. Stamer has worked as an on demand, special project, consulting, general counsel or other basis with health and other employee benefit plans, their sponsors, insurers, administrators, providers and others and others has published and spoken extensively on these concerns.
A former lead advisor to the Government of Bolivia on its pension project, Ms. Stamer also has worked internationally and domestically as an advisor and advocate for employer and other plan sponsors, fiduciaries, administrators, insurers, technology and other service providers, managed care organizations, direct primary care and other health care providers and others on these and other legislative, regulatory and other legislative and regulatory design, drafting, interpretation and enforcement, as well as regularly advises and represents organizations on the design, administration and defense of workforce, employee benefit and compensation, safety, discipline, reengineering, regulatory and operational compliance and other management practices and actions.
Ms. Stamer also serves in leadership of a broad range of professional and civic organizations and provides insights and thought leadership through her extensive publications, public speaking and volunteer service with a diverse range of organizations including as Chair of the American Bar Association (“ABA”) Intellectual Property Section Law Practice Management Committee, Vice Chair of the International Section Life Sciences and Health Committee, Past ABA RPTE Employee Benefits & Other Compensation Group Chair and Council Representative and current Welfare Benefit Committee Co-Chair, Past Chair of the ABA Managed Care & Insurance Interest Group, past Region IV Chair and national Society of Human Resources Management Consultant Forum Board Member, past Texas Association of Business BACPAC Chair, Regional Chair and Dallas Chapter Chair, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation and many others.
For more information about these concerns or Ms. Stamer’s work, experience, involvements, other publications, or programs, see www.cynthiastamer.com or contact Ms. Stamer via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:
IRS Notice 2020-33 released indexing the permissible health FSA carryover. As a consequence, the permissible amount immediately increases from $500 to $550.
IRS Notice 2020-29 released to provide temporary flexibility under cafeteria plans for new or changed health coverage and dependent care and health FSA elections, and extensions in certain circumstances of claims periods before use-or-lose must be applied, in response to the changed circumstances many have experienced with respect to availability of childcare and availability of elective health procedures. And a few other HDHP nuggets in there as well.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Solutions Law Press, Inc. invites you receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.
About the Author
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years legal and operational management work, coaching, public policy and regulatory affairs leadership and advocacy, training and public speaking and publications. As a significant part of her work, Ms. Stamer has worked extensively domestically and internationally on an demand, special project and ongoing basis with business, government and community organizations and their leaders, spoken and published extensively on human resources, employee benefits and other workforce and services, tax, health care and health benefits, insurance, workers’ compensation and occupational disease, business disaster and distress and many other management topics, As a key focus of this work, Ms. Stamer has worked with public and private employers of all sizes, employee benefit plans, insurance and financial services, health industry and a broad range of public and private domestic and international business, community and government organizations and leaders on pandemic and other health and safety, workforce and performance preparedness, risks and change management, disaster preparedness and response and other operational and tactical concerns throughout her adult life. A former lead advisor to the Government of Bolivia on its pension project, Ms. Stamer also has worked internationally as an advisor to business, community and government leaders on crisis preparedness and response, workforce, health care and other reform, as well as regularly advises and defends organizations about the design, administration and defense of their organizations workforce, employee benefit and compensation, safety, discipline and other management practices and actions.
Board Certified in Labor and Employment Law By the Texas Board of Legal Specialization, Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, and the ABA RPTE Employee Benefits & Other Compensation Group and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also serves in leadership of a broad range of professional and civic organizations and shares insights and thought leadership through her extensive publications and public speaking. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:
Employer and union-sponsored health plans, their sponsors, fiduciaries and administrators should heed the reminder of the importance of ensuring their health plans properly comply in form and operation with the mental health and substance abuse parity mandes of the Mental Health Parity and Addiction Equity Act (MHPAEA) in when the U.S. Department of Labor (“DOL”) Employee Benefit Security Administration (“EBSA”) released its 2020 Report to Congress: Parity Partnerships: Working Together (the”2020 Report”) available for review here.
In addition to exposing the health plan administrators and othr fiduciaries to potential claims denial or fiduciary responsibility claims brought by participants or beneficiaries, the Department of Labor or both, administrative penalties by the EBSA, or both, the MHPAEA mental health and substance abuse parity rules are among 40 federal mandates that when violated can rigger the automatic $100 per violation per day employer excise tax penalty under Internal Revenue Code Section 6039D. As a consequence, violations of the MHPAEA are particularly risky and potentially expensive for private employers, their health plans and the plan administrators and fiduciaries that administer it.
To avoid violation of the MHPAEA, covered health plans generally must cover mental health and substance abuse care and treatment on the same terms in form and in operation as other similar benefits, as well as comply with special notice and claims administration requirements. Comparability of mental health and substance abuse coverage is determined in accordance with complicated federal regulations, Meeting these requirements in operations is often tricky, particularly when health plans attempt to apply tools to manage hospitalization or other treatments. For additional information about MHPAEA, C. Stamer, What Should I Know About the MHPAEA and 21st Century Cures Act (2018).
Along with the 2020 Report, Along with releasing the report, EBSA also is continuing its efforts to educate plan sponsors, fiduciaries, administrators about the importance of compliance with the federally imposed group health plan mental health and substance abuse coverage mandates of the Mental Health Parity and Addiction Equity Act (“MHPAEA”). Consequently, along with its release of the 2020 Report, EBSA reminded plans, employers and other interested parties of the following previously published EBSA guidance about the MHPAEA mandates:
MHPAEA enforcement is split between the EBSA and the Department of Health & Human Services Centers for Medicare & Medicaid Services (“CMS”) depending on the nature and sponsorship of the health program.
Pursuant to its enforcement authority under Title I of the Employee Retirement Income Security Act of 1974 (ERISA), EBSA is responsible for enforcement of the MHPAEA with respect to approximately 2.4 million private employment-based group health plans. In contrast, CMSenforces MHPAEA and other applicable provisions of Title XXVII of the Public Health Service Act (PHS Act) with respect to non-federal governmental group health plans, such as plans for employees of state and local governments. Sponsors of self-funded, nonfederal governmental plans may elect to exempt those plans from (opt out of) certain requirements of Title XXVII of the PHS Act, including MHPAEA. In addition, CMS enforces MHPAEA with respect to health insurance issuers selling products in the individual and fully insured group markets in states that elect not to enforce or fail to substantially enforce MHPAEA. Currently, CMS is responsible for enforcement of MHPAEA with regard to issuers in four states: Missouri, Oklahoma, Texas and Wyoming. In these states, CMS reviews health insurance policy forms of issuers in the individual and group markets for compliance with MHPAEA prior to the products being offered for sale. In addition, CMS has collaborative enforcement agreements with five states: Alabama, Florida, Louisiana, Montana, and Wisconsin. These states perform state regulatory and oversight functions with respect to the federal requirements, including MHPAEA. However, if the state finds a potential violation and is unable to obtain compliance by an issuer, the state will refer the matter to CMS for possible enforcement action. CMS also performs market conduct examinations, where issuers are audited for compliance with applicable federal requirements, including MHPAEA, in states where CMS is responsible for enforcement and in states with a collaborative enforcement agreement when the state requests assistance.
EBSA FY 2019 Enforcement Against Private Employment Based Health Plans
The Fiscal Year (“FY”) 2019 Fact Sheet reports that in FY 2019, EBSA investigated and closed 186 health plan investigations in FY 2019 (and 3,758 health plan investigations since FY 2011). Of these:
24 investigations involved plans of both types (the plan or service provider offered both fully-insured and self-insured options).
183 of these closed investigations involved plans subject to MHPAEA, which were reviewed for MHPAEA compliance. Of these, 68 investigations involved fully-insured plans, 91 investigations involved self-insured plans, and 24 investigations involved plans of both types (the plan or service provider offered both fully-insured and self-insured options).
EBSA cited 12 MHPAEA violations in 9 of these investigations.
Of these 9 investigations, 1 investigation involved a fully-insured group health plan, 3 investigations involved self-funded group health plans, 2 investigations involved partially self-funded group health plans and 3 were service provider investigations.
EBSA benefits advisors answered 90 public inquiries, including 62 complaints, in FY 2019 related to MHPAEA (and answered 1,445 inquiries related to MHPAEA since FY 2011)
Concerning the focus of the EBSA investigated MHPAEA violations, EBSA reports the investigations focused on the following categories:
Annual dollar limits: dollar limitations on the total amount of specified benefits that may be paid in a 12-month period under a group health plan or health insurance coverage for any coverage unit (such as self-only or family coverage).
Aggregate lifetime dollar limits: dollar limitations on the total amount of specified benefits that may be paid under a group health plan or health insurance coverage for any coverage unit.
Benefits in all classifications: requirement that if a plan or issuer provides mental health or substance use disorder benefits in any classification described in the MHPAEA final regulation, mental health or substance use disorder benefits must be provided in every classification in which medical/surgical benefits are provided.
Financial requirements: deductibles, copayments, coinsurance, or out-of-pocket maximums.
Treatment limitations: includes limits on benefits based on the frequency of treatment, number of visits, days of coverage, days in a waiting period, or other similar limits on the scope or duration of treatment. Treatment limitations include both quantitative treatment limitations (QTLs), which are expressed numerically (such as 50 outpatient visits per year), and nonquantitative treatment limitations (NQTLs), which otherwise limit the scope or duration of benefits for treatment under a plan or coverage.
Cumulative financial requirements and QTLs: financial requirements and treatment limitations that determine whether or to what extent benefits are provided based on certain accumulated amounts including deductibles, out-of-pocket maximums and annual or lifetime day or visit limits.
Other ERISA violations (such as claims processing and disclosure violations) affecting mental health and substance use disorder benefits.
Along with the EBSA enforcement, private participants and beneficiaries of private employer sponsored health plans also can bring lawsuits to recover benefits and other relief for violatons of MHPAEA. Along with the actual damages, attorneys’ fees and other costs of enforcement, a successful MHPAEA enforcement also typically will reveal the sponsoring employer or union’s failure to make the required self-disclosure and excise tax payments mandated for violations under Internal Revenue Code Section 6039D, triggering added penalties beyond the initial penalties triggered by the uncorrected violation. Furthermore, delayed discovery of these violations also makes correction particularly costly for self-insured plans and their sponsors as deadlines for submitting expenses to qualify for stop loss reimbursement often will have passed by the time the liability comes to light. Accordingly, employer and other health plan sponsors, their fiduciaries and adminstrators generally will want to audit and monitor their health plan’s compliance with the MHPAEA throught the calendar year and as plan year or stop loss filing deadlines approach to mitigate these exposures.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Solutions Law Press, Inc. invites you receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.
About the Author
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications. As a significant part of her work, Ms. Stamer has worked extensively domestically and internationally with business, government and community leaders to prepare for and deal with pandemic and other health and safety, financial, workforce and other organizational crisis, change and workforce, employee benefit, health care and other operations planning, preparedness and response for more than 30 years. As a part of this work, she regularly advises businesses and government leaders on an an demand and ongoing basis about preparation of workforce, health care and other business and government policies and practices to deal with management in a wide range of contexts ranging from day to day operations, through times of change and in response to operational, health care, natural disaster, economic and other crisis and change.
Author of “Privacy and the Pandemic Workshop” for the Association of State and Territorial Health Plans, “How to Conduct A Reduction In Force,” and a multitude of other highly regarded publications and presentations on workforce, compliance, health care and health benefits, pandemic and other health crisis, workers’ compensation and occupational disease, business disaster and distress and many other topics, Ms. Stamer has worked with employers, insurers, health industry organizations and providers and domestic and international community and government leaders on pandemic and other health and safety, workforce and performance preparedness, risks and change management, disaster preparedness and response and other operational and tactical concerns throughout her adult life. A former lead advisor to the Government of Bolivia on its pension privaitization project, Ms. Stamer also has worked internationally as an advisor to business, community and government leaders on crisis preparedness and response, workforce, health care and other reform, as well as regularly advises and defends organizations about the design, administration and defense of their organizations workforce, employee benefit and compensation, safety, discipline and other management practices and actions.
Board Certified in Labor and Employment Law By the Texas Board of Legal Specialization, Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, and the ABA RPTE Employee Benefits & Other Compensation Group and and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
Following up on the White House’s announcement yesterday that by major health insurers, Medicare and Medicaid to cover medically necessary testing and expand coverage for treatment of 2019 Novel Coronavirus (“coronavirus), without applying deductibles or coinsurance and offer expanded telemedicine and other coverage for coronavirus care, the Internal Revenue Service (“IRS”) today issued guidance giving health plans confirming health plans waiving deductibles won’t violate the Internal Revenue Code health savings account high deductible health plan rules. However many employer or other sponsors of self-insured health plans may need to amend their health plans and take other steps if they want their health plans to provide similar coverage. Meanwhile the Centers for Disease Control (“CDC”) released updated guidance to help businesses, schools, and other organizations to operate safely during the current outbreak.
Coronavirus Testing & Other Health Coverage
Major health insurers agreed in a Whitehouse Coronavirus Taskforce meeting yesterday to cover medically necessary testing and extend coverage to medically necessary treatment. The agreement only technically binds Medicare, Medicaid and other government programs and private insurers participating in the meeting. It does not automatically extend coverage or waive deductibles for self-insured employer or union sponsored health plans which provide coverage for an estimated 61 percent of covered U.S. worker and their families. Self-insured plan sponsors wishing to provide similar coverage and waive deductibles generally will need to take specific action to amend their plans and related contractracts and communications.
Vice President Pence announced the agreement with insurers yesterday saying among other things:
I’m pleased to report, as you requested, Mr. President, that all the insurance companies here — either today or before today — have agreed to waive all copays on coronavirus testing and extend coverage for coronavirus treatment in all of their benefit plans.
And, at your direction, Medicare and Medicaid, last week, already made it clear to Medicare and Medicaid beneficiaries that coronavirus testing and treatment would be covered. These private insurance carriers have extended that as well.
They’ve also agreed to cover telemedicine so that anyone, particularly among the vulnerable senior population, would not feel it necessary to go to a hospital or go to their doctor. They’ll know that telemedicine is covered.
While the announcement indicates that insurers involved in the meeting plan to expand coverage and waive deductibles, self-insured employer and union sponsored plans aren’t technically covered by the agreement. While many employers sponsoring self-insured health plans will want their health plan to provide similar coverage as part of their risk management response to the coronavirus outbreak. Self-insured plan sponsors and fiduciaries should confirm appropriate plan language is adopted and that their stop loss insurance carriers are on board or other arrangements are made to plan for and cover costs, and that other plan vendors are on board to handle responsibilities. This is particularly critical as failing to make the necessary amendments could result in an absence of stoploss insurance to cover additional cost. And relatively small workforce is with few people seeking the care, this might not make a material difference in plan costs. If several workers seek treatment, however, the absence of stoploss insurance coverage for the claims could both impact coverage for those particular items if the deductible under the policy has been met as well as could affect whether those claims count overall aggregate coverage losses. The bottom line is, make sure that your documentation matches your Promise or your extension of coverage will likely be truly 100% self insured. Likewise employers and other plan sponsors in the plan administrators of these plans are reminded that the law generally requires that they provide written notice of the changes to plan members in a timely fashion. Having plan administration services and other vendors on board also is important to ensure that the claims are appropriately and timely processed to avoid violation of plan terms and other rules.
In the meantime, the widespread lack of understanding among plan members about the distinction between insured and self-insured plans coupled with the breadth of the unqualified announcement by the White House is likely to fuel confusion by covered individuals and their providers. Not only will covered persons and providers need to know whether the program is insured or self-insured, they also will need to confirm how each of these programs implements the expanded coverage.
IRS Guidance Clears Way For High Deductible Health Plans To Raise Deductibles
Employers and health plans wishing to waive deductibles for coronavirus testing will not have to worry that waiving the deductible will violate IRS high deductible health plan (“HDHP”) rules, however. Earlier today, the IRS provided relief allowing high deductible health plans to pay these expenses without disqualifying their programs for high deductible health plan treatment under the Code in Notice 2020-15. The Notice provides that, until further guidance is issued, a health plan that otherwise satisfies the requirements to be a HDHP under Code section 223(c)(2)(A) will not fail to be an HDHP under section 223(c)(2)(A) merely because the health plan provides health benefits associated with testing for and treatment of COVID-19 without a deductible, or with a deductible below the minimum deductible (self only or family) for an HDHP. Also due to this guidance, an individual covered by the HDHP will not be disqualified from being an eligible individual under section 223(c)(1) who may make tax-favored contributions to a health savings account (HSA).
Business & Other Disruptions Response
Government, healthcare and other leaders are urging businesses and individuals to limit contact and care to guard against the virus because of its strength and ability to spread quickly. The U.S.’s top infectious-disease specialist told lawmakers the pathogen “is 10 times more deadly than the seasonal flu.”
Accordingly, health and government officials are urging all segments of society to take precautions. CDC, for instance has published the resources to help businesses, schools and others keep their people and locations safe here.
Unfortunately the strategy for ending the pandemic brings its own draconian side effects. Along with dealing with the threat of the disease itself, the efforts to manage the disease outbreak, many businesses also are forced to deal with demand losses, supply and business interruptions, staffing shortages, unanticipated expenses and a wide range of other operational and financial disruptions that are side effects of the outbreak and its management.
The outbreak has and continues to prompt the cancellation of a plethora of business, trade, government, school, and sports and entertainment events. Notable for its involvement in heath care and related insurance matters, the National Association of Insurance Commissioners (“NAIC”) is one of a growing number of event sponsors that are allowing workers to work from home, are cancelling or banning participation in live meetings and other events and/or are converting from live to virtual formats in response to the outbreak. Trade and business associations, entertainment and sports and otehr venures also are impacted. For instance, the NAIC announced its decision to move its meetings to a purely virtual format today. According to the announcement, the National Spring Meeting that had been scheduled to take place in Phoenix next week is cancelled. Instead, the NAIC announced the following tentative schedule:
A revised schedule with dates, times and call-in numbers will be available on Naic.org next week.
Concerning the reasons for its decision, the NAIC explained:
Recently, the number of confirmed cases of COVID-19 has exceeded 100,000 worldwide, including over 1000 confirmed U.S. cases in 36 jurisdictions. Given rapidly changing information and out of an abundance of caution for the safety of our members, guests and staff, the NAIC officers, in consultation with NAIC members, have decided to hold the Spring National Meeting in a virtual-only format.
Along with limiting contact, for instance, many businesses and organizations are “deep cleaning” their facilities to address potential virus contamination. Some biological experts point out however that this deep cleaning involves substantial expenditures which do little to guard against new exposures brought by others coming into a business, school or other workplace. Some biological contamination experts suggest that organizations should consider investing in resources specified ultraviolet lights or other tools that could help control exposures on a longer-term and more recurrent basis. Experts emphasize that remediation and prevention efforts need to recognize that exposures are likely to occur recurrently over a period of time across the life of this and future virus outbreaks.
The financial consequences of staffing or supply shortages, declines in product or services demands, event cancellations, cleaning and other costs and a host of other side effects present such a widespread risk to many businesses that many are facing layoffs or even bankruptcy or other restrucuring. While President Trump and other federal and state leaders are promising employment tax holidays and other relief to try to mitigate some of these financial effects, businesses impacted by these disruptions should begin assessing and planning to execute options to mitigate losses and manage these risks as soon as possible to maximize their potential ability to take advantage of options to restructure debt or contractual obligations, adjust workforce staffing, and make other adjustments successfully to weather the pandemic storm and fallout. When considering these options, businesses will want to understand the relative complete costs of reductions in hours, furloughs, contractual adjustments and other options to make and execute their choices as well as possible.
More Information
We hope this update is helpful. For more information about the these or other health or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Solutions Law Press, Inc. invites you receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.
About the Author
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications. As a significant part of her work, Ms. Stamer has worked extensively domestically and internationally with business, government and community leaders to prepare for and deal with pandemic and other health and safety, financial, workforce and other organizational crisis, change and workforce, employee benefit, health care and other operations planning, preparedness and response for more than 30 years. As a part of this work, she regularly advises businesses and government leaders on an an demand and ongoing basis about preparation of workforce, health care and other business and government policies and practices to deal with management in a wide range of contexts ranging from day to day operations, through times of change and in response to operational, health care, natural disaster, economic and other crisis and change.
Author of “Privacy and the Pandemic Workshop” for the Association of State and Territorial Health Plans, “How to Conduct A Reduction In Force,” and a multitude of other highly regarded publications and presentations on workforce, compliance, health care and health benefits, pandemic and other health crisis, workers’ compensation and occupational disease, business disaster and distress and many other topics, Ms. Stamer has worked with employers, insurers, health industry organizations and providers and domestic and international community and government leaders on pandemic and other health and safety, workforce and performance preparedness, risks and change management, disaster preparedness and response and other operational and tactical concerns throughout her adult life. A former lead advisor to the Government of Bolivia on its pension privaitization project, Ms. Stamer also has worked internationally as an advisor to business, community and government leaders on crisis preparedness and response, workforce, health care and other reform, as well as regularly advises and defends organizations about the design, administration and defense of their organizations workforce, employee benefit and compensation, safety, discipline and other management practices and actions.
Board Certified in Labor and Employment Law By the Texas Board of Legal Specialization, Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, and the ABA RPTE Employee Benefits & Other Compensation Group and and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
Today (March 2, 2020) is the deadline for employers and other health benefit program sponsors, insurers, plan administrators and fiduciaries, health care providers, PBMs and other interested persons to comment on proposed federal rule change that would require insured health plans to count drug rebates and price concessions retained by pharmacy benefit managers (PBMs) as administrative expenses for purposes of determining if the issuing insurer is required to rebate premiums under the medical loss ratio (MLR) rules of the Patient Protection & Affordable Care Act (“ACA”). With the comment period on the package of health care transparency regulations published by the Trump Administration to implement the transparency reform it hopes will fuel better quality and cost effectiveness in the U.S. health care system, health plan sponsors, fiduciaries, administrators, insurers, heath care providers, PBMs, and other participants in the system need to start preparing to deal with their own responsibilities under the new rules, and to help plan members, patients and their caregivers, and other consumers to understand and use the new information the rules will make available.
2/06/20 Proposed Rule Pressures Insurers To Require PBMs To Disclose & Pass Through Manufacturer Rebates
Issued as part of the proposed “Patient Protection and Affordable Care Act; HHS Notice of Benefit and Payment Parameters for 2021; Notice Requirement for Non-Federal Governmental Plans Proposed Rule” (“2/6/20 Proposed Rule”) published by the Department of Health & Human Services (“HHS”) on February 6. 2020, the as part of a series of Trump Administration health care reform initiatives seeking to use competition and transparency to improve health care quality, choice and affordability, in furtherance of the Trump Administration “health plan transparency” initiative HHS predicts this change included in the could generate $18.2 million more per year in the MLR rebate payments to consumers covered under insure health plans subject to the MLR and other insurance market reform provisions of the ACA. See also Remarks by President Trump on Honesty and Transparency in Healthcare Prices (November 15, 2019). For a more detailed summary of the 2/06/20 Proposed Rule, see here.Most health plans contract with PBMs to decide the prescription drug formularies, copays, and other coverage design for their health plans, to administer their pharmacy benefits and to negotiate discounts and rebates from drug manufacturers in exchange for placing their drugs on a health plan’s formulary. PBMs are supposed to work on behalf of health plans to secure drug rebates, refunds, discounts, coupons, and direct or indirect remuneration, among other discounts. Health plans compensate PBMs in a variety of ways, including:
Paying administrative fees;
Allowing a PBM to retain the difference between the amount a PBM charges the health plan for a drug and the amount a PBM pays the pharmacy (called “spread pricing”); or
Allowing a PBM to retain all or a portion of any negotiated discounts from manufacturers, including rebates.
Currently, insured plans covered by the MLR rule as well as the PBM arrangements of many self-insured, employer or union sponsored health plans, do not require PBMs to disclose, account for, or pass through to the health plan they are engaged by the prescription drug rebates and certain other amounts that PBMs receive and retain from prescription drug manufacturers that the PBM selects for inclusion on the health plan formulary.
The current federal ACA MLR rule requires insured health plans subject to the MLR rule to deduct from their prescription drug claims both rebates they receive from manufacturers and any payments the PBM retains from the spread, but does not address situations in which the PBM retains rebates or other price concessions negotiated on behalf of the plans. Consequently, the MLR reporting or calculation of insurers typically does not reflect any rebates PBMs retain that are not passed through to the insurer even though the PBM is supposed to be working on behalf of the health plan.
In recent years, these arrangements have come under widespread criticism as creating conflicts of interests that compromise the loyalty of the PBM to act in the best interest of its health plan clients and their plan members because when PBMs don’t report and pass through all pricing concessions negotiated by PBMs, health plans and health plan members don’t receive the benefit of those price discounts and the decisions that the PBM makes in choosing the highest quality and most cost effective medications for the formulary may lead the PBM to choose and price drugs on the plan formulary to maximize the PBM’s profits rather than the best interests of the plan and its members.
The 2/06/20 Proposed Rule would classify the portion of premium revenue that an insured health plan subject to the MLR rule expends on pharmacy costs as the actual reimbursement to pharmacies – minus any rebates or price concessions from manufacturers – no matter if the plan or its contracted PBM receives the price concession. Requiring health insurers covered by the MLR rule to include rebates retained by their PBMs an administrative expense would make it difficult for most health insurers to keep all administrative expenses within 15 or 20 percent the MLR rules. Since health insurers whose administrative expenses exceed the MLS ratio must rebate premiums under the ACA, HHS anticipates that finalizing the 2/06/20 Proposed Rule as proposed would prompt insured health plans covered by the MLR rule that use PBMs to administer pharmacy benefits to change the compensation provisions of their PBM contracts to eliminate or restructure those payments.
Since self-insured health plans generally are not subject to the ACA MLR rule, however, those plans generally need to pursue contracting or other strategies to address this concern. Increasingly, many self-insured health plan sponsors, fiduciaries and administrators already are changing their PBM contracting and selection strategies to require disclosure and pass through of rebate and other compensation received by PBMs from manufacturers such as including administrative-fee-only compensation and a guarantee of 100 percent pass-through of rebates and manufacturer-derived revenue from the PBM to the health plan in their PBM contracts.
With the official comment deadline set to expire on March 2, 2020, employer and other insured and self-insured health plan sponsors of health plans using PBMs, fiduciaries and advisors should turn their attention to evaluating the likely implications of the 02/06/20 Proposed Rule on their health plan arrangements as well as more generally evaluating their pharmacy benefit designs, PBM contracts and compensation arrangements, and associated arrangements and practices for potential conflicts of interest, hidden cost savings and other opportunities for improvement. As part of this efforts, employer sponsors, plan fiduciaries, administrators, and vendors of self-insured plans should keep in mind that the fiduciary responsibility rules of the Employee Retirement Income Security Act generally require plan fiduciaries to prudently evaluate compensation and other arrangements with plan vendors as well as to take action to identify and protect the plan against breaches of loyalty by plan vendors or fiduciaries from conflicts of interests or prohibited transactions. Plan administrators also should conduct due diligence to confirm that PBM and other vendors properly including all compensation for purposes of Form 5500 and other reporting. Along with assisting their health plan clients with these activities, brokers, consultants, TPAs, and other plan vendors also should evaluate the potential implications of the reforms in the 02/06/20 Proposed Rule as well as any relevant state law reforms on the advice and services they provide to their clients, as well as their potential responsibilities and exposures in light of the evolving state health and PBM transparency rules.
Other Health Plan Transparency Reforms
The 2/06/20 Proposed Rule is one in a series of federal health rule changes the Trump Administration is pursuing as part of its initiative seeking to use health care transparency to improve the price, quality and choice in the U.S. health care system. In addition to the changes proposed in the 2/06/20 Proposed Rule, in response to President Trump’s July 24, 2020 Executive Order on Improving Price and Quality Transparency in American Healthcare to Put Patients First, HHS on November 14, 2019 also undertook two other regulatory actions intended to increase price transparency to empower patients and increase competition among all hospitals, group health plans and health insurance issuers in the individual and group markets:
Both the final and proposed rules require that pricing information be made publicly available.
Proposed Coverage Transparency Rule
The Proposed Coverage Transparency Rule would require most employer-based group health plans and health insurance issuers offering group and individual coverage to disclose price and cost-sharing information to participants, beneficiaries, and enrollees up front. With this information, patients will have accurate estimates of any out-of-pocket costs they must pay to meet their plan’s deductible, co-pay, or co-insurance requirements. This will make previously unavailable price information accessible to patients and other stakeholders in a standardized way, allowing for easy comparisons.
If finalized, the Proposed Transparency in Coverage Rule will require non-grandfathered health plans and health insurance issuers to make certain health care price information more accessible to consumers and other stakeholders by requiring each non-grandfathered group health plan[2] or health insurance issuer offering non-grandfathered health insurance coverage in the individual and group markets to make available:
To participants, beneficiaries and enrollees (or their authorized representative) personalized out-of-pocket cost information for all covered health care items and services through an internet-based self-service tool and in paper form upon request. For the first time, most consumers would be able to get estimates of their cost-sharing liability for health care for different providers, allowing them to both understand how costs for covered health care items and services are determined by their plan, and shop and compare costs for health care before receiving care; and
To the public, including stakeholders such as consumers, researchers, employers, and third-party developers the in-network negotiated rates with their network providers and historical payments of allowed amounts to out-of-network providers through standardized, regularly updated machine-readable files.
The Trump Administration believes these changes will provide opportunities for innovation to drive price comparison and consumerism in the health care market. In addition, the Transparency In Coverage Rule also proposes to allow issuers that empower and incentivize consumers through the introduction of plans that include provisions that encourage consumers to shop for services from lower-cost, higher-value providers, and that share the resulting savings with consumers, to take credit for such “shared savings” payments in their medical loss ratio (MLR) calculations. HHS says it made this proposal to ensure, should the proposal be finalized as proposed, that issuers would not be required to pay MLR rebates based on a plan design that would provide a benefit to consumers that is not currently captured in any existing MLR revenue or expense category. HHS believes this proposal would preserve the statutorily-required value that consumers receive for coverage under the MLR program, while encouraging issuers to offer new or different value-based plan designs that support competition and consumer engagement in health care. See also Transparency in Coverage Proposed Rule (CMS-9915-P) Fact Sheet. The official comment period on the Proposed Transparency in Coverage Rule has not expired. In January, HHS extended the comment period on the Transparency in Coverage Rule from January 14, 2020 to January 29, 2020.
Final Hospital Transparency Rule
Concurrent with its release of the Proposed Coverage Transparency Rule, HHS also finalized the Hospital Transparency Rule that will require hospitals to provide patients with clear, accessible information about their “standard charges” for the items and services they provide in two ways beginning in 2021:
Comprehensive Machine-Readable File: Hospitals will be required to make public all hospital standard charges (including the gross charges, payer-specific negotiated charges, the amount the hospital is willing to accept in cash from a patient, and the minimum and maximum negotiated charges) for all items and services on the Internet in a single data file that can be read by other computer systems. The file must include additional information such as common billing or accounting codes used by the hospital (such as Healthcare Common Procedure Coding System (HCPCS) codes) and a description of the item or service to provide common elements for consumers to compare standard charges from hospital to hospital.
Display of Shoppable Services in a Consumer-Friendly Manner: Hospitals will be required to make public payer-specific negotiated charges, the amount the hospital is willing to accept in cash from a patient for an item or service, and the minimum and maximum negotiated charges for 300 common shoppable services in a manner that is consumer-friendly and update the information at least annually.
Shoppable services are services that can be scheduled by a healthcare consumer in advance such as x-rays, outpatient visits, imaging and laboratory tests or bundled services like a cesarean delivery, including pre- and post-delivery care.
The requirements for the consumer-friendly file are that the information must be made public in a prominent location online that is easily accessible, without barriers, and it must also be searchable. Item and service descriptions must be in ‘plain language’ and the shoppable service charges must be displayed and grouped with charges for any ancillary services the hospital customarily provides with the primary shoppable service.
In order to ensure that hospitals comply with the requirements, the Hospital Transparency Rule also provides CMS with new enforcement tools including monitoring, auditing, corrective action plans, and the ability to impose civil monetary penalties of $300 per day. In response to public comments, CMS is finalizing that the effective date of the final rule will be January 1, 2021 to ensure that hospitals have the time to be compliant with these policies. See also
Start Preparing For New Transparency Requirements, Effects & Opportunities
With the comment periods on the Proposed Transparency in Coverage Rule already past and the deadline for comment on the 2/6/20 Proposed Rule set to expire today, employer and other health benefit plan sponsors, insurers, fiduciaries, administrators, heath care providers, insurers, plan members and other stakeholders should turn their attention to evaluating the potential opportunities, burdens, and impacts of these transparency reforms.
More Information
We hope this update is helpful. For more information about the or other health or other employee benefits, human resources, or health care developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications including more than 30 years’ leading edge work on PBM and other insured and self-insured contracting and related matters. .
Author of numerous highly regarded works on PBM and other health plan contracting and design, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As a part of this work, she has continuously and extensively worked with domestic and international health plans, their sponsors, fiduciaries, administrators, and insurers; managed care and insurance organizations; hospitals, health care systems and other health care providers, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EMR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, self-insured health and other employee benefit plans, their sponsors, fiduciaries, administrators and service providers, insurers and other payers, health industry advocacy and other service providers and groups and other health and managed care industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.
Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, ant kickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.
Author of publications on “Transparent PBM Contracting,” “ACOs, Direct Contracting: Legal & Practical Challenges For Employers, Providers & TPAs,” “The Medicare Advantage Contracting Manual,” “Third Party Administrator (TPA) Contracting Principles and Strategies and a multitude of other highly regarded publications and presentations, Stamer is widely recognized for her thought leadership on PBM and other managed care and health plan contracting and design, and a multitude of other health care, health plan and other health industry matters. In addition, Ms. Stamer contributes her time and leadership to numerous policy, professional, civil and other organizations including service as the, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation considering the specific facts and circumstances presented in their unique circumstance at the particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law constantly and often rapidly evolves, subsequent developments that could impact the currency and completeness of this discussion are likely. The author and Solutions Law Press, Inc. disclaim, and have no responsibility to provide any update or otherwise notify anyone of any fact or law specific nuance, change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Among other things, the Proposed Rule, if adopted as proposed, would:
Repeal regulations relating to the Early Retiree Reinsurance Program;
Require health plans in state insurance markets to count drug rebates and price concessions retained by pharmacy benefit managers (PBMs) as administrative expenses. HHS predicts this change could generate $18.2 million more per year in medical loss ratio (MLR) rebate payments to consumers;.
Establish payment parameters and provisions related to the risk adjustment and risk adjustment data validation programs; cost-sharing parameters and cost-sharing reductions; and user fees for federally-facilitated Exchanges and State-based Exchanges on the Federal platform;
Modify requirements for “essential health benefits” to allow states greater flexibility and add an annual state reporting of state-required benefits that are in addition to essential health benefits (EHB) for which states are required to defray the costs;
Amend rules to give states with additional flexibility in the operation and establishment of Exchanges concerning cost-sharing for prescription drugs; excepted benefit health reimbursement arrangements offered by non-Federal governmental plan sponsors; the medical loss ratio program; Exchange eligibility and enrollment; exemptions from the requirement to maintain coverage; quality rating information display standards for Exchanges; and other related topics.
For a more detailed summary of the Proposed Rule, see here.
Employer and other health benefit plan sponsors, insurers, fiduciaries, administrators, heath care providers and other stakeholders desiring to comment on the Proposed Rule must submit their comments electronically no later than 5 p.m. Eastern today (March 2, 2020) by following the submit comments instructions here.
More Information
We hope this update is helpful. For more information about the this or other health or other employee benefits, human resources, or health care developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As a part of this work, she has continuously and extensively worked with domestic and international health plans, their sponsors, fiduciaries, administrators, and insurers; managed care and insurance organizations; hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EMR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, self-insured health and other employee benefit plans, their sponsors, fiduciaries, administrators and service providers, insurers and other payers, health industry advocacy and other service providers and groups and other health and managed care industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.
Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, ant kickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.
Author of leading works on HIPAA and a multitude of other health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation considering the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law constantly and often rapidly evolves, subsequent developments that could impact the currency and completeness of this discussion are likely. The author and Solutions Law Press, Inc. disclaim, and have no responsibility to provide any update or otherwise notify anyone of any fact or law specific nuance, change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Health plans and their health plan records providers and other business associates should review and update their existing policies and practices concerning providing and charging individuals for access to protected health information in response to modifications in the Department of Health & Human Service (“HHS”) Office of Civil Rights (“OCR”) rules implementing the Health Insurance Portability & Accountability Act (“HIPAA”) requirements regarding patient’s rights to access their protected health information (“PHI”) from health plans, health care providers, health care clearinghouses (“”Covered Entities”) and their business associates (“HIPAA entities”) to comply with a January 23, 2020 court order (the “Coix Order”) in Coix Health, LLC v. Azar, et al, No 18 –CV-0040 (D>D.C. January 23, 2020). Utilizing the flexibility resulting from the Coix Order could help reduce health plan costs of compliance with the HIPAA right of access rule by allowing the health plan and its records providers more freedom to determine the charges and format for delivering PHI in response to records requests received from other insurers, lawyers and other third parties.
Coix Order Invalidates Pieces of OCR HIPAA Rules On PHI Record Rules
The new flexibility is the result of the Coix Order entered by a Federal District Court in response to a lawsuit brought by Coix Health, LLC (“”Coix”). Coix brought the lawsuit challenging the “Patient Rate” restrictions on the amounts that HIPAA entities can charge for providing records containing PHI the “third party directive” requirements in the rules implementing HIPAA’s right of access requirements under 45 C.F.R. §164.524 as adopted by OCR as part of its final rule entitled “Modifications to the HIPAA Privacy, Security, and Enforcement Rules Under the Health Information Technology for Economic and Clinical Health Act, and the Genetic Information Nondiscrimination Act; Other Modifications to the HIPAA Rules.” (The “2013 Omnibus Rule”) on January 25, 2013. In particular, the 2013 Omnibus Rule includes a “Patient Rate” rule that limits the charges that Covered Entities can make for delivering PHI requested by patients and third parties to prevent patient access to PHI from being thwarted by excessive fees. As part of the Patient Rate rule, OCR restricted what Covered Entities and their records providers can charge to provide copies of protected health information. The Patient Rate rule restricts charges that can be imposed to provide protected health information, restricts the methods for calculating these charges and limits the type and amount of labor costs that can be included when calculating the Patient Rate. The Patient Rate rule in the 201 Omnibus Rule also requires that Covered Entities and their records companies provide the requested PHI directly to the patient or to a third party designed by the patient and in the format requested by the patient regardless of the format in which the Covered Entity or its medical provider maintains the PHI within its record.
When originally implemented, the medical records industry generally understood that the Patient Rate limitations applied only to requests for PHI made by the patient for use by the patient. Before 2016, however, Covered Entities and their medical records providers generally understood that this Patient Rate rule did not apply to or limit fees that Covered Entities or their medical records providers could charge commercial entities or other third parties like insurance companies and law firms to fill requests for PHI. That understanding changed, in 2016, however, when HHS issued guidance that stated that the Patient Rate applies even to requests to deliver PHI to third parties.
A specialized medical-records provider that contracts with healthcare suppliers nationwide to maintain, retrieve, and produce individuals’ PHI, Cox handles tens of millions of requests for records containing PHI annually including demands by healthcare providers for treatment purposes, patients asking for their own PHI, and third parties, such as life insurance companies and law firms, seeking a patient’s PHI for commercial or legal reasons. According to Cox, OCR’s interpretation of the Patient Rate rule as applicable to third party requests as well as direct patient requests cost it and other medical records companies millions of dollars in revenue. Accordingly, Coix filed the Coix Health, LLC v. Azar, et al lawsuit challenging OCR’s 2016 application of the Patient Rate to third party requests as violating the procedural and substantive protections of the Administrative Procedure Act (“APA”). In addition to this challenge to the scope of the Patient Rate, Coix also contested OCR pronouncements in the 2016 guidance document on (1) the types of labor costs that are recoverable under the Patient Rate; and (2) the three alternative methods identified for calculating the Patient Rate as violating the APA’s procedural and substantive provisions. Finally, Coix also challenged the requirement in the Patient Rate rule that records companies to send PHI to third parties regardless of the format in which the PHI is contained and in the format specified by the patient. According to Coix, Congress required only that certain types of electronic health records be delivered to third parties, not all records regardless of their format, as HHS’s regulations now command.
In its January 23, 2020 ruling on HHS’s motion to dismiss and the parties’ cross-motions for summary judgment, the D.C. District Court agreed with OCR that OCR’s rule requiring the use of one of three methods for calculating the Patient Rate was unreviewable as a final agency action and dismissed Coix’ challenge to that requirement. Concerning Coax’s other challenges, the Court sided with Coix. It ruled that:
OCR’s 2013 rule compelling delivery of PHI to third parties regardless of the records’ format is arbitrary and capricious insofar as it goes beyond the statutory requirements set by Congress;
OCR’s broadening of the Patient 3 Rate in 2016 is a legislative rule that the agency failed to subject to notice and comment in violation of the APA; and
OCR’s 2016 explanation concerning what labor costs can be recovered under the Patient Rate is an interpretative rule that OCR was not required to subject to notice and comment.
Accordingly, District Court in the Coix Order declares unlawful and vacates (1) the 2016 Patient Rate expansion and (2) the 2013 mandate broadening PHI delivery to third parties regardless of format within the individual right of access” set forth in the provisions of 45 C.F.R. §164.524 of the 2013 Omnibus Rule insofar as it expands the HITECH Act’s third-party directive beyond requests for a copy of an electronic health record with respect to protected health information of an individual in an electronic format.” Additionally, the federal court ordered that the fee limitation set forth at 45 C.F.R. § 164.524(c)(4) only apply to an individual’s request for access to their own records, and does not apply to an individual’s request to transmit records to a third party.
As a result of the Coix Order, Covered Entities and their medical records providers still must calculate the Patient Rate in accordance with one of the three allowed methodologies when providing a patient with records containing PHI in response to a patient request. However, Covered Entities and their medical records provider now may exercise greater flexibility when determining the format and charges when responding to requests from third parties other than the patient for records containing PHI. Before doing so, however, most Covered Entities and business associates will want to update their HIPAA policies and procedures to reflect the new practices consistent with the new HIPAA and other relevant requirements. Updating the policies first is important because the 2013 Omnibus Rule states Covered Entities violate HIPAA by failing to follow their own HIPAA privacy and security policies when those practices are more restrictive than those mandated by OCR’s 2013 Omnibus Rule. Consequently however, Covered Entities and their medical records companies desiring to exercise this newly available flexibility should revise their existing policies and procedures to authorize their exercise of this new flexibility consistent with the Coix Order and associated OCR guidance.
OCR Plans To Comply With Coix Order In Applying Patient Record Rule
In an “Important Notice Regarding Individuals’ Right of Access to Health Records” released January 28, 2020, OCR announced that that it will comply with the Coix Order vacating the “third-party directive” within the individual right of access “insofar as it expands the HITECH Act’s third-party directive beyond requests for a copy of an electronic health record with respect to [protected health information] of an individual . . . in an electronic format.” Additionally, OCR stated that the fee limitation set forth at 45 C.F.R. § 164.524(c)(4) will apply only to an individual’s request for access to their own records, and not apply to an individual’s request to transmit records to a third party. However, OCR also added that the right of individuals to access their own records and the fee limitations that apply when exercising this right are undisturbed and remain in effect. OCR will continue to enforce the right of access provisions in 45 C.F.R. § 164.524 that are not restricted by the court order.
More Information
We hope this update is helpful. For more information about the Coix Order or other health or other employee benefits, human resources, or health care developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As a part of this work, she has continuously and extensively worked with domestic and international health plans, their sponsors, fiduciaries, administrators, and insurers; managed care and insurance organizations; hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EMR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, self-insured health and other employee benefit plans, their sponsors, fiduciaries, administrators and service providers, insurers and other payers, health industry advocacy and other service providers and groups and other health and managed care industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.
Ms. Stamer is most widely recognized for her decades of pragmatic, leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, ant kickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.
Author of leading works on HIPAA and a multitude of other health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation considering the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law constantly and often rapidly evolves, subsequent developments that could impact the currency and completeness of this discussion are likely. The author and Solutions Law Press, Inc. disclaim, and have no responsibility to provide any update or otherwise notify anyone of any fact or law specific nuance, change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
The $65,000 payment and corrective action plan commitments West Georgia Ambulance, Inc. (“West Georgia”) is making to settle Department of Health & Human Services Office for Civil Rights (“OCR”) charges it recurrently violated the Health Insurance Portability and Accountability Act (“HIPAA”) Security Rule and other 2019 HIPAA enforcement sends a clear warning to other HIPAA-covered health plans, health care providers, health care clearighouses and their business associates (“covered entities”) to maintain and be prepared to defend their own HIPAA compliance.
The Western Georgia Resolution Agreement and Corrective Action Plan(“Resolution Agreement”) OCR announced on December 30, 2019 resolves charges resulting from an OCR investigation initiated in response to a HIPAA breach report the Georgia based ambulance company filed in 2013 in which the company, which provides emergency and non-emergency ambulance services in Carroll County, Georgia, disclosed the loss of an unencrypted laptop containing the protected health information (PHI) of 500 individuals. The breach occurred when an unencrypted laptop fell off the back bumper of an ambulance. The laptop was not recovered. West Georgia reported that exactly 500 individuals were affected by the breach.
In the course of its investigation of the breach report, OCR’s investigation uncovered long-standing noncompliance with the HIPAA Rules, including failures to conduct a risk analysis, provide a security awareness and training program, and implement HIPAA Security Rule policies and procedures. Specifically, the Resolution Agreement states that West Georgia:
Did not conduct an accurate and thorough risk analysis of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of all of its ePHI. See 45 C.F.R. § 164.308(a)(1)(ii)(A);
Failed to have a HIPAA security training program, and failed to provide security training to its employees. See 45 C.F.R. § 164.308(a)(5);
Failed to implement Security Rule policies or procedures. See 45 C.F.R. § 164.316; and
Despite OCR’s investigation and technical assistance, “did not take meaningful steps to address their systemic failures.”
To resolve its exposure to the substantially higher civil monetary penalties that OCR could impose for violations of this nature, West Georgia agreed to pay a $65,000 resolution payment to OCR and implement and comply with a corrective action plan that in addition to requiring West Georgia to correct the compliance deficiencies, also subjects West Georgia to two years of OCR monitoring and oversight.
The Resolution Agreement and corrective action plan carry a number of important messages for other health care providers and other Covered Entities. First, the OCR enforcement action against West Georgia coming at the end of yet another heavy HIPAA enforcement year by OCR reminds Covered Entities that OCR is serious about HIPAA enforcement on the heels of its 2018 HIPAA record setting collection of $28.7 million in civil monetary penalties and resolution payments including the single largest individual HIPAA settlement in history of $16 million with Anthem, Inc. SeeOCR Concludes 2018 with All-Time Record Year for HIPAA Enforcement. While not topping this record, OCR during 2019 now has collected civil monetary penalties and resolution payments totaling more than $15 million from HIPAA Covered Entities and their business associates including:
Second, the Resolution Agreement and various other smaller settlements during the year show HIPAA compliance and enforcement is a concern for smaller provideres and other covered entities, not juswt the huge ones. While the $65,000 settlement payment required by the Resolution Agreement is substantially smaller than the amounts of the civil monetary penalties and many of resolution payments OCR collected in its other 2019 enforcement actions, the West Georgia and other 2019 enforcement actions demonstrate the teeth behind the warning in the OCR Press Release announcing the West Georgia Resolution Agreement from OCR Director Roger Severino that“All providers, large and small, need to take their HIPAA obligations seriously.” With OCR promises to keep up its vigorous investigation and enforcement of the HIPAA requirements, every Covered Entity and business associate should take the necessary steps to verify and maintain their HIPAA compliance and to be prepared to defend their compliance under the Privacy, Security, Breach Notification and HIPAA access and other individual rights mandates of HIPAA.
Third, OCR’s statement in the Resolution Agreement about the failure by West Georgia to meaningfully act to correct compliance deficiencies and cooperate in other corrective action during the period following the breach report highlights the importance for covered entities involved in a breach or other dealings with OCR on a potential compliance concern to behave appropriately to express and exhibit the necessary concern OCR expects regarding the compliance issue to position themselves to request and receive the clemency OCR is empowered under HIPAA to extend when deciding the sanctions for any noncompliance.
Of course meeting the requirements of HIPAA is not the only concern that covered entities should consider as they review and tightened their HIPAA and other privacy and data security procedures. Health care providers and other covered entities also should keep in mind their other obligations to protect patient and other confidential information under other federal laws, the requirements of which also are ever-evolving. For instance, on January 1, 2020 Texas providers like other Texas businesses will become subject to a shortened deadline for providing notice of data breaches under a new law enacted by the Texas Legislature in its last session. Arrangements should be designed to fulfill all of these requirements as well as any ethical or contractual.
Covered entities also should keep in mind that violations of HIPAA can have implications well beyond HIPAA.ramifications beyond HIPAA itself. For instance, heath care providers can face disqualification from federal program participation, licensing and ethics discipline and other professional consequences. Health plans and their fiduciaries also may face Department of Labor and other fiduciary claims, while insurers can face licensing and other regulatory consequences. The Labor Department followed up on previous warnings that health plan fiduciaries duties include a fiduciary duty to protect health plan data by adding HIPAA compliance to certain health plan audits. Insurers, third of art administrators and others also can face duties and liabilities under state insurance and data privacy laws from regulator or private litigant actions.
For More Information
We hope this update is helpful. For more information about this or other labor and employment developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at(214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
Scribe for the ABA JCEB Annual Agency Meeting with the Department of Health & Human Services Office of Civil Rights, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer has extensive legal, operational, and public policy experience advising and representing health care, health care and other entities about HIPAA and other privacy, data security, confidentiality and other matters.
Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services, public and private primary, secondary, and other educational institutions, and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As a part of this work, she has recurrently worked extensively with public school districts and public and private primary and secondary schools, colleges and universities, academic medical, and other educational institutions, insured and self-insured health plans; domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EMR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, employers; and federal and state legislative, regulatory, investigatory and enforcement bodies and agencies on health care, education, and other data privacy, security, use, protection and disclosure; disability and other educational rights; workforce, and a host of other risk management and compliance concerns.
Ms. Stamer is most widely recognized for her decades-long leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, ant kickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.
Author of leading works on HIPAA and a multitude of other health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at(214) 452-8297or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc. disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
Circular 230 Compliance.The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
The $1.6 million civil monetary penalty (“CMP”) assessed against the Texas Health and Human Services Commission (“TX HHSC”) for violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy and Security Rules between 2013 and 2017 committed by a predecessor agency, the Department of Aging and Disability Services (“DADS”) illustrates the critical need for health plans and insurers and all other HIPAA covered entities and business associates to confirm the adequacy of their enterprise wide security assessment, oversight, and other HIPAA Privacy and Security compliance and risk management including documentation of the reassessment and updating of these materials and assessments in connection with any update or change in software, systems or other system and security relevant developments.
OCR imposed the CMPs against TX HHSC for violations of HIPAA OCR found DADS committed from 2015 to 2017, before it was reorganized into TX HHSC in September 2017. Like most other large HIPAA CMPs and settlements paid to avoid CMPs, a review of the TX HSSC CMP events makes clear that the large penalty resulted mostly because of inadequate assessment and oversight of security, rather than the actual breach itself that prompted the investigation leading to the CMP assessment. Beyond the substantial HIPAA CMPs assessed, health plans, insurers, their fiduciaries and administrative or other service providers serving as business associates need to keep in mind their likely exposure to liability and expenses from fiduciary responsibility breaches under the Employee Retirement Income Security Act of 1974, state insurance and other data security and breach requireents, contracts and other pbligations.
Before its merger into TX HHSC, DADS was the Texas agency primarily responsible for providing and administering the state’s long-term care services for aging and intellectually and physically disabled people. TX HHSC now administers and provides the services previously provided by DADS as part of its broader operation of state supported living centers; provision of mental health and substance use services; regulation of child care and nursing facilities; and administration of hundreds of other programs for people needing supplemental nutrition benefits, Medicaid and certain other assistance including those previously provided by DADS.
DADS Breaches & Violations
The $1.6 million CMPs assessment against TX HHSC resulted after OCR investigated a 2015 breach report made by DADS. On June 11, 2015, DADS submitted a Breach Notification Report (“Report”) notifying OCR that on April 21, 2015 names, addresses, social security numbers, treatment information and other electronic protected health information (“ePHI”) of 6,617 individuals was viewable over the internet when a software coding flaw allowed prohibited access to ePHI with access credentials when DADS moved an internal application from a private, secure server to a public server. OCR’s investigation determined that, in addition to that impermissible disclosure, DADS violated the HIPAA Security Rule by failing to conduct an enterprise-wide risk analysis and implement access and audit controls on Community Living Assistance and Support Services and Deaf Blind with Multiple Disabilities (“CLASS/DBMD”) program information systems and applications intended to collect and report information about “Utilization Management and Review” activities to the Centers for Medicare & Medicaid Services (“CMS”) for the CLASS/DBMD waiver programs.. The CMS waiver programs required DADS to collect and report to CMS applicant and enrollee community and institutional service choice, Level of Care, Plan of Care, waiver provider choice and other waiver program performance data for CLASS and DBMD as part of a required evidentiary report on all §1915(c) waiver programs. The CLASS/DBMD application glitch compromised the ePHI by allowing an undetermined number of unauthorized users to view the ePHI without verifying user credentials. TX HHSC learned of the breach from an unauthorized user who accessed ePHI in the application without being required to input user credentials. Because of inadequate audit controls, DADS was unable to determine how many unauthorized persons accessed individuals’ ePHI.
OCR initiated a compliance review of DADS on June 23, 2015 in response to the breach notification. As HIPAA Security Rule at 45 C.F.R. ·§ 164.312(a)(l) requires a covered entity to implement technical policies and procedures for electronic information systems that maintain ePHI to allow access only to those persons or software programs properly granted access rights under HIPAA Security Rule § 164.308(a)(4), OCR found that by placing the CLASS/DBMD application on their public server without requiring users to provide access credentials, TX HHSC violated HIPAA by failing to implement access controls on all of its systems and applications throughout its enterprise in violation of 45 C.F.R. § 164.312(a)(l).
The HIPAA Security Rule at 45 C.F.R. § 164.312(b) requires a covered entity to implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use ePHI. In the course of its investigation, OCR requested in its June 23, 2015 Data Request that DADS provide a copy of its current HIPAA administrative and technical policies and procedures. As DADS provided no evidence that the application was capable of auditing user access after it was moved to the unsecure public server as required by 45 C.F.R. § 164.312(b) with its response, OCR also concluded from its investigation that TX HHSC failed to implement audit controls to all of its systems and applications, like the application involved in the breach, as required by 45 C.F.R. § 164.312(b).
Beyond these violations, OCR also found that DADS also violated the HIPAA Security Rule by failing to conduct the required accurate and thorough enterprise wised risk analysis required by the HIPAA Security Rule. In this respect, the HIPAA Security Rule at 45 C.F.R. § 164.308(a)(1)(ii)(A) requires a covered entity to conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of ePHI it holds. In its August 31, 2015 response to OCR’s Data Request dated July 23, 2015, DADS acknowledged that, while it had performed ”risk assessment activities” on individual applications and servers, it never performed an “agency-wide” security risk analysis. On July 28, 2017, OCR received the documentation that DADS represented to be the documentation of its risk analysis. After reviewing this evidence, OCR additionally found DADS violated the HIPAA Security Rule by failing to conduct an enterprise-wide risk analysis and implement access and audit controls.
Calculation & Assessment CMPs Totaling $1.6 Million
On May 23, 2018, OCR issued a Letter of Opportunity and informed TX HHSC that OCR’s investigation indicated that TX HHSC failed to comply with the Privacy and Security Rules, which remained unresolved despite OCR’s attempts to do so. The letter stated that pursuant to 45 C.F.R. § 160.312(a)(3), OCR was informing TX HHSC of the preliminary indications of non-compliance and providing TX HHSC with an opportunity to submit written evidence of mitigating factors under 45 C.F.R. § 160.408 or affirmative defenses under 45 C.F.R. § 160.410 for OCR’s consideration in making a CMP determination under 45 C.F.R. § 160.404. The letter identified each area of noncompliance. It also stated that TX HHSC also could submit written evidence to support a waiver of a CMP for the indicated areas of non-compliance.
Although the designated representative for TX HHSC as DADS successor received the Letter of Opportunity on May 24, 2018, . TX HHSC did not provide any written evidence of mitigating factors under 45 C.F.R. § 160.408 or affirmative defenses under 4S C.F.R. § 160.410 for OCR’s consideration in making the CMP determination or submit any written evidence to support a waiver of a CMP for the indicated areas of non-compliance. Accordingly, after securing the requisite approval from the Justice Department, OCR issued a Notice of Proposed Determination of Civil Monetary Penalties (“Proposed CMP”) on July 29, 2019.
As explained by the Proposed CMP, as amended by the HITECH Act, Section 13410, 42 U.S.C. § 1320d-5(a)(3), HIPAA authorizes OCR as the designated representative of the Secretary of HHS to impose CMPs against a covered entity for post-February 18, 2009 HIPAA Privacy or Security Rule violations. These current CMP provisions provide the following rules for the assessment of CMPs for such violations:
A minimum of$100 for each violation where the covered entity or business associate did not know and, by exercising reasonable diligence, would not have known that the covered entity or business associate violated such provision, except that the total amount imposed on the covered entity or business associate for all violations of an identical requirement or prohibition during a calendar year may not exceed $25,000.
A minimum of$1,000 for each violation due to reasonable cause and not to willful neglect, except that the total amount imposed on the covered entity or business associate for all violations of an identical requirement or prohibition during a calendar year may not exceed $100,000. Reasonable cause means an act or omission in which a covered. entity or business associate knew, or by exercising reasonable diligence would have known, that the act or omission violated an administrative simplification provision, but in which the covered entity or business associate did not act with willful neglect.
A minimum of $10,000 for each violation due to willful neglect and corrected within 30 days, except that the total amount imposed on the covered entity or business associate for all violations of an identical requirement or prohibition during a calendar year may not exceed $250,000.
A minimum of$50,000 for each violation due to willful neglect and uncorrected within 30 days, except that the total amount imposed on the covered entity or business associate for all violations of an identical requirement or prohibition during a calendar year may not exceed $1,500,000.
By law, OCR adjusts the CMP ranges and calendar year cap for each penalty tier for inflation. The adjusted amounts are applicable only to CMPs whose violations occurred after November 2, 2015.
The Proposed CMP included notice of the CMPs OCR intended to impose CMPs totaling $1.6 million for the violations. Characterizing each of the violations as due to reasonable cause and not willful neglect, the Proposed CMP Notice made note that OCR was authorized by statute to assess penalties of up to $50,000 per day for each day of the identified violations due for reasonable cause, rather than willful neglect, but authorized OCR to adjust the penalties in light of aggravating and mitigating factors. The Proposed CMP stated that in arriving at the lesser daily penalty amount, OCR considered as mitigating factors that:
The violations did not result in any known physical, financial, or reputational harm to any individuals nor did it hinder any individual’s ability to obtain health care; and
TX HHSC immediately removed the application once it received a report that unauthorized users could access the ePHI of individual beneficiaries.
However, OCR also took note that it viewed DADS failure to act promptly to remediate the breach and to keep a commitment made to OCR in August, 2015 timely to conduct and complete the agency wide risk analysis by August 31, 2016 as an aggravating factor. Considering these factors, the Proposed CMP notified TX HHSC that OCR intended to assess a daily penalty amount of$1,000 per day ($1,141 after November 2, 2015) per violation capped at $100,000 per calendar year per violation. Applying these amounts, the CMP notified TX HHSC that OCR intended to impose CMPs totaling $1.6 million, as follows:
Impermissible disclosures in violation of 45 C.F.R. § 164.502(a), a $100,000 CMP
Inadequate access controls in violation of 45 C.F .R. § 164.312(a)(l), a $500,000 CMP
Inadequate audit controls in violation of 45 C.F.R. § 164.312(b), a $500,000 CMP
Failure to perform required enterprise wide risk analysis in violation of 45 C.F.R. § 164.308(a)(l)(ii)(a), a $500,000.
After TX HHSC , as successor to DADS, did not file a request for hearing before an administrative law judge within the 90 days, OCR imposed the $1.6 million CMP in dated October 25, 2019 made public on November 7, 2019.
Lessons For Other Health Plans, Insurers & Other HIPAA Exposed Entities
The latest in a growing series of multimillion dollar CMPs and Resolution Payments assessed and collected by OCR, the TX HHSC CMP illustrates the critical necessity for all covered entities and business both to take appropriate, well-documented action to prevent, timely discover and redress, and report ePHI breaches and otherwise comply with the otherwise applicable requirements of the HIPAA Privacy, Security and Breach Notification Rules including the conduct and continuous maintenance of appropriate enterprise wide security assessments, audits, and oversight. With OCR promising to continue its enforcement, all covered entities and business associates should verify the existence and adequacy of their existing enterprise wide risk assessments and safeguards and procedures for monitoring, investigating potential security risks and other breaches and other HIPAA compliance oversight. Beyond these compliance efforts, the TX HHSC and other CMP actions also drive home the strong advisability for covered entities or business associates that experience a known or potential breach or other violation promptly to investigate and mitigate potential breaches and other violations.
Beyond the direct HIPAA exposure, health plans and their fiduciaries also need to keep in mind that these violations also can create fiduciary liability risks for ERISA fiduciaries, state insurance and identity theft exposures for brokers and other service providers, contractual exposures for vendors, and other risks. The Department of Labor recently has begun making inquiries about data security and privacy as part of its plan audits according to recent reports.
When managing HIPAA and other compliance and risks, health plans and other covered entities and business associates should seek assistance in conducting their assessments as well as responding to any preexisting and emergent breach or other compliance concerns within the scope of attorney-client privilege from qualified legal counsel with the necessary knowledge and experience of HIPAA and other federal and state laws, regulations and administrative and judicial decisions that define and shape their exposure. In the event of a breach or other compliance concern, timely guidance and representation by legal counsel with both experience of these requirements and with dealing with OCR and other agencies may help mitigate exposures by expediting timely and appropriate response.
For More Information
We hope this update is helpful. For more information about this or other labor and employment developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and the ABA RPTE Employee Benefits & Other Compensation GroupMs. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As a part of this work, she has continuously and extensively worked with domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; EMR, claims, payroll and other technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, self-insured health and other employee benefit plans, their sponsors, fiduciaries, administrators and service providers, insurers and other payers, health industry advocacy and other service providers and groups and other health and managed care industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.
Ms. Stamer is most widely recognized for her decades-long leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.
Author of leading works on HIPAA and a multitude of other health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here such as:
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc. disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Ten former National Football League (NFL) players face prosecution for their alleged roles in a nationwide health care fraud scam that Justice Department prosecutors allegedly defrauded the Gene Upshaw NFL Player Health Reimbursement Account Plan (the “Plan)” by submitting more than $3.9 million in false and fraudulent claims between June 2017 and December 2018.
According to the charges brought in two separated indictments filed December 12, 2019 in the Eastern District of Kentucky, the charged players participated in a nationwide conspiracy that resulted in the submission of more than $3.9 million in false claims to the Plan, for which the Plan paid out over $3.4 million between June 2017 and December 2018. See Buckhalter and Rogers Indictment; McCune et al Indictment. The Plan established pursuant to the 2006 collective bargaining agreement between the NFL and payers provides a health care reimbursement account to reimburse up to a maximum of $350,000 per player of out-of-pocket medical care expenses a former player, his wife or dependents incurs not covered by insurance.
The indictments charge that the scheme to defraud involved the submission of false and fraudulent claims to the Plan for expensive medical equipment – typically between $40,000 and $50,000 for each claim never purchased or received. The expensive medical equipment described on the false and fraudulent claims included hyperbaric oxygen chambers, cryotherapy machines, ultrasound machines designed for use by a doctor’s office to conduct women’s health examinations and electromagnetic therapy devices designed for use on horses. The indictments reflect that no health care providers participated in the scheme. Rather the players submitted these allegedly false charges without any health care provider participation.
Charged in the two separated indictments include the following former NFL players including five former Washington Redskins. Those charged and the charges brought include the following:
Charges of one count of conspiracy to commit wire fraud and health care fraud, nine counts of wire fraud and nine counts of health care fraud brought against former NFL linebacker Robert McCune, McCune’s career included stints with the Washington Redskins, Miami Dolphins, Baltimore Ravens and Cleveland Browns between 2005 and 2009;
Charges of one count of conspiracy to commit wire fraud and health care fraud, two counts of wire fraud and two counts of health care fraud made against:
Former Washington Redskins cornerback John Eubanks who was draft but only played as a practice squad player with the Washington Redskins in 2006-2017 season before going on to play in the Canadian Football League between 2009 and 20011;
Tamarick Vanover, a former NFL wide receiver the Kanas City Chiefs, San Diego Chargers and Las Vegas Posse who was the Atlantic Coast Conference Rookie of the Year while playing for Florida State in 1992; and
Carlos Rogers, a former NFL cornerback drafted by the Washington Redskins, who also played for the San Francisco 49ers and Oakland Raiders;
Charges of one count of conspiracy to commit wire fraud and health care fraud, one count of wire fraud and one count of health care fraud against:
Clinton Portis, a former NFL running back best known for his years as a starting running back for the Washington Redskins, for seven seasons, who also played with the Denver Broncos during his 10 year NFL career;
Ceandris “C.C.” Brown, a former safety drafted by the Houston Texans in 2005 who after three seasons with Houston was signed by the New York Giants, Detroit Lions and Jacksonville Jaguars;;
James Butler, a former NFL safety for the New York Giants from 2005-2008 Seasons and with the St. Louis Rams from 2009-2012; and
Fredrick Bennett, a grid iron defensive back drafted by the Houston Texans in 2007 before being traded to the San Diego Chargers in 2010, the Cincinnati Bengals in 2010, and the Arizona Cardinals in 2011 before going on to play in the Canadian Football League from 2012 to 2016. Bennett is currently a NFL free agent; and
Charges of one count of conspiracy to commit wire fraud and health care fraud against:
Correll Buckhalter, a former NFL running back who played with the Philadelphia Eagles from 2001 to 2008 and the Denver Broncos from 2009 to 2010;
Etric Pruitt, a former NFL special teams and safety who after having little playing time for most of his NFL career played a major role in Super Bowl XII while signed to the Seattle Seahawks. In addition to his Seahawks stink in 2005, Pruitt also was signed with the Atlanta Falcons and Detroit Lions during his NFL career.
In addition to the charges brought Thursday, the Justice Department also has filed notice that it intends to file criminal charges alleging conspiracy to commit health care fraud in the Eastern District of Kentucky against the following individuals:
Joseph “Joe” Horn, a former NFL wide receiver who played with the Kansas City Chiefs, New Orleans Saints, and Atlanta Falcons between 1996 and 2007. Horn made the Pro Bowl team four times and is a member of the New Orleans Saints Hall of Fame. In 2001, Horn made headlines when he and 11 other former NFL plays sued the NFL alleging it failed to properly diagnose and treat head injuries that led to changes in the NFL policies regarding diagnosis and treatment of players for potential brain injuries and the establishment of a traumatic brain injury fund; ;and
Donald “Reche” Caldwell a former NFL wide receiver who during his six seasons in the NFL played with the Sand Diego Chargers, New England Patriots, Washington Redskins and St. Louis Rams.
According to allegations in the indictments, McCune, Eubanks, Vanover, Buckhalter, Rogers and others recruited other players into the scheme by offering to submit or cause the submission of these false and fraudulent claims in exchange for kickbacks and bribes that ranged from a few thousand dollars to $10,000 or more per claim submitted. As part of the scheme, the defendants allegedly fabricated supporting documentation for the claims, including invoices, prescriptions and letters of medical necessity. After the claims were submitted, McCune and Buckhalter allegedly called the telephone number provided by the Plan and impersonated certain other players in order to check on the status of the false and fraudulent claims.
The indictments reflect the Justice Department’s continuing commitment to investigate and prosecute health care fraud, including fraudulent dealings by plan members and others.of private employeer or union sponsored health plans. If convicted, the defendants could face significant prison sentences and probation and fines.
The Justice Department press release concerning the indictments quotes U.S. Attorney for the Eastern District of Kentucky Robert M. Duncan Jr.,the Justice Department has “prioritized the investigation and prosecution of health care fraud in our office.” Meanwhile, FBI Special Agent in Charge of the Miami Field Office George L. Piro is quoted as stating that “This investigation serves as an illustration of the rampant and deliberate scams against health care plans occurring daily throughout the country…” in this case, these fraudsters pocketed money from the Gene Upshaw National Football League Health Reimbursement Account Plan that was intended for former NFL players who are ill or infirm. Over 20 FBI field offices participated in this investigation which demonstrates the level of commitment we have to rooting out this type of fraud.”
In addition to the additional costs that employers can incur to fund health plan liabilities, taking prudent steps to detect, prevent and redress fraudulent health plan claims is considered part of the fiduciary duies of heatlh plan fiduciaries under the Employee Retirement Income Security Act. Fiduciaries found to have failed to take such prudent actions risk personal liability fo rplan losses resulting from fraud committed against their health plans.
The NFL player indictments show taht prosecutions Alone or coupled with the hundreds of other fraud investigations and prosecuations that the Department of Justice and other federal and state agencies pursue each year, send a strong message that the Justice Department and other fedederal agencies stand ready to investigate nad prosecute health care fraud against private employer or union sponsored health plans, as well as fraud against Medicare, Mdicaid and other government programs.
More Information
We hope this update is helpful. For more information about this or other labor and employment developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Solutions Law Press, Inc. invites you receive future updates and join discussions about these and other human resources, health and other employee benefit and patient empowerment concerns by participating and contributing to the discussions in our Solutions Law Press Health Care Risk Management & Operations Group and registering for updates on our Solutions Law Press Website.
About the Author
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
A Fellow in the American College of Employee Benefit Counsel, as a primary focus of this work, Ms. Stamer has worked extensively with employer and union sponsored health and other employee benefit plans, insurers, third party administrators, plan fiduciaries and other health and other insured and self insured welfare plan, severance plans, defined contribution and other savings plans, defined benefit and other pension plans, incentive pay and deferred compensation programs and other employee benefit industry clients, employers and other plan sponsors, domestic and international health care providers, and as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.
Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, the ABA RPTE Employee Benefits & Other Compensation Group and its Welfare Benefits, Fiduciary Responsibiity and other Commitees, Ms. Stamer is noted for her decades-long leading edge work, scholarship and thought leadership on health,care, managed care and insurance, employee benefits, human resources and other workforce and related compliance and internal controls, policy and regulatory affairs, design and operations, and defense including 30 plus years experience working with clients on ERISA, insurance, STARK, antikickback, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Department of Justice, Department of Labor, Department of Health and Human Services, Department of Insurane, Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.
Author of a multitude of highly regarded publications and programs on health and managed care fraud,and other health care, health plan and other health benefit, health care, employee benefits and other related matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc. disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Total U.S. national healthcare spending in 2018 grew 4.6 percent according to a study conducted by the Office of the Actuary at the Centers for Medicare & Medicaid Services (CMS). CMS reports this growth rate was slower than the 5.4 percent overall economic growth as measured by Gross Domestic Product (GDP). Consequently, the share of the economy devoted to health spending decreasedfrom 17.9percent in 2017 to 17.7 percent in 2018.
Growth in overall healthcare spending has averaged 4.5 percent for 2016-2018, slower than the 5.5 percent average growth for 2014-2015, that was affected by expanded Medicaid and private insurance coverage and increased spending for prescription drugs, particularly for drugs used to treat hepatitis C.
The growth in total national healthcare expenditures was approximately 0.4 percentage point higher than the rate in 2017 and reached $3.6 trillion in 2018, or $11,172 per person.
According to the report, private health insurance, Medicare, and Medicaid experienced faster growth in 2018. The faster growth for these payers was influenced by the reinstatement of the health insurance tax which was applied to private health insurance, Medicare Advantage, and Medicaid Managed care plans. The health insurance tax was a fee imposed on all health insurance providers beginning in 2014 as a part of the funding for the Affordable Care Act (ACA) and was subsequently amended to institute a one-year moratorium on the fee for 2017.
Private health insurance spending(34 percent of total health care spending) increased 5.8 percent to $1.2 trillion in 2018, which was faster than the 4.9 percent growth in 2017. The acceleration was driven in part by an increase in the net cost of private health insurance, which was a result of the reinstatement of the health insurance tax in 2018 following a one-year moratorium in 2017.
Medicare spending(21 percent of total health care spending) grew 6.4 percent to $750.2 billion in 2018, which was faster than the 4.2 percent growth in 2017. The faster growth in Medicare spending in 2018 was influenced by faster growth in the net cost of insurance of Medicare private health plans (mostly Medicare Advantage plans) due to the reinstatement of the health insurance tax in 2018, faster growth in Medicare spending for medical goods and services, and an increase in government administration spending after a reduction in 2017.
Medicaid spending(16 percent of total health care spending) increased 3.0 percent to $597.4 billion in 2018. This was faster than the rate of growth in 2017 of 2.6 percent. The faster rate of growth in 2018 was driven by faster growth in the net cost of insurance for Medicaid managed care plans, also due in part to the reinstatement of the health insurance tax.
Out-of-pocket spending(10 percent of total health care spending) includes direct consumer payments such as copayments, deductibles, and spending not covered by insurance. Out-of-pocket spending grew 2.8 percent to $375.6 billion in 2018, which was faster than the 2.2 percent growth in 2017. Faster out-of-pocket spending growth for retail prescription drugs, durable medical equipment, and dental services more than offset a slowdown in out-of-pocket spending for hospital care.
Health care spending growth was mixed in 2018 for the three largest goods and service categories – hospital care, physician and clinical services, and retail prescription drugs.
Hospital spending(33 percent of total healthcare spending) increased at about the same rate in 2018 as in 2017, growing 4.5 percent and 4.7 percent, respectively, to reach $1.2 trillion in 2018. The steady growth in 2018 was driven by an acceleration in hospital price growth that was offset by slower growth in the use and intensity of hospital services.
Physician and clinical services spending(20 percent of total healthcare spending) increased 4.1 percent to reach $725.6 billion in 2018. This was slower than the rate of growth in 2017 of 4.7 percent. The deceleration in 2018 was driven by slower growth in the use and intensity of physician and clinical services, as physician and clinical price growth accelerated in 2018.
Retail prescription drug spending(9 percent of total healthcare spending) grew 2.5 percent in 2018 to $335.0 billion following slower growth of 1.4 percent in 2017. This faster rate of growth was driven by non-price factors, such as the use and mix of drugs consumed, which more than offset a decline of 1.0 percent in prices for retail prescription drugs.
Additional highlights from the report include:
Sponsors of Healthcare.In 2018, the federal government’s spending on health care increased 5.6 percent, accelerating from growth of 2.8 percent in 2017, and was driven by faster growth in the federally-funded portions of Medicare and Medicaid expenditures. Private businesses’ health care spending increased 6.2 percent in 2018 due primarily to faster growth in employer-sponsored private health insurance premiums. The federal government and households accounted for the largest shares of spending (28 percent each), followed by private businesses (20 percent), state and local governments (17 percent), and other private revenues (7 percent).
The National Health Expenditure estimates have been revised to reflect the most recent and up-to-date source data that is available (and may not have been available for last year’s vintage of the National Health Expenditure Accounts).
The 2018 National Health Expenditures data and supporting information will appear here.
For More Information
We hope this update is helpful. For more information about this or other labor and employment developments, please contact the author Cynthia Marcotte Stamervia e-mailor via telephone at(214) 452 -8297.
Solutions Law Press, Inc. invites you receive future updates and join discussions about these and other human resources, health and other employee benefit and patient empowerment concerns by participating and contributing to the discussions in our LinkedIn Solutions Law Groups and registering for updates on ourSolutions Law Press Website.
About the Author
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
As a primary focus of this work, Ms. Stamer has worked extensively with domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers, health industry advocacy and other service providers and groups and other health industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.
Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer is noted for her decades-long leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.
Author of leading works on HIPAA and a multitude of other health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her experience and involvements, see here or contact Ms. Stamer via telephone at(214) 452-8297or via e-mailhere.
About Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources availablehere.
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profilehere
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc. disclaim, and have no responsibility for the suitability, completeness, accuracy or other content or to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Slides from the presentations made at Office of the National Coordinator for Health Information Technology (ONC) September 6, 2019 symposium on Patient Matching for Prescription Drug Monitoring Programs (PDMPs) are now available on line. This one-day symposium brought together PDMP administrators, standards development groups, health IT developers, representatives from pharmacies, and a number of other stakeholders to discuss patient matching challenges and opportunities to support the interoperability of prescription data.Access that data here.
For More Information
We hope this update is helpful. For more information about this or other labor and employment developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.
Solutions Law Press, Inc. invites you receive future updates and join discussions about these and other human resources, health and other employee benefit and patient empowerment concerns by participating and contributing to the discussions in our LinkedIn Solutions Law Groups and registering for updates on our Solutions Law Press Website.
About the Author
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.
As a primary focus of this work, Ms. Stamer has worked extensively with domestic and international hospitals, health care systems, clinics, skilled nursing, long term care, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing, utilization management, management services organizations, group purchasing organizations; pharmaceutical, pharmacy, and prescription benefit management and organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers, health industry advocacy and other service providers and groups and other health industry clients as well as federal and state legislative, regulatory, investigatory and enforcement bodies and agencies.
Scribe for the ABA JCEB Annual Agency Meeting with OCR, Vice Chair of the ABA International Section Life Sciences Committee, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, the ABA RPTE Employee Benefits & Other Compensation Group, Ms. Stamer is noted for her decades-long leading edge work, scholarship and thought leadership on health and other privacy and data security and other health industry legal, public policy and operational concerns. This involvement encompasses helping health care systems and organizations, group and individual health care providers, health plans and insurers, health IT, life sciences and other health industry clients prevent, investigate, manage and resolve sexual assault, abuse, harassment and other organizational, provider and employee misconduct and other performance and behavior; manage Section 1557, Civil Rights Act and other discrimination and accommodation, and other regulatory, contractual and other compliance; vendors and suppliers; contracting and other terms of participation, medical billing, reimbursement, claims administration and coordination, Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA and other payers and other provider-payer relations, contracting, compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns. to establish, administer and defend workforce and staffing, quality, and other compliance, risk management and operational practices, policies and actions; comply with requirements; investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry actions: regulatory and public policy advocacy; training and discipline; enforcement; and other strategic and operational concerns.
Author of leading works on HIPAA and a multitude of other health care, health plan and other health industry matters, the American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.
IAbout Solutions Law Press, Inc.™
Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources available here.
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here
NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc. disclaim, and have no responsibility for the suitability, completeness, accuracy or other content or to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.
Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.
Posted by Cynthia Marcotte Stamer 
slphrbenefitsupdate.com 
You must be logged in to post a comment.